PRIVACY POLICY
ScaryBubs (“we,” “our,” or “us”) is committed to protecting and respecting your privacy. This Privacy Policy outlines how we collect, use, store, and protect personal data when you visit our website (scarybubs.com), interact with our services, or contact us. Upholding the highest standards of data protection and privacy-by-design principles, we are dedicated to handling personal information with care, transparency, and accountability in compliance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable privacy laws.
1. SCOPE OF THIS POLICY AND CONTROLLER RESPONSIBILITY
This Privacy Policy applies to the information collected through your use of the website scarybubs.com, including any interactions via online forms, purchases, account registrations, or support inquiries. ScaryBubs is the data controller for purposes of the personal data collected and processed under this Policy, meaning we determine the purposes and means of processing such data. If you have any questions about our role or practices, please contact us at [email protected].
2. CATEGORIES OF PERSONAL DATA WE PROCESS
We collect and process the following categories of personal data depending on your interaction with our services:
a) Usage Data: This includes data about your interaction with our website such as your IP address, browser type, operating system, access times, page views, navigation paths, and other diagnostic data.
b) Account Data: When you register or make a purchase, we may collect your full name, email address, phone number, billing and shipping addresses, and authentication details.
c) Profile Data: Information you voluntarily submit as part of your user profile, including preferences, purchase history, behavioral data on-site, and wish list content.
d) Communication Data: When you contact us — whether via email, contact forms, or customer support chat — we retain records of communications, including any follow-up correspondence.
e) Technical Data: Device identifiers, mobile or desktop device type, browser plug-in types and versions, time zone setting, system configurations, and similar data that helps optimize user experience.
f) Transaction Data: This includes records of purchases or interactions involving financial transactions, such as order details, payment methods (limited to non-sensitive references), transaction timestamps, and delivery information.
g) Preference Data: Marketing communication preferences, areas of product interest, participation in promotions or surveys, and opt-in consent records.
3. LEGAL BASES FOR PROCESSING PERSONAL DATA
We rely on the following lawful bases to process your information:
– Consent: Where applicable, we process your data based on the consent you voluntarily provide (e.g., subscribing to marketing emails).
– Contract: Processing necessary to enter into or execute a contract with you, including the sale or delivery of products.
– Legal Obligation: Where processing is required to comply with legal or regulatory obligations.
– Legitimate Interests: We may process personal data for our legitimate interests, such as improving website functionality, maintaining security, preventing fraud, and analyzing metrics—provided your rights do not override these interests.
4. YOUR DATA PROTECTION RIGHTS
Under applicable privacy laws, including GDPR and CCPA, you have a suite of rights with respect to your personal data:
– Right of Access: You may request a copy of the personal data we hold about you.
– Right to Rectification: You have the right to request that incorrect or incomplete data be corrected.
– Right to Erasure: You may request deletion of your personal data under certain conditions (“right to be forgotten”).
– Right to Restriction: You have the right to request limitations on data processing where appropriate.
– Right to Portability: You may request to receive your data in a structured, commonly used, machine-readable format and have it transmitted to another controller, where technically feasible.
– Right to Object: You may object to our processing activities based on legitimate interests or direct marketing.
To exercise any of these rights, please contact us at [email protected]. We may need to verify your identity before fulfilling such requests.
5. SECURITY MEASURES
We employ appropriate technical and organizational measures to safeguard your personal data against unauthorized access, disclosure, alteration, or destruction. These include but are not limited to:
– HTTPS encryption across all website connections
– User authentication and role-based access to systems
– Frequent data backups and offsite disaster recovery protocols
– Regular staff training on data protection obligations and cybersecurity best practices
Despite these measures, no transmission via the internet is completely secure. Users are advised to adopt good personal data management practices when interacting with any website.
6. INTERNATIONAL DATA TRANSFERS
Your data may be processed or stored outside of your jurisdiction, including in countries that do not have data protection laws equivalent to those in the European Economic Area (EEA). In such cases, we ensure appropriate safeguards are in place, including reliance on the European Commission’s Standard Contractual Clauses or other legally recognized transfer mechanisms to ensure adequate protection of your personal data.
7. DATA RETENTION
We retain your personal data only as long as necessary for the purposes set out in this Policy and to comply with legal obligations, resolve disputes, and enforce our agreements. General retention timeframes include:
– Account Data: As long as the account remains active or until deletion requested.
– Transaction Data: Retained for a minimum of 7 years to comply with financial and tax regulations.
– User Support Communications: Up to 2 years following final correspondence.
– Marketing Consent Records: Indefinitely or until withdrawal of consent.
– Usage and Technical Data: Aggregated and anonymized versions may be retained indefinitely; identifiable data is retained for no longer than 12 months.
8. COOKIE POLICY
We use cookies and similar tracking technologies to provide essential site functionality and enhance the user experience. These fall into four main categories:
– Essential Cookies: Required for website navigation, secure login, and purchase processing.
– Functional Cookies: Allows the site to remember user choices and preferences.
– Analytics Cookies: Collect information about how users interact with our site (Google Analytics or similar tools), enabling performance optimization.
– Performance Cookies: Help evaluate the effectiveness of content and user interactions.
9. COOKIE MANAGEMENT AND COMPLIANCE WITH GDPR AND CCPA
Upon your first visit to scarybubs.com, you are prompted with a cookie consent banner. You have full control over cookie settings, including accepting or rejecting non-essential cookies. You may manage settings via the “Cookie Settings” link in the footer or modify them through your browser settings.
Under CCPA, California residents may opt-out of the sale of personal information as defined under the Act. We do not sell your personal data in the traditional sense. However, if applicable, mechanisms will be provided to exercise this right.
10. CHILDREN’S PRIVACY
Our services are not intended for or directed to children under the age of 13. We do not knowingly collect or process personal data from individuals under 13 years of age. If you are a parent or legal guardian and believe that your child has provided us with personal data without your consent, please contact us at [email protected] and we will take appropriate action.
11. POLICY UPDATES
This Privacy Policy may be updated from time to time to reflect changes in our practices, applicable laws, or technological advancements. All material changes will be communicated via prominent notices on scarybubs.com or by direct message, where appropriate. We encourage you to review this Policy periodically to remain informed.
12. CONTACTING US
For questions, concerns, or requests regarding your personal data or this Privacy Policy, please reach out to us at:
Email: [email protected]
POSTAL inquiries may be directed by email to request the appropriate address. We strive to respond to all inquiries within applicable legal timeframes.
At ScaryBubs, user trust is foundational to our mission. We take privacy seriously and are committed to full compliance with GDPR, CCPA, and other relevant data protection regulations. If you have any privacy concerns or need to exercise your rights, you are always welcome to contact us.