Privacy Policy for thebauhaussf.com
1. Introduction
At The Bauhaus SF (“we,” “our,” or “us”), accessible via thebauhaussf.com, we are committed to maintaining the highest standards of privacy and data protection. We understand that your personal data is important and personal, and we are dedicated to handling it with care, transparency, and in full compliance with applicable data protection regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal data when you interact with our website and services.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all data collected by us through thebauhaussf.com, including any related communications and third-party integrations where this policy is referenced. We act as the “data controller” for all personal data collected via our website and services, meaning we determine the purposes and means of processing. Where we process data on behalf of another entity, we do so as a “data processor” subject to applicable contractual terms.
3. Categories of Personal Data We Process
We may collect and process the following categories of personal data, either directly from you or automatically via your interaction with our website:
a. Usage Data:
Includes information such as IP address, browser type, operating system, geolocation data, referring URLs, time stamps, clickstream data, and page interaction details.
b. Account Data:
Consists of personally identifiable information you provide when creating an account or placing an order, including your full name, email address, mailing address, phone number, and login credentials.
c. Profile Data:
Information related to your preferences and behavior on the site, such as purchase history, wishlists, browsing activity, and demographic information (e.g., age group, gender if provided).
d. Communication Data:
Includes data provided when you contact us directly, such as via contact forms, emails to [email protected], customer support interactions, chat records, and user-submitted feedback.
e. Technical Data:
Includes device-specific information such as hardware model, device identifiers, screen resolution, browser settings, operating system configurations, and performance diagnostics.
f. Transaction Data:
Includes transactional and payment data, such as billing details, delivery address, payment method (tokenized by our payment processor), and order history.
g. Preference Data:
Covers your consents and preferences for marketing communications, personalization settings, notification selections, and information related to your subscription to newsletters and promotions.
4. Legal Bases for Processing
We process your personal data only where permitted by applicable law and under the following lawful bases:
– Consent: Where you have given clear and informed permission for us to process your data for a specific purpose (e.g., marketing communications).
– Performance of a Contract: Where processing is necessary to fulfill a contract with you or to take steps at your request before entering into such a contract.
– Legal Obligation: Where processing is necessary for compliance with a legal obligation to which we are subject.
– Legitimate Interests: Where processing is necessary for our legitimate interests (or those of a third party), provided your interests and fundamental rights do not override those interests. Examples include fraud prevention, website analytics, and improving our services.
5. Your Rights Under Data Protection Laws
Under GDPR and CCPA, you may exercise the following rights concerning your personal data:
– Right of Access: Request a copy of the personal data we hold about you.
– Right to Rectification: Request that we correct or update inaccurate or incomplete personal information.
– Right to Erasure: Request deletion of your personal data where there is no legal ground for retention.
– Right to Restriction: Request that we restrict processing of your data under certain conditions.
– Right to Data Portability: Obtain your data in a structured, commonly used, and machine-readable format, and request transmission to a third party where feasible.
– Right to Object: Withdraw consent or object to processing where based on legitimate interest or direct marketing.
– Right Not to Be Subject to Automated Decision-Making: You have the right not to be subject to automated decisions that produce legal or similarly significant effects.
To exercise any of the above rights, please email us at [email protected]. We may require verification of your identity before responding to your request.
6. Data Security Measures
We implement appropriate technical and organizational security measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access. These measures include:
– Data encryption during transit and storage.
– Secure access controls and authentication.
– Regular data backups with secure storage.
– Internal staff training on data protection.
– Pseudonymization and data minimization where applicable.
Despite our safeguards, no system is entirely immune to threats. We encourage you to use strong password practices and report any suspicious activity.
7. International Data Transfers
In certain circumstances, your data may be transferred to and processed in countries outside of the European Economic Area (EEA) or the United States. Where such international data transfers occur, we ensure that appropriate legal safeguards are in place, including the use of Standard Contractual Clauses adopted by the European Commission or reliance on adequacy decisions.
8. Data Retention Policy
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, and in accordance with the following schedule:
– Usage Data: Up to 12 months for analytical purposes.
– Account & Profile Data: Retained during account tenure and for up to 3 years following account closure.
– Communication Data: Up to 3 years after the last correspondence.
– Technical Data: Retained for up to 12 months for security and diagnostics.
– Transaction Data: Retained for a minimum of 5 years for legal and tax purposes.
– Preference Data: Stored until consent is withdrawn or data is otherwise updated.
After the respective retention periods, data is securely deleted or anonymized.
9. Cookie Policy
Our website uses cookies and similar technologies to enhance user experience and collect analytical data. Cookies may be categorized as follows:
– Essential Cookies: Necessary for the website to function properly (e.g., login, shopping cart).
– Functional Cookies: Allow customization based on user preferences.
– Performance Cookies: Collect anonymous data on user behavior (e.g., time spent on the site).
– Analytics Cookies: Help us understand how users interact with the website, facilitating improvements.
Third-party analytics services, such as Google Analytics, may set cookies in your browser in accordance with their respective privacy practices.
10. Cookie Management and Compliance
Upon your initial visit to thebauhaussf.com, you are presented with a cookie consent banner, allowing you to accept, reject, or manage your cookie preferences. You may update your cookie settings at any time by accessing our Cookie Preferences link available in the website footer. We honor “Do Not Track” signals and respond to CCPA opt-out mechanisms. You can also configure your browser settings to block or delete cookies.
11. Protection of Children’s Privacy
The Bauhaus SF does not knowingly collect, solicit, or process personal data from individuals under the age of 13. If you are a parent or guardian and believe your child has provided us with personal information on thebauhaussf.com, please contact us immediately at [email protected]. We will take prompt action to delete such data.
12. Updates to This Privacy Policy
We may revise this Privacy Policy from time to time in order to reflect changes in the law, our practices, or our services. Significant changes will be communicated on our website or via direct communication where appropriate. Continued use of our website after such updates constitutes acceptance of the revised policy.
13. Contact Us
For any inquiries, concerns, or requests related to this Privacy Policy or the handling of your data, please contact us at:
Email: [email protected]
Website: https://thebauhaussf.com
We are committed to data protection compliance and welcome your feedback and questions regarding your privacy rights or how your personal information is used.