Privacy Policy
This Privacy Policy outlines how Farmhouse Movement (“we,” “us,” or “our”) collects, uses, discloses, and protects your personal data when you visit or interact with our website available at farmhousemovement.com or otherwise engage our services. We are committed to safeguarding your privacy and ensuring that your personal data is handled in accordance with applicable data protection legislation, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
1. Commitment to Privacy and Data Protection
Protecting your privacy is a fundamental part of our mission. We practice data minimization and ensure transparency in how and why we collect and process personal data. We use your data solely for specified, legitimate purposes and take robust measures to protect it from misuse and unauthorized disclosure.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all users of farmhousemovement.com and related services and communications. For the purposes of data protection law, Farmhouse Movement operates as the data controller with respect to your personal data. If you have any questions about this policy or need to exercise your rights, you may contact us at [email protected].
3. Categories of Data We Process
We only collect and process data necessary for our business operations and your experience on our website. The types of personal data we may collect include:
a. Usage Data: Information about how you use our website, including your IP address, browser type, operating system, pages visited, session duration, referring URLs, and time zone settings.
b. Account Data: Information provided when creating an account, such as your full name, email address, mailing address, and contact number.
c. Profile Data: Information about your preferences, purchase history, browsing behavior, reviews submitted, and other insights derived from your interactions with our platform.
d. Communication Data: Records of your communications with us, including support inquiries, contact form submissions, and customer service interactions.
e. Technical Data: Device identifiers, operating system version, device settings and configurations, and browser details.
f. Transaction Data: Data relating to purchases and orders, including payment method (via third-party processors), billing address, shipping address, transaction ID, and order history.
g. Preference Data: Your marketing preferences, product interest indicators, opt-in or opt-out statuses, and related consent records.
4. Legal Bases for Processing Personal Data
Our lawful bases for processing your personal data under the GDPR include:
– Contractual Necessity: To fulfill a contract or take steps before entering a contract (e.g., processing orders or managing accounts).
– Legitimate Interest: To operate, improve, and secure our services (e.g., analyzing website performance, preventing fraud).
– Consent: Where you have given consent for specific purposes, such as receiving promotional emails. You may withdraw consent at any time.
– Legal Obligation: To comply with financial, reporting, or compliance obligations.
5. Your Data Protection Rights
As a data subject under the GDPR or CCPA, you have the following rights:
– Right to Access: You may request access to personal data we hold about you.
– Right to Rectification: You may request correction of inaccurate or incomplete data.
– Right to Erasure: You may request deletion of your personal data, subject to legal obligations.
– Right to Restriction: You may request we limit processing of your data in certain circumstances.
– Right to Portability: You may request to obtain your data in a structured, commonly-used format.
– Right to Object: You may object to processing where we rely on legitimate interests or direct marketing.
To exercise these rights, contact us at [email protected]. We will verify your identity before fulfilling your request and respond in accordance with applicable laws.
6. Security Measures
We implement industry-standard technical and organizational measures to secure your personal data. These include:
– Encryption protocols (e.g., SSL/TLS) for data in transit
– Role-based access controls and least privilege access
– Regular backups and secure data storage systems
– Staff training and confidentiality agreements
– Internal audits and threat detection mechanisms
Despite these safeguards, no system can be 100% secure. We encourage users to practice online safety and report any suspicious activity.
7. International Data Transfers
Where your data is transferred outside of the European Economic Area (EEA) or your local jurisdiction, we ensure that appropriate safeguards are in place. These may include standard contractual clauses approved by the European Commission or adequacy decisions for recipient countries. We ensure that all data recipients adhere to equivalent levels of data protection.
8. Data Retention
We retain personal data only for as long as needed to fulfill the purposes for which it was collected, including legal, regulatory, accounting, or reporting requirements. Specific retention periods include (but are not limited to):
– Account and Profile Data: retained for the duration of your account and up to 5 years thereafter
– Transaction and Communication Data: retained for 7 years for legal and compliance purposes
– Technical and Usage Data: retained for up to 2 years for analytics and security
Once data is no longer necessary, it is securely anonymized or deleted.
9. Cookie Policy
We use cookies and similar technologies on farmhousemovement.com for the following purposes:
– Essential Cookies: Necessary for website functionality and security (e.g., login, checkout).
– Functional Cookies: Enable personalization and save your preferences.
– Analytics Cookies: Track aggregated usage data to improve user experience. Analytics are anonymized where possible.
– Performance Cookies: Help measure site speed and functionality to optimize performance.
10. Cookie Management and Compliance
Users may manage cookie preferences at any time through our cookie consent banner or in browser settings. Under the GDPR and CCPA, we do not place non-essential cookies without your consent. You may also opt out of certain tracking via industry tools such as the Digital Advertising Alliance (DAA) or the Network Advertising Initiative (NAI).
11. Children’s Privacy
Farmhouse Movement does not knowingly collect or solicit personal data from children under the age of 13. If we become aware that we have collected such data without verified parental consent, we will promptly delete it. If you believe a child has provided us with personal data, please contact us at [email protected].
12. Policy Updates
We may update this Privacy Policy from time to time to reflect changes in legal obligations or our privacy practices. Material changes will be communicated to users where required by law. Your continued use of farmhousemovement.com following such updates constitutes your agreement to the revised policy.
13. Contact Information
If you have any questions, concerns, or requests regarding this Privacy Policy or our handling of your personal data, please contact us:
Email: [email protected]
We are committed to full compliance with applicable privacy laws and welcome your feedback or inquiries about your data rights.
