Privacy Policy for Misty Meadows Farm, LLC
Misty Meadows Farm, LLC (“we,” “us,” or “our”) recognizes the importance of your privacy and is committed to protecting the personal data of individuals who interact with our website, available at mistymeadowsfarmllc.com. This Privacy Policy outlines how we collect, use, store, and protect your data in accordance with applicable privacy laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
1. Commitment to Privacy and Data Protection
We are committed to respecting and safeguarding your personal information. In handling your data, we adhere to the principles of transparency, accountability, and purpose limitation, ensuring your information is processed securely and in full compliance with applicable data protection laws.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all information collected through mistymeadowsfarmllc.com and any related services, communications, or interactions. Misty Meadows Farm, LLC acts as the data controller with respect to the personal data collected via the website, meaning we determine the purposes and means of processing your personal information.
For privacy-related inquiries, you may contact us at:
Email: [email protected]
3. Categories of Data Processed
We may collect and process the following categories of personal data:
– Usage Data: Includes data about how you use our website, such as browser type, IP address, time zone, access times, pages viewed, referring URLs, and session duration.
– Account Data: Includes name, billing and delivery address, email address, telephone number, and any information you provide when registering for services or placing an order.
– Profile Data: Includes preferences, purchase history, product browsing behavior, interests, and feedback.
– Communication Data: Includes data from your interactions with our customer support channels, submitted inquiries, and contact history.
– Technical Data: Includes data about your device type, hardware model, operating system, unique device identifiers, and other technical configurations.
– Transaction Data: Includes payment and order information, such as order value, invoice data, and delivery details.
– Preference Data: Includes marketing and communication preferences, such as opt-in status for newsletters and product interest categories.
4. Legal Bases for Processing
We rely on several legal bases for processing your personal data, depending on the context in which we collect it:
– Consent: Where you have provided clear consent for us to process your data for a specific purpose (e.g., email subscriptions).
– Contractual Necessity: Where processing is necessary to fulfill a contract with you (e.g., to deliver products or manage orders).
– Legitimate Interests: Where processing is necessary for our legitimate business interests, provided these interests are not overridden by your rights (e.g., analyzing usage trends to improve user experience).
– Legal Obligation: Where we are required to process data to comply with legal or regulatory obligations.
5. Your Data Rights
Subject to applicable law, you have the following rights:
– Right of Access: You may request access to your personal data and details about its use.
– Right to Rectification: You have the right to correct inaccurate or incomplete personal data.
– Right to Erasure: You may request the deletion of your personal data, subject to applicable retention obligations.
– Right to Restriction: You may request the restriction of processing under certain conditions.
– Right to Data Portability: You may request to receive your data in a structured, commonly used, machine-readable format, or request the transfer of your data to another service provider where technically feasible.
– Right to Object: You may object to the processing of your data where processing is based on legitimate interests or direct marketing.
To exercise any of the above rights, please contact us at [email protected].
6. Security Measures
We apply appropriate organizational and technical security measures to protect personal data against unauthorized access, alteration, disclosure, or destruction, including but not limited to:
– Encryption of data at rest and in transit
– Internal access controls and authentication systems
– Regular backups and disaster recovery procedures
– Staff privacy training and role-based data access
7. International Data Transfers
If your data is transferred outside your country of residence, particularly outside the European Economic Area (EEA), we ensure those transfers comply with GDPR and other applicable laws using industry-standard safeguards such as Standard Contractual Clauses or adequacy decisions issued by the European Commission.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes described in this Privacy Policy, including for satisfying legal, accounting, or reporting requirements. Retention periods may vary based on the type of data:
– Usage Data: retained for 12 months from collection
– Account and Profile Data: retained for the duration of the customer relationship and up to 7 years thereafter for auditing purposes
– Communication Data: retained for 24 months
– Transaction Data: retained for 7 years to comply with financial regulations
– Preference Data: retained until user withdraws consent or for a maximum of 24 months
After expiration of the retention period, your data will be securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar technologies to enhance your experience and collect information about your visit to mistymeadowsfarmllc.com. Cookies are categorized as follows:
– Essential Cookies: Required for basic website functionality and security. These cannot be disabled.
– Functional Cookies: Enable site personalization and remember settings or user choices.
– Analytics Cookies: Help us understand how visitors interact with the site, providing information about areas visited and traffic sources.
– Performance Cookies: Used to monitor site performance and improve the content and interface.
10. Cookie Management and Compliance
In accordance with GDPR and CCPA, users can manage cookie preferences via our cookie consent banner upon first visit and at any time thereafter. You may also configure your browser settings to block or delete cookies.
California residents may additionally opt out of the sale or disclosure of their personal information for marketing purposes, if applicable, by contacting us at [email protected].
11. Children’s Privacy
We do not knowingly collect or solicit personal information from children under the age of 13. If you are a parent or guardian and believe we may have collected personal information about a child without appropriate consent, please contact us immediately at [email protected] so we can take appropriate action.
12. Policy Updates and User Notification
We may modify this Privacy Policy from time to time to reflect changes in our practices, applicable laws, or regulatory requirements. When changes are made, we will update the policy on our website. Where legally required, we will notify users of material changes and, where necessary, obtain additional consent.
13. Contact
If you have any questions regarding this Privacy Policy, or if you would like to exercise your privacy rights, please contact us at:
Email: [email protected]
We are fully committed to complying with applicable privacy laws and to maintaining the transparency and security of your personal data. We encourage you to reach out with any privacy-related questions or concerns.