Privacy Policy for Gacy’s Threads
1. Introduction
Gacy’s Threads (“we”, “our”, or “us”) is committed to respecting and protecting your privacy. This Privacy Policy outlines how we collect, use, store, and safeguard your personal data when you interact with our website, gacysthreads.com (the “Website”), and the associated services. We prioritize compliance with all applicable laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), and adhere to the highest standards of data protection principles.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of our Website and services. Gacy’s Threads is the data controller responsible for the processing of your personal data as described in this document. By accessing gacysthreads.com, you acknowledge that your data may be collected and processed by us in accordance with this Policy and applicable law.
3. Categories of Data Processed
We may collect and process the following categories of personal data:
a) Usage Data
Includes data about how you use our Website such as your browser type, IP address, pages visited, time and date of visit, and session duration.
b) Account Data
Includes information provided when creating an account, such as your full name, billing and shipping address, email address, and telephone number.
c) Profile Data
Includes details about your preferences, purchase history, items added to your wishlist or cart, and user behavior on the Website.
d) Communication Data
Includes any correspondence initiated by you, e.g., customer service inquiries, support tickets, and records of communication with our team.
e) Technical Data
Includes data about your device, system settings, operating system, screen resolution, and other configuration settings used to access gacysthreads.com.
f) Transaction Data
Includes payment information, order details, delivery confirmations, returns data, and purchase records.
g) Preference Data
Includes your chosen marketing communication preferences, newsletter sign-ups, product interest indicators, and opt-in or opt-out statuses.
4. Legal Bases for Processing
We process your personal data on the following lawful bases:
– Contractual Necessity: To provide goods and services, process orders, and fulfill contractual obligations.
– Legitimate Interests: To improve our Website, understand user behavior, and enhance customer experience.
– Consent: Where explicit consent is required (e.g., for marketing communications, cookie usage).
– Legal Obligation: Where processing is necessary to comply with legal or regulatory requirements.
5. Your Rights
Subject to applicable law, you may exercise the following rights in relation to your personal data:
– Right of Access: Request a copy of the personal data we hold about you.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your data where there is no legal reason for us to continue processing it.
– Right to Restriction: Request limitation of data processing in certain circumstances.
– Right to Data Portability: Request your data in a structured, commonly used, and machine-readable format for transmission to another controller.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement industry-standard technical and organizational security measures to protect your personal data, including but not limited to:
– SSL encryption
– Strict access controls
– Regular security audits and updates
– Data backups and recovery systems
– Staff training on data protection and confidentiality
7. International Transfers
In some instances, your personal data may be transferred and processed outside the country in which you reside, including jurisdictions that may have different data protection laws. When we do, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission or other approved mechanisms that meet GDPR and CCPA standards.
8. Data Retention
We retain your personal data only for as long as necessary for the purposes outlined in this Privacy Policy, in accordance with the following criteria:
– Usage Data: up to 12 months after collection
– Account Data: retained while your account is active and for 5 years following closure
– Profile Data: retained as long as relevant for marketing or site personalization, or until you request deletion
– Communication Data: retained for 3 years for auditing and customer service review
– Technical Data: up to 12 months after collection
– Transaction Data: retained for 7 years for compliance and record-keeping purposes
– Preference Data: retained until you modify your preferences or revoke consent
9. Cookie Policy
Our Website uses cookies to optimize your browsing experience. These include:
a) Essential Cookies – Necessary for basic Website functionality such as navigation and secure login.
b) Functional Cookies – Enhance usability and remember your preferences.
c) Analytics Cookies – Evaluate usage and performance metrics using tools such as Google Analytics.
d) Performance Cookies – Monitor system performance and detect technical issues.
10. Cookie Management and GDPR/CCPA Compliance
You are given the option to manage your cookie preferences on first visit and through your browser settings thereafter. Under GDPR and CCPA, you have the right to:
– Be informed before cookies are placed
– Opt-in to non-essential cookies (GDPR)
– Opt-out of the sale of personal information (CCPA)
We honor Do Not Track (DNT) signals where applicable and do not sell personal information as defined under the CCPA.
11. Special Protections for Children Under 13
We do not knowingly collect or solicit personal data from children under the age of 13. If we discover that we have inadvertently collected personal data from a child under 13, we will take immediate steps to delete the information from our systems.
12. Policy Updates & User Notifications
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Changes are effective upon posting to gacysthreads.com. Where appropriate, we will provide notification via email or on-site alerts. We encourage you to review this Policy periodically.
13. Contact Us
If you have any questions about this Privacy Policy, your personal data, or would like to exercise any of your privacy rights, please contact us at:
Email: [email protected]
Website: https://gacysthreads.com
We are committed to maintaining the confidentiality, integrity, and availability of your personal data, and to ensuring our ongoing compliance with GDPR, CCPA, and other applicable privacy laws. Please reach out to our team with any concerns or requests related to your data.