PRIVACY POLICY
Gacy’s Threads (“we,” “our,” or “us”) is deeply committed to protecting your personal data and respecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and protect your information when you visit and interact with our website, gacysthreads.com.
We prioritize data minimization and transparency, and process your personal data in accordance with applicable data protection laws, including the European Union General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
1. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all users who access or use gacysthreads.com, whether as visitors, account holders, or customers. Gacy’s Threads is the controller of personal data collected through the site and is responsible for decisions regarding the processing of your data.
You can reach our privacy team at [email protected] with any inquiries regarding your data or this policy.
2. Categories of Data We Process
We process the following categories of personal data:
a. Usage Data
Information regarding how you interact with gacysthreads.com, including your IP address, browser type, device identifiers, access times, pages viewed, referring URLs, and session duration.
b. Account Data
Data provided upon account registration or order placement, such as your full name, billing and shipping address, email address, and telephone number.
c. Profile Data
Information related to your preferences, purchase history, shopping behavior, saved items, and other navigational patterns that help us tailor your experience.
d. Communication Data
Records of your correspondence with us, including support tickets, inquiries, feedback, and any chat or contact form submissions.
e. Technical Data
Device and system information including operating system, device type, browser configuration, screen resolution, time zone settings, and system language.
f. Transaction Data
Details regarding purchases and payments, including the items bought, payment method, card details (processed via secure payment gateways), and delivery instructions.
g. Preference Data
Marketing and communication preferences, including consent to receive newsletters, promotions, and information about products or services.
3. Legal Bases for Processing Your Data
We process your personal data under the following lawful bases, in accordance with GDPR:
– Contractual Necessity: To fulfill your orders and provide services requested by you.
– Legitimate Interests: To improve our services, perform analytics, prevent fraud, and maintain the security and usability of the website.
– Legal Obligation: To comply with applicable statutory and regulatory requirements.
– Consent: For sending marketing materials and placing non-essential cookies, where explicit permission has been given.
Under CCPA, processing for commercial purposes—including advertising or analytics—is conducted with transparency and subject to your right to opt out or request more information.
4. Your Privacy Rights
You have the following rights under applicable data protection laws:
– Access: Request access to the personal data we hold about you.
– Rectification: Request corrections to any inaccurate or incomplete data.
– Erasure: Request deletion of your personal data, where legally permitted.
– Restriction: Request that we limit the processing of your data under certain circumstances.
– Portability: Request the transfer of your data to you or another service provider in a structured, machine-readable format.
Residents of California also have the right to:
– Know the categories and specific pieces of personal data collected.
– Request deletion of certain personal data.
– Opt out of the sale or sharing of their personal information.
– Not be discriminated against for exercising any CCPA rights.
You may exercise any of these rights by contacting our privacy team at [email protected].
5. Security Measures
We implement rigorous technical and organizational security measures to ensure the confidentiality, integrity, and availability of your data. These include:
– Encryption of data at rest and in transit
– Role-based access control and rights management
– Secure firewalls and intrusion detection systems
– Periodic security audits and penetration testing
– Regular data backups and secure storage
– Mandatory staff training on data protection and security
While we implement strong safeguards, no system is completely secure. Therefore, we urge users to take care when transmitting personal data online.
6. International Transfers
Some of our service providers and partners may be located outside your jurisdiction, including in countries that may not provide the same standard of data protection as your home country. In such cases, we rely on appropriate safeguards, including but not limited to, Standard Contractual Clauses (SCCs), adequacy decisions by the European Commission, or equivalent measures to ensure your data remains protected.
7. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. General retention periods include:
– Account and Profile Data: Retained for the duration of your account and for up to 6 years afterward to comply with legal obligations.
– Transaction Data: Retained for 7 years to satisfy financial and statutory requirements.
– Communication Data: Retained for 3 years following last contact.
– Technical and Usage Data: Retained for up to 2 years for analytics and website optimization.
– Preference and Marketing Data: Retained until you withdraw your consent or unsubscribe.
8. Cookie Policy
We use cookies and similar tracking technologies to enhance your experience on gacysthreads.com. Cookies collect personal and anonymized data and fall into the following categories:
– Essential Cookies: Necessary for website operations such as shopping cart, login, and navigation.
– Functional Cookies: Facilitate personalization and user preferences.
– Performance Cookies: Measure website performance and user behavior to improve user experience.
– Analytics Cookies: Gather information about how visitors use the website (e.g., Google Analytics usage patterns).
– Marketing Cookies: Track visitor activity across websites to display targeted advertisements.
9. Cookie Management and Compliance
You can manage cookie preferences through the cookie management banner displayed on your first visit to gacysthreads.com, as well as through your browser settings.
In compliance with GDPR, we offer visitors the ability to opt into or reject non-essential cookies before they are placed on your device. CCPA-compliant options enable California residents to opt out of the “sale” or “sharing” of their personal information via cookies. These preferences can be adjusted at any time using tools on our website.
10. Children’s Privacy
Our services are not directed to, and we do not knowingly collect information from, individuals under the age of 13. If we become aware that personal data was inadvertently collected from a child under 13, we will promptly delete such data. Parents or guardians should contact [email protected] if they believe their child has provided personal data to us.
11. Updates to This Policy
We may revise or update this Privacy Policy periodically to reflect changes in our practices or legal obligations. When changes are made, we will publish the revised version on this page and, where appropriate, notify you through the website or by email.
We encourage users to review this policy regularly to stay informed of how their information is being protected.
12. Contact
For any questions, privacy-related concerns, or to exercise your data protection rights, you may contact us via email at:
13. Final Note
At Gacy’s Threads, maintaining your trust is our top priority. We operate with the highest standards of data protection and strive to comply fully with the GDPR, CCPA, and all applicable privacy legislation. Please reach out to us with any privacy questions—we are here to help.