Privacy Policy

1. Introduction

At Blooming Mama HQ, accessible via bloomingmamahq.com, we are dedicated to safeguarding the privacy and personal data of all individuals who interact with our website, products, or services. We value transparency, data security, and your right to control your personal information. This Privacy Policy outlines the ways in which we handle, process, and protect your data in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

2. Scope and Data Controller

This Privacy Policy applies to all personal data collected through bloomingmamahq.com and related services. For the purposes of applicable data protection legislation, Blooming Mama HQ is the “Data Controller,” meaning we determine the purposes and means of processing your personal information.

If you have any questions regarding this policy or the handling of your data, please contact us at [email protected].

3. Categories of Data We Collect and Process

We may collect, process, and store the following categories of personal data:

a) Usage Data: Includes information about how you use our website such as browser type, IP address, usage duration, page views, referral sources, and session data.

b) Account Data: Includes identifying information provided when creating an account or placing an order, such as your full name, billing and shipping address, email address, and telephone number.

c) Profile Data: Includes preferences, shopping behavior, demographic interests, purchase history, and customer profile details to personalize your experience.

d) Communication Data: Includes any communications you send to us including support inquiries, survey responses, complaints, and other interactions with our customer service.

e) Technical Data: Includes data about your device and platform, such as operating system, device model, time zone setting, browser plug-in types, and system configurations.

f) Transaction Data: Includes details of products or services you purchase, payment information (processed via secure third-party providers), delivery information, and order history.

g) Preference Data: Includes your preferences for receiving marketing communications, notification settings, and data related to product interests or feedback.

4. Legal Bases for Processing

We will only process your personal data where we have a legal basis to do so under applicable privacy laws. These may include:

– Consent: Where you have provided specific consent to the processing of your data, e.g., subscribing to newsletters or accepting cookies.
– Contractual Necessity: Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into such a contract.
– Legal Obligation: Where we are required to process certain personal data under legal or regulatory obligations.
– Legitimate Interests: Where processing is necessary for our legitimate interests in improving our services, ensuring security, or marketing, and such interests are balanced against your rights and freedoms.

5. Your Rights

Under the GDPR and CCPA, you have a number of rights in relation to your personal data:

– Right of Access: Request access to the personal data we hold about you.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your personal data where there is no compelling reason for its continued processing.
– Right to Restriction: Request that we limit processing of your personal data.
– Right to Data Portability: Receive your data in a commonly used, machine-readable format and have the right to transmit that data to another controller.
– Right to Object: Object to certain types of processing, including direct marketing.
– Right Not To Be Discriminated Against: Under CCPA, exercise your privacy rights without receiving discriminatory treatment.

You may exercise these rights by contacting [email protected]. We may need to verify your identity before fulfilling any requests to ensure your data is protected.

6. Security Measures

We deeply value the security of your data. To that end, we implement a combination of technical and organizational measures, including:

– Encryption of data in transit and storage
– Role-based access control to personal data
– Secure regular backups
– Staff training on data protection and confidentiality
– Use of secure servers and trusted third-party providers

While no method of transmission over the internet or storage system is completely secure, we continuously review and enhance our security practices to protect your data.

7. International Data Transfers

Personal data may be processed or stored on servers located outside the country in which you reside. Where such transfers occur, we ensure adequate protection by implementing standard contractual clauses approved by the European Commission or by ensuring an adequate level of data protection recognized by the relevant authority.

We comply with all relevant cross-border data transfer regulations, including those governing transfers under the GDPR and CCPA.

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

– Account, Profile, and Transaction Data: Retained for the duration of your account and for a period after closure as required by applicable law (typically up to 7 years).
– Communication and Support Data: Retained for up to 2 years to manage performance and history of support services.
– Marketing Preference Data: Retained until you withdraw your consent or opt out of communications.
– Technical and Usage Data: Retained for analytical and performance tracking purposes—usually for up to 24 months.

When data is no longer necessary or required to be retained, it will be securely deleted or anonymized.

9. Cookie Policy

Our website uses cookies and similar technologies to enhance your user experience. These may include:

– Essential Cookies: Necessary for the operation of our website and to enable basic functionalities.
– Functional Cookies: Remember preferences and settings to provide a tailored user experience.
– Analytics Cookies: Collect information about how visitors use the site to help us improve functionality and performance.
– Performance Cookies: Enhance and optimize performance, loading speed, and responsiveness of the website.

Where required by law, we obtain consent before placing non-essential cookies and provide clear information about how to manage them.

10. Cookie Management and Compliance

You may control or disable cookies through your browser settings or by utilizing cookie management tools available on bloomingmamahq.com. We provide opt-in and opt-out capabilities in compliance with GDPR and CCPA consent requirements.

You may also manage your cookie preferences by responding to the cookie banner on our website and adjusting your selections accordingly.

11. Children’s Privacy

We do not knowingly collect, process, or store data from children under the age of 13. If we become aware that we have inadvertently collected personal information from a child without verified parental consent, we will take immediate steps to delete such data. If you believe that a child under 13 has provided us with personal data, please contact us at [email protected].

12. Policy Updates

This Privacy Policy may be updated from time to time to reflect legal, operational, or technological changes. Where substantive changes are made, we will notify our users through the website or via direct communication. Continued use of bloomingmamahq.com following any such updates constitutes your acceptance of the revised policy.

13. Contact Us

If you have questions, concerns, or would like to exercise your rights under this Privacy Policy, please email us at [email protected].

We are committed to full compliance with global data protection standards and pledge to respond promptly and transparently to any privacy inquiries you may have.