Privacy Policy
1. Introduction
At The Hollyday (thehollyday.com), we are deeply committed to protecting your personal data and upholding your right to privacy. This Privacy Policy articulates our dedication to transparency, accountability, and the secure handling of your personal data. Whether you are browsing our website, creating an account, or making a purchase, we strive to ensure your data is processed in accordance with the highest standards of applicable data protection legislation, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
2. Scope of Policy and Data Controller
This Privacy Policy applies to all users of thehollyday.com and governs the collection, use, and safeguarding of personal data obtained through the website. The data controller responsible for your personal data is The Hollyday, which determines the purposes and means of processing your information.
If you have any questions about how your data is used, please contact us at [email protected].
3. Categories of Data Processed
We may collect and process the following categories of personal data in connection with your use of our services:
a. Usage Data
Includes information such as browser type, IP address, time zone setting, browsing patterns, referring URLs, and the pages you view on thehollyday.com. This data helps us understand how users interact with our website to optimize performance and user experience.
b. Account Data
Encompasses personal information provided during the registration process, including your full name, residential or billing address, email address, phone number, and login credentials.
c. Profile Data
Includes details related to your product preferences, order history, behavioral activity on our website, and saved items or carts.
d. Communication Data
Covers information provided when you contact us, submit forms, request support, or engage with customer service communications. This data includes your message content, email correspondence, and any follow-up interactions.
e. Technical Data
Involves device-related information such as device model, operating system, screen resolution, system configuration, and mobile device identifiers.
f. Transaction Data
Comprises details of payments made and purchases completed on thehollyday.com, including billing and shipping addresses, payment method, and order history.
g. Preference Data
Includes your opt-in or opt-out preferences with respect to email marketing, product alerts, language settings, newsletter subscriptions, and other consent-based preferences.
4. Legal Bases for Processing
Under GDPR guidelines, we rely on the following lawful bases for processing your personal data:
– Performance of a contract: where processing is necessary for the execution of your purchases or requests;
– Legitimate interests: to manage and improve our services, detect fraud, personalize user experience, or analyze usage, provided such interests are not overridden by your rights;
– Consent: for sending marketing communications or placing non-essential cookies. You have the right to withdraw your consent at any time;
– Legal obligation: where processing is required by applicable legal and regulatory responsibilities.
5. Your Rights
As a data subject, you have rights under GDPR and CCPA, including:
– Right of Access: To request a copy of the personal data we hold about you.
– Right to Rectification: To request correction of inaccurate or incomplete data.
– Right to Erasure (“Right to be Forgotten”): To request deletion of personal data where no lawful basis exists to continue processing.
– Right to Restrict Processing: To limit the way in which we use your data under certain circumstances.
– Right to Data Portability: To obtain your data in a structured, commonly-used format and transmit it to another controller where applicable.
You may exercise these rights by contacting us at [email protected]. We will respond in accordance with applicable legal timeframes.
6. Security Measures
We continuously invest in security protocols to preserve the confidentiality, integrity, and availability of your personal data. Measures include:
– Use of Secure Socket Layer (SSL) encryption;
– Role-based access controls limiting access to authorized personnel;
– Regular system and malware monitoring;
– Routine data backups;
– Staff privacy training and awareness programs.
While we implement appropriate measures, no electronic transmission or storage system can be guaranteed to be 100% secure.
7. International Data Transfers
Personal data collected or processed may be transferred to and stored in jurisdictions outside the European Economic Area (EEA) or California. Where such transfers occur, we ensure that adequate safeguards, including Standard Contractual Clauses (SCCs), are in place in compliance with GDPR requirements. Similarly, we commit to maintaining compliance with CCPA provisions for Californian residents in regard to cross-border data transfers.
8. Data Retention
We will retain your personal data only for as long as necessary for the purposes stated in this Policy or as required by law. Below are general retention outlines:
– Account and Profile Data: Retained as long as your account remains active;
– Transaction Data: Retained for seven months post-transaction for legal and financial compliance;
– Communication Data: Retained for two years after correspondence resolution;
– Usage and Technical Data: Retained for twelve months for analytics purposes;
– Cookie Data: Retained for up to six months from date of collection, subject to user consent and browser storage.
9. Cookie Policy
The Hollyday uses cookies and similar technologies to improve user experience and assess the performance of our website. Categories of cookies include:
– Essential Cookies: Required for ensuring website functionality and accessibility features.
– Functional Cookies: Enable personalized content such as saved preferences or login persistence.
– Analytics Cookies: Collect anonymized data to understand website performance and user engagement metrics.
– Performance Cookies: Help identify errors and performance bottlenecks for optimization.
10. Cookie Management and Compliance
Our website includes a cookie consent management tool that allows users to make informed choices regarding which types of cookies are placed when visiting thehollyday.com. In accordance with GDPR and CCPA, we obtain prior consent before implementing non-essential cookies.
You may also modify cookie preferences through your browser settings or using industry-standard opt-out tools like the Network Advertising Initiative (NAI) or Digital Advertising Alliance (DAA).
11. Protection of Children
The Hollyday does not knowingly collect or solicit personal data from individuals under the age of 13. In the event we become aware that such data has been inadvertently collected, we will promptly delete it. If you believe a child under 13 has provided us with personal data, please contact us immediately at [email protected].
12. Policy Updates
We may revise this Privacy Policy periodically to reflect changes in legal requirements, technological developments, or our processing practices. All updates will be posted on thehollyday.com. Where material changes affect your rights or data usage, we will provide prominent notice and, where required by law, seek your renewed consent.
13. Contact Information
For inquiries regarding this Privacy Policy, your personal data rights, or to submit a request, please contact us at:
Email: [email protected]
This Privacy Policy is intended to comply with the requirements of GDPR, CCPA, and other applicable privacy laws. We encourage you to review this Policy regularly and reach out with any privacy concerns to our contact email.