PRIVACY POLICY
TheHollyDay.com (“we”, “our”, “us”) is committed to protecting the privacy and personal data of our users. As a company that values trust and transparency, we prioritize your right to data protection and handle all personal information with the utmost care and in accordance with applicable privacy laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant legislation.
1. INTRODUCTION: OUR COMMITMENT TO PRIVACY
We recognize the importance of safeguarding your personal information. This Privacy Policy outlines how we collect, use, disclose, and protect personal data when you interact with our website, thehollyday.com, including all associated services, features, and communication channels. Our practices are guided by a privacy-first approach to ensure that your personal data is processed lawfully, fairly, and transparently.
2. SCOPE OF THIS POLICY AND OUR ROLE AS DATA CONTROLLER
This Privacy Policy applies to all users of thehollyday.com and its related services. We act as the data controller for the personal data we collect, meaning that we determine the purposes and means of processing your data. This policy covers all information collected through our website or direct interactions with you, such as emails, customer support channels, and third-party integrations.
3. CATEGORIES OF PERSONAL DATA WE PROCESS
We collect and process the following types of personal data in order to provide, maintain, and improve our services:
a) Usage Data
Includes information about how you use our website, such as browser type, IP address, device information, geographic location, session duration, page interactions, and referral sources.
b) Account Data
Includes data you provide when you set up an account, such as your full name, billing and shipping address, email address, phone number, and login credentials.
c) Profile Data
Includes user-customized settings, browsing behavior, purchase history, product preferences, saved wishlists, and any feedback or personal choices on the platform.
d) Communication Data
Includes records of communications through our contact forms, email correspondence with [email protected], customer service inquiries, and other interactions with our support team.
e) Technical Data
Includes your device type, operating system, internet connection details, screen resolution, language settings, and referring URLs collected through log files and analytics tools.
f) Transaction Data
Includes information required for payment processing and order fulfillment, such as billing details, delivery information, transaction timestamps, and order confirmations.
g) Preference Data
Includes your choices regarding marketing communications, consent preferences, subscription statuses, and preferences related to products or content interests.
4. LEGAL BASES FOR PROCESSING
We process your personal data on the following lawful bases, as permitted under GDPR and other applicable laws:
– Consent: Where you voluntarily provide information or agree to receive marketing communications.
– Contractual Necessity: When processing is necessary to fulfill contractual obligations, such as providing services or completing transactions.
– Legal Obligation: When required to comply with legal obligations, such as tax or regulatory requirements.
– Legitimate Interests: For the operation, protection, and improvement of our website, services, and business, provided that such interests are not overridden by your fundamental rights and freedoms.
5. YOUR RIGHTS REGARDING YOUR DATA
Depending on your location and applicable data protection laws, you have the following rights regarding your personal information:
– Right of Access: Obtain confirmation as to whether or not personal data concerning you is being processed and access such data.
– Right to Rectification: Request correction or updating of inaccurate or incomplete data.
– Right to Erasure (Right to be Forgotten): Request the deletion of your personal data in certain situations.
– Right to Restrict Processing: Request limitation of the processing of your personal data under specific circumstances.
– Right to Data Portability: Receive your personal data in a structured, commonly used format and transfer it to another controller where feasible.
– Right to Object: Withdraw consent or object to processing when lawful grounds rely on legitimate interests or marketing activities.
– Non-Discrimination: You have the right not to receive discriminatory treatment for exercising your privacy rights under the CCPA.
You may exercise these rights by contacting us at [email protected].
6. SECURITY MEASURES
We implement appropriate organizational and technical security measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These include:
– Industry-standard encryption protocols during data transmission and storage
– Role-based access controls with authentication safeguards
– Regular data integrity reviews and vulnerability assessments
– Employee training on confidentiality and data handling practices
– System redundancies and offsite backups to maintain data resilience
While we work diligently to protect your data, no method of internet transmission or electronic storage is completely secure. Therefore, we cannot guarantee absolute security.
7. INTERNATIONAL DATA TRANSFERS
Your personal data may be transferred to and processed in countries outside your jurisdiction, including countries that may not offer the same level of data protection. To ensure appropriate safeguards, we rely on mechanisms such as:
– Standard Contractual Clauses (SCCs) approved by the European Commission
– Certified third-party frameworks (e.g., Privacy Shield where applicable)
– Binding corporate rules or other legally approved contractual arrangements
By using thehollyday.com, you consent to any such transfer of your data subject to these protections.
8. DATA RETENTION
We retain personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law. Retention periods include:
– Account and profile data: Retained for the duration of your account activity and for up to 2 years after account closure.
– Transaction and communication data: Retained for 7 years for reporting and legal compliance.
– Technical and usage data: Retained for analytical and diagnostic purposes for up to 24 months.
– Marketing and preference data: Retained until you withdraw consent or for no more than 24 months of inactivity.
Upon expiration of retention periods, personal data is securely deleted or anonymized.
9. COOKIE POLICY
Our website uses cookies and similar technologies to collect and store certain information automatically. Cookies we use fall into the following categories:
– Essential Cookies: Necessary for website functionality, such as session management and cart features.
– Functional Cookies: Enhance user experience through remembering preferences and login status.
– Analytics Cookies: Help us understand how visitors interact with our site, including which pages are most popular and how users navigate our content.
– Performance Cookies: Measure performance metrics and loading times to ensure a smooth experience across devices.
10. COOKIE MANAGEMENT & LEGAL COMPLIANCE
In compliance with GDPR and CCPA, we provide you with the ability to manage your cookie preferences through a cookie notice banner upon visiting our site. You may also adjust your browser settings to refuse or delete cookies, though certain features of thehollyday.com may not function properly if cookies are disabled.
You have the right to opt in or out of non-essential cookies and to withdraw consent at any time. For California residents, the “Do Not Sell My Personal Information” link is available in accordance with CCPA requirements.
11. PROTECTION OF CHILDREN’S DATA
We do not knowingly collect or process personal data from children under the age of 13. If we become aware that a child under 13 has provided us with personal data without verifiable parental consent, we will take immediate steps to delete such information. Parents who believe their child has submitted personal data may contact us at [email protected].
12. POLICY UPDATES
We reserve the right to make changes to this Privacy Policy to reflect updates to our practices, changes in applicable laws, or improvements to our services. Material updates will be posted prominently on our website, and we encourage you to review this policy regularly. Continued use of thehollyday.com indicates your acceptance of such modifications.
13. CONTACT US
If you have any questions regarding this Privacy Policy, the processing of your personal data, or wish to exercise any of your rights, please contact us at:
Email: [email protected]
Website: https://thehollyday.com
We are fully committed to complying with applicable data protection and privacy laws and to supporting your rights as a valued user. Should you have any concern or inquiry related to how we handle your personal data, please reach out to us, and we will respond as promptly as possible.