Privacy Policy for Rift Homestead
Rift Homestead (“we,” “us,” or “our”) values your privacy and is committed to protecting your personal data in accordance with applicable privacy and data protection regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy describes how we collect, use, disclose, and safeguard your personal information when you visit or interact with our website, rifthomestead.com.
1. Commitment to Privacy and Data Protection
Rift Homestead is committed to preserving the confidentiality, integrity, and availability of the personal information entrusted to us. We process user data responsibly, transparently, and with regard for individual rights. This Privacy Policy outlines our practices regarding information collection and dissemination, and it is designed to assist you in making informed decisions about your personal data.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data collected through rifthomestead.com and through any communications you initiate with us via our contact channels, including [email protected].
For the purposes of applicable data protection laws, the entity responsible for the control and processing of your personal data is:
Rift Homestead
Website: rifthomestead.com
Contact: [email protected]
3. Categories of Data Processed
We may process the following categories of personal information depending on your use of our services:
a. Usage Data
Includes information such as your browser type and version, device type, referring URLs, pages viewed, time spent on pages, IP address, and interaction logs.
b. Account Data
Includes identifiers such as name, mailing address, email address, and phone number provided when creating an account or contacting us.
c. Profile Data
Includes user preferences, purchase history, browsing behavior, wish lists, favorited products, and saved filters.
d. Communication Data
Includes correspondence records such as customer support interactions, inquiries submitted through our contact forms, email exchanges, and other communications with our team.
e. Technical Data
Includes device-specific data such as operating system, hardware model, network information, cookies, and system configuration settings.
f. Transaction Data
Includes order details, billing information, payment method data, and delivery address. Actual payment card information is processed securely by third-party payment processors and is not stored by us.
g. Preference Data
Includes information provided by you regarding your interests, marketing preferences, language settings, and newsletter subscriptions.
4. Legal Bases for Processing
We rely on the following legal grounds for processing your personal data:
– Consent: When you voluntarily provide data, subscribe to newsletters, or accept cookies.
– Contractual Necessity: When processing is needed to fulfill a purchase, deliver a product, or provide customer support.
– Legal Obligation: When required to comply with applicable laws and regulations.
– Legitimate Interests: To operate, improve, and analyze our platform, prevent fraud, and promote our products and services where these interests do not override your fundamental rights and freedoms.
5. Your Rights
Subject to applicable laws, you may exercise the following rights in relation to your personal data:
– Right of Access: Obtain details about the data we hold about you and how we process it.
– Right to Rectification: Request correction of inaccurate personal data.
– Right to Erasure: Request deletion of your personal data in certain situations.
– Right to Restriction: Request that we limit the processing of your data in specific circumstances.
– Right to Data Portability: Request a copy of your personal data in a structured, commonly used format to transfer it to another provider.
– Right to Withdraw Consent: You may withdraw your consent at any time where processing is based on your consent.
– Right to Object: Object to processing based on our legitimate interests or where used for direct marketing.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement and maintain appropriate technical and organizational measures to protect your personal data, including but not limited to:
– Encryption of data during transit and at rest
– Role-based access control and authentication protocols
– Regular security audits and penetration tests
– Backup systems and disaster recovery protocols
– Staff training on privacy and security obligations
7. International Transfers
Your data may be transferred to and processed in countries outside the European Economic Area (EEA) or your country of residence. In such cases, we ensure that appropriate safeguards are in place to protect your data, including reliance on Standard Contractual Clauses approved by the European Commission or equivalent frameworks ensuring an adequate level of protection.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or to comply with legal, regulatory, or contractual obligations. The specific retention periods per category are as follows:
– Usage Data: up to 24 months
– Account Data: until the user account is deleted, plus up to 12 months for record purposes
– Profile and Preference Data: up to 24 months of inactivity
– Communication Data: up to 36 months following last contact
– Technical Data: up to 12 months
– Transaction Data: retained for 7 years for tax and regulatory compliance
Once the retention period expires, personal data is securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar technologies to enhance user experience and analyze website traffic. Cookies are small text files placed on your device and categorized as follows:
– Essential Cookies: Necessary for website operation and security.
– Functional Cookies: Remember preferences and settings to improve usability.
– Analytical Cookies: Collect anonymized data for internal analytics and performance monitoring.
– Performance Cookies: Optimize website loading speeds and element rendering.
10. Cookie Management and Compliance
On your first visit to rifthomestead.com, you will be presented with a cookie consent banner which allows you to accept or customize the types of cookies used. You can modify your cookie preferences or withdraw consent at any time by accessing cookie settings via your browser or our cookie management tool available on the site.
We comply with all requirements set forth under GDPR and CCPA regarding cookie usage and transparency. For California residents, we honor “Do Not Sell or Share My Personal Information” requests as required under CCPA.
11. Children’s Data Protection
rifthomestead.com is not intended for use by individuals under the age of 13. We do not knowingly collect personal information from children under 13 and will delete such information if we become aware that it has been collected. If you believe we have inadvertently collected data from a minor, please contact us immediately at [email protected].
12. Policy Updates & User Notification
We reserve the right to amend this Privacy Policy to reflect changes in legal, regulatory, or operational requirements. If changes are material, we will notify users via email notifications or prominent website banners. Continued use of rifthomestead.com following any updates signifies your acceptance of the revised policy.
13. Contact Information
If you have any questions, requests, or concerns about this Privacy Policy or wish to exercise your data protection rights, please contact us:
Email: [email protected]
Website: rifthomestead.com
This Privacy Policy is intended to demonstrate our compliance with applicable data privacy laws. We are committed to maintaining high standards of transparency, accountability, and user empowerment in managing your personal data. Please do not hesitate to reach out with any privacy-related inquiries or requests.