Privacy Policy

1. Introduction

At Trish Morse (“we,” “us,” or “our”), accessible via trishmorse.com, we are deeply committed to respecting and protecting your privacy. We understand the importance of personal data and are dedicated to maintaining the confidentiality, integrity, and security of your information. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

2. Scope of Policy and Data Controller Role

This Privacy Policy applies to all user interactions with our website, trishmorse.com, including account registration, browsing, purchases, and customer support. For the purposes of EU data protection legislation, we act as the Data Controller of your personal data, deciding how and why your information is processed. If you are located in California, we honor our role as a “business” under the CCPA.

3. Categories of Personal Data We Process

We collect and process various types of personal data, including but not limited to the following:

a) Usage Data
Includes data about how you interact with our website, such as browser type, IP address, pages visited, time spent on pages, and referring URLs.

b) Account Data
Collected when you register for an account, including your name, email address, telephone number, physical address, and any login credentials.

c) Profile Data
Includes information you provide as part of your profile, such as preferences, purchase history, and behavioral patterns relating to site usage and product engagement.

d) Communication Data
Includes communications you send or receive, including support tickets, contact form messages, customer service correspondence, and other records of interaction.

e) Technical Data
Includes information about the device you use to access our services, such as operating system, unique device identifiers, browser settings, language preferences, and network connectivity data.

f) Transaction Data
Includes payment and order details, billing addresses, delivery preferences, and receipts for transactions performed via trishmorse.com. Note: We do not store full payment card details. These are processed securely by our payment service providers.

g) Preference Data
Includes your communication preferences, consent to marketing, promotional opt-ins, and product interest data gathered through tools like surveys or newsletter sign-ups.

4. Legal Bases for Processing

We process your personal data using lawful bases under the GDPR and process personal information as defined by the CCPA for legitimate and disclosed purposes. The legal grounds include:

– Consent: Where you have granted explicit permission, such as subscribing to newsletters or marketing emails.
– Contractual Necessity: When processing is required to fulfill a contract with you, such as completing a purchase or managing your account.
– Legitimate Interests: For purposes like fraud prevention, service improvement, and ensuring security—so long as those interests are not overridden by your rights.
– Legal Obligation: Compliance with legal and regulatory requirements, including accounting, tax, and consumer law.

5. Your Rights

Where applicable, you have the following rights under data protection laws:

– Right of Access: Request access to the personal data we hold about you.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your personal data where there is no legal reason for us to continue processing it.
– Right to Restriction: Request a temporary suspension of processing where accuracy or legality is contested.
– Right to Data Portability: Obtain a copy of your data in a structured, commonly used machine-readable format and transmit it to another controller, where technically feasible.

In addition, California residents may have the right to:

– Know what categories and specific pieces of personal information are collected.
– Request deletion of personal information.
– Opt out of the “sale” or “sharing” of personal information.
– Not be discriminated against for exercising any of their CCPA rights.

You may exercise your rights by contacting us at [email protected].

6. Security Measures

We employ industry-standard organizational and technical measures to protect your personal data:

– Data encryption at rest and in transit using secure protocols (e.g., HTTPS, TLS).
– Access control and authentication procedures for data access.
– Regular data backups and integrity monitoring.
– Employee training in data protection best practices and confidentiality commitments.

7. International Transfers

Your personal data may be transferred and processed outside your country of residence, including to countries that may not offer equivalent protections. In such cases, we implement standard contractual clauses approved by the European Commission or use other lawful safeguards to ensure adequate protection of your information.

8. Data Retention

We retain your personal data only as long as necessary for the purposes described in this Privacy Policy, including:

– Usage Data: Up to 12 months for analytics and fraud prevention.
– Account and Profile Data: For as long as your account is active, and up to 6 years thereafter for customer relationship management, legal compliance, and service optimization.
– Communication Data: Retained up to 3 years post-resolution.
– Transaction Data: Retained for up to 7 years for tax and financial reporting compliance.
– Preference Data: Retained until you update or withdraw your consents.

9. Cookie Policy

We use cookies and other tracking technologies to enhance your experience on trishmorse.com. Cookies are small files stored on your device to support various functions, categorized as follows:

– Essential Cookies: Required for the basic functionality of the website, such as secure login and cart features.
– Functional Cookies: Allow customization and remember user preferences like language and currency.
– Analytics Cookies: Used to understand user behavior and improve the usability and performance of our site. These may be provided by third-party tools (e.g., Google Analytics).
– Performance Cookies: Help in tracking site reliability, load times, and user journeys, enhancing overall effectiveness.

10. Cookie Management and Compliance

In compliance with the GDPR and CCPA:

– Upon your first visit, we present a cookie banner to obtain explicit consent for non-essential cookies.
– You can manage your cookie preferences at any time through our cookie settings link or by adjusting your browser settings.
– California users may opt out of cookies that qualify as “sales” of information under the CCPA.

11. Children’s Privacy

Our services are not directed to children under the age of 13, and we do not knowingly collect personal data from children. If we discover that a child under 13 has provided us with personal data without verifiable parental consent, we will take prompt action to delete such data.

12. Policy Updates

We may revise this Privacy Policy periodically to reflect changes in legal, regulatory, or operational practices. Updates will be posted to this page. Where required by law, users will be notified through prominent notices or direct communication.

13. Contact Us

If you have any questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us at:

Email: [email protected]

At trishmorse.com, we are committed to protecting and respecting your personal data in compliance with applicable privacy laws. Your trust is our priority, and we welcome any feedback or inquiries regarding our privacy practices.