Privacy Policy for The Folk Remedy
1. Introduction
At The Folk Remedy (“we,” “us,” or “our”), accessible via thefolkremedy.com, protecting your privacy and safeguarding your personal data is a critical priority. We are committed to upholding the highest standards of data protection and privacy compliance, adhering to global regulations such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy describes how we collect, use, disclose, and safeguard your personal information when you visit or interact with our website.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data collected about users and visitors of thefolkremedy.com. For purposes of the GDPR, The Folk Remedy is the “data controller” of your personal data, meaning we determine the purposes and methods of processing personal data.
This Policy governs our processing of personal data in both online and offline contexts, including data collected via forms, purchases, account signups, email communications, cookies, and browsing interactions.
3. Categories of Personal Data We Process
We may collect and process the following categories of personal data:
a. Usage Data
Includes information about how you use our website, including browser type and version, IP address, access times, referring URL, page views, and navigation paths.
b. Account Data
Includes your name, email address, billing and shipping addresses, phone number, and other contact details provided during account creation or checkout.
c. Profile Data
Includes your interests, purchase history, browsing habits, product preferences, and behavioral interactions on thefolkremedy.com.
d. Communication Data
Includes records of your correspondence with us, including customer support inquiries, contact form submissions, and emails.
e. Technical Data
Includes information collected from your device, such as operating system, device type, screen resolution, system configuration, and browser settings.
f. Transaction Data
Includes order information, payment status, transaction records, delivery addresses, and invoicing details.
g. Preference Data
Includes your communication preferences (e.g., opting in or out of marketing emails), product interests, and consent settings.
4. Legal Bases for Processing
We process your personal data on the following legal grounds:
– Contractual Necessity: Data necessary to perform our agreement with you, such as processing your purchases or creating an account.
– Legitimate Interests: Data processed to improve, secure, and operate our website, provided these interests do not override your fundamental rights and freedoms.
– Consent: We rely on your explicit consent to send marketing communications and set non-essential cookies.
– Legal Obligation: Where required by applicable law or regulation to process your data.
5. Your Rights
Under the GDPR and CCPA (where applicable), you have certain rights in relation to your personal data:
– Right of Access – You may request access to your personal data and receive a copy of the information we hold.
– Right to Rectification – You may request that inaccurate or incomplete data be corrected.
– Right to Erasure – You may request deletion of your data, subject to legal retention obligations.
– Right to Restriction – You may request that we limit how we process your data in certain circumstances.
– Right to Data Portability – You may request to receive your data in a structured, commonly used format and transmit it to another controller.
– Right to Object – You may object to processing of your data based on legitimate interests or direct marketing.
– Right not to be Discriminated Against – We will not discriminate against you for exercising any of your privacy rights under the CCPA.
To exercise your rights, contact us at [email protected]. We may verify your identity before fulfilling your request.
6. Security Measures
We implement a comprehensive range of physical, electronic, and administrative security measures to protect your personal data from unauthorized access, loss, misuse, alteration, or disclosure. These include:
– SSL encryption for data transmission
– Role-based access control and secure user authentication
– Regular data backups and secure storage protocols
– Staff data protection training and awareness programs
– Monitoring for unauthorized access and system vulnerabilities
While we take every reasonable step to protect your information, no method of internet transmission or storage is 100% secure.
7. International Data Transfers
If you are located outside of the United States, your data may be transferred to and stored in servers located in jurisdictions outside your own, including in countries that may not offer the same level of data protection.
Where required by law, we use appropriate safeguards such as Standard Contractual Clauses approved by the European Commission, and implement additional technical and organizational measures to ensure adequate data protection compliance.
8. Data Retention
We retain your personal data only for as long as necessary for the purposes for which it was collected, or as required to comply with legal, regulatory, or contractual obligations.
– Account and Profile Data: Stored as long as your account remains active or for a reasonable period thereafter.
– Transaction and Payment Data: Retained for 7 years to comply with financial and tax regulations.
– Communication Data: Retained for 3 years for customer service and auditing purposes.
– Usage, Technical, and Preference Data: Retained up to 2 years to support analytics and user experience improvements.
After these periods, data is securely deleted or anonymized.
9. Cookie Policy
The Folk Remedy uses cookies and similar tracking technologies to enhance your browsing experience and analyze website traffic. Categories of cookies we use include:
– Essential Cookies: Necessary for core functionality (e.g., login, cart management).
– Functional Cookies: Enable personalized features and retain preferences.
– Analytics Cookies: Provide insights into website performance and usage patterns.
– Performance Cookies: Improve website speed, security, and reliability.
These tools may collect personal and usage data tied to your device and browser.
10. Cookie Management and Compliance
Upon your first visit to thefolkremedy.com, a banner informs you of our use of cookies and allows you to accept or reject non-essential cookies. You can modify your cookie preferences at any time through your browser settings or our Cookie Management Tool, accessible in the footer of our website.
In compliance with GDPR, consent is obtained for non-essential cookies before enabling them. Under the CCPA, we honor browser signals for “Do Not Sell or Share My Personal Information,” and you may opt out via our “Do Not Sell” link available on our site.
11. Children’s Privacy
The Folk Remedy does not knowingly collect or solicit personal data from individuals under the age of 13. If we learn that we have inadvertently collected data from a child, we will take appropriate steps to delete such information promptly. Parents or guardians who believe their child has provided personal information may contact us at [email protected].
12. Policy Updates and Notification
We may revise this Privacy Policy to reflect legal, regulatory, or operational changes. Material changes will be notified through our website or via email, where appropriate. Continued use of thefolkremedy.com signifies your acceptance of the current version of the Policy.
13. Contact
If you have any questions, requests, or concerns about this Privacy Policy or the handling of your personal data, you may contact us at:
Email: [email protected]
Website: https://thefolkremedy.com
—
The Folk Remedy is committed to full compliance with global data protection laws and to protecting your personal privacy. Please do not hesitate to reach out to us with any privacy-related concerns or requests.