Privacy Policy
1. Introduction
At Fiona Graham-Mackay (https://fionagraham-mackay.com), we are fully committed to protecting your privacy and safeguarding your personal data. We understand the importance of maintaining the confidentiality and security of your information and are dedicated to complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy explains how we collect, process, store, and protect your personal information when you visit our website or interact with our services.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of our website and services provided by Fiona Graham-Mackay. For the purposes of the GDPR and other applicable data protection legislation, the data controller responsible for your personal data is Fiona Graham-Mackay, reachable at [email protected]. This policy governs the handling of personal information collected through fionagraham-mackay.com and describes your rights relating to your data.
3. Categories of Data Processed
We may collect, use, store, and transfer various categories of personal data about you, including:
– Usage Data: Information about how you use our website, such as IP address, browser type and version, geographic location, time zone, referring website, entry/exit pages, clickstream data, and session duration.
– Account Data: Personal information provided when you register or communicate with us, including your name, email address, telephone number, and physical address.
– Profile Data: Your interests, preferences, purchase history, responses to surveys, and insight on your behavior in connection with our services.
– Communication Data: Details of correspondence with us, including support inquiries, email exchanges, and records of communication sent to or received from us.
– Technical Data: Device identifiers, internet service provider data, operating system and platform, and configuration data used to access our digital services.
– Transaction Data: Data relating to orders you place with us, including payment method, billing and shipping information, and details of products purchased.
– Preference Data: Your consent or refusal to receive marketing, products you’ve shown interest in, and other stated preferences.
4. Legal Bases for Processing
We process personal data based on one or more of the following legal grounds:
– Consent: Where you have explicitly granted us permission to process your personal data for specific purposes (e.g., direct marketing or newsletter subscription).
– Contractual Necessity: When processing your personal data is necessary for the performance of a contract with you or to take steps prior to entering into a contract.
– Legal Obligation: When processing is required to comply with any legal or regulatory obligation to which we are subject.
– Legitimate Interests: When necessary for our legitimate interests or those of a third party, provided your interests and fundamental rights do not override those interests. Examples include analytics, fraud prevention, and improving user experience.
5. Your Rights
As a data subject, you have the following rights under applicable data protection laws:
– Right of Access: You may request a copy of the personal data we hold about you.
– Right to Rectification: You may correct or update your personal information where it is inaccurate or incomplete.
– Right to Erasure: You may request that we delete your personal data in certain circumstances.
– Right to Restrict Processing: You may request a restriction of your data’s processing in certain scenarios.
– Right to Data Portability: You may obtain and reuse your personal data for your own purposes across different services.
– Right to Object: You may object to processing based on legitimate interests or direct marketing activities.
To exercise any of these rights, please contact us at [email protected]. We may require proof of identity and reserve the right to deny requests that are unfounded, excessive, or not legally required.
6. Security Measures
We protect your personal data using a combination of technical, organizational, and administrative security measures, including:
– Data encryption (both in transit and at rest)
– Secure access management and role-based account control
– Routine vulnerability scanning and malware protection
– Regular backups to secured infrastructures
– Staff training on data protection and confidentiality
These preventative mechanisms are continually reviewed for effectiveness and updated as required.
7. International Transfers
Your personal data may be transferred to and stored in countries outside your jurisdiction, including in countries not deemed to provide an adequate level of data protection under the GDPR. Where international transfers occur, we implement suitable safeguards, such as standard contractual clauses approved by the European Commission, to ensure your rights are respected.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes we collected it for, including satisfying legal, regulatory, accounting, or reporting requirements. Below is a non-exhaustive breakdown:
– Usage and Technical Data: Up to 24 months
– Transaction Data: 7 years (for tax and legal compliance)
– Account and Profile Data: Retained during active relationship plus 24 months
– Communication Data: Up to 36 months
– Marketing Preference Data: Until you withdraw consent or unsubscribe
Any data that is no longer required will be securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar tracking technologies to enhance your browsing experience on fionagraham-mackay.com. Cookies are small data files stored on your device that help us monitor website traffic, remember your preferences, and tailor content.
Types of cookies used include:
– Essential Cookies: Required for core functionality, such as site navigation and secure access.
– Functional Cookies: Enhance user experience, such as remembering settings or preferences.
– Analytics Cookies: Help us understand user behavior and improve performance through tools such as Google Analytics.
– Performance Cookies: Measure performance of our site elements and optimize load times and interaction.
10. Cookie Management & Compliance with GDPR & CCPA
Upon your first visit to fionagraham-mackay.com, you are presented with a cookie consent banner in compliance with GDPR and CCPA. You have the option to manage your preferences by accepting, rejecting, or customizing which types of cookies are allowed.
You can further control cookies through your browser settings or opt out of analytics through third-party platforms like Google’s Ad Settings or the Network Advertising Initiative’s opt-out page.
11. Children’s Privacy
This website and its services are not intended for children under the age of 13. We do not knowingly collect data from or about children. If we become aware that information from anyone under 13 has been collected, such data will be immediately deleted. If you are a parent or guardian and believe your child may have provided us with personal information, please contact us at [email protected].
12. Policy Updates
We reserve the right to update this Privacy Policy to reflect changes in practices, technology, legal or regulatory requirements. While we may notify users of material changes, we encourage you to review this policy periodically for the latest information about our privacy practices.
13. Contact
If you have any questions about this Privacy Policy, would like to exercise your rights under applicable law, or have concerns about how your data is handled, please contact us at:
Email: [email protected]
Website: https://fionagraham-mackay.com
We are committed to respecting your privacy and complying with all relevant data protection requirements. Please do not hesitate to contact us with any privacy questions or requests.