Privacy Policy
Your privacy is important to us. At The Lady Finger (accessible at https://theladyfinger.com), we are committed to safeguarding the confidentiality, integrity, and availability of your personal data. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you interact with our website, in full compliance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable privacy laws.
1. Commitment to Privacy and Data Protection
At The Lady Finger, we value the trust our users place in us. We uphold a strong privacy-first philosophy and are committed to collecting and using your personal data only in lawful, transparent, and fair ways. We ensure that your personal information is processed responsibly and with appropriate safeguards in place.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of our website, https://theladyfinger.com, and to all personal data collected through this site or through direct interactions with you via email, customer support, or transactional processes. For the purposes of applicable data protection legislation, The Lady Finger acts as the “data controller” determining the purposes and means of processing your personal data.
3. Categories of Personal Data We Process
We collect and process various categories of personal data as follows:
a. Usage Data
– Includes information such as IP address, browser type, browser version, pages visited, time and date of visit, time spent on pages, referring URLs, device identifiers, and other diagnostic data.
– Collected automatically through cookies and analytics technologies for security and performance purposes.
b. Account Data
– Includes full name, billing and shipping address, email address, and telephone number.
– Collected during account registration or checkout processes.
c. Profile Data
– Includes purchase history, product preferences, behavior on the website, loyalty program participation, and other customer profile information.
d. Communication Data
– Includes contact history, inquiries sent via email or contact forms, support tickets, and feedback submitted to our team.
e. Technical Data
– Includes device type, operating system, browser settings, plug-ins, hardware identifiers, mobile network information, and error/debug logging.
f. Transaction Data
– Includes payment method, payment confirmations (processed through secure third-party gateways), delivery address, and order fulfillment records.
g. Preference Data
– Includes your preferences in receiving marketing communications, consent status, frequency of engagement, and interests expressed through your interactions with https://theladyfinger.com.
4. Legal Bases for Processing Personal Data
We only process your personal data when a valid legal ground applies under GDPR or CCPA:
– Consent: Where you have explicitly agreed (e.g., subscribing to newsletters or accepting cookies).
– Contractual necessity: Where processing is essential to fulfill a contract with you (e.g., fulfilling an order).
– Legal obligation: To comply with legal requirements or respond to lawful requests from authorities.
– Legitimate interests: When it is in our legitimate business interests to do so, and these interests do not override your data rights (e.g., for fraud prevention, analytics, and business improvement).
You may withdraw your consent at any time where consent is the legal basis for processing.
5. Your Rights
In accordance with data protection laws, you may exercise the following rights:
– Right of Access: To obtain confirmation of what personal data we hold about you and request a copy.
– Right of Rectification: To request correction of inaccurate or incomplete personal data.
– Right to Erasure: To request deletion of your personal data, subject to certain legal limitations.
– Right to Restriction: To request restriction of processing in certain circumstances.
– Right to Data Portability: To request your data in a commonly-used format and to transmit that data to another controller.
– Right to Object: To object to our processing of your personal data for direct marketing, or based on our legitimate interests.
To exercise any of your rights, please contact us at [email protected].
If you are a California resident, you may have additional rights pursuant to the CCPA, including the right to know specific personal information we have collected, and to request deletion or opt out of the sale of personal data (note: we do not sell personal data).
6. Security Measures
We implement technical and organizational measures to protect your personal information. These include:
– Encryption of data in transit and at rest
– Access control and authentication protocols
– Regular back-ups and disaster recovery procedures
– Employee privacy and data protection training
– Monitoring and testing of our systems for vulnerabilities
While we follow best practices, no method of transmission over the Internet is 100% secure. We urge you to take precautions such as using strong passwords and securing your own devices.
7. International Data Transfers
Your data may be transferred to and processed in countries outside of your jurisdiction, including where our service providers are based. Where this occurs, we ensure that appropriate safeguards are in place, such as the Standard Contractual Clauses approved by the European Commission, or other lawful mechanisms to guarantee adequate protection of your personal data.
8. Data Retention
We retain your personal data only as long as necessary to fulfill the purposes for which it was collected or to comply with legal, regulatory, tax, or accounting requirements. Retention durations vary by data type:
– Usage Data: 24 months (for analytics and diagnostics)
– Account and Transaction Data: 7 years (for legal & financial obligations)
– Communication Data: 3 years from your last contact
– Preference and Consent Data: Retained until preferences are updated or consent withdrawn
When data is no longer required, we securely delete or anonymize it.
9. Cookie Policy
Our website uses cookies and similar tracking technologies to enhance your browsing experience. Cookies may be categorized as:
– Essential Cookies: Necessary for website operation (e.g., login, cart)
– Functional Cookies: Remember preferences and settings
– Analytical Cookies: Measure traffic and usage trends (e.g., via Google Analytics)
– Performance Cookies: Track website responsiveness and performance
Cookies may come from first-party or third-party providers. Some are session-based, while others persist for longer periods.
10. Cookie Management and GDPR/CCPA Compliance
Upon your first visit to https://theladyfinger.com, you will be prompted to manage your cookie preferences. You may opt-in or opt-out of non-essential cookies. You can also change your browser settings to disable or delete cookies at any time.
In accordance with GDPR, we only activate non-essential cookies with your prior consent. Under the CCPA, you can opt out of the sharing of personal information collected via cookies.
11. Protection of Minors
Our services are not directed toward individuals under the age of 13. We do not knowingly collect personal information from children. If a parent or guardian believes their child has provided personal data without consent, please contact us immediately at [email protected], and we will take appropriate steps to remove such information.
12. Policy Updates and User Notification
We reserve the right to modify this Privacy Policy to reflect changes in legal, technical, or business developments. We encourage you to periodically review this page for the latest privacy practices. Where legally required, we will notify you of material changes and, where applicable, seek your consent before implementing them.
13. Contact Information
If you have any questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us at:
Email: [email protected]
Website: https://theladyfinger.com
Compliance Statement
We are fully committed to maintaining the privacy and protection of your information. For any privacy-related concerns or inquiries regarding your rights under applicable data protection laws, we encourage you to reach out to us directly.