PRIVACY POLICY
1. Introduction
At Gallery47Official, accessible via gallery47official.com, we are committed to protecting your personal data and respecting your privacy. This Privacy Policy outlines the ways in which we collect, use, store, disclose, and protect your information when you interact with our website and services. We recognize the importance of processing your data in a lawful, fair, and transparent manner and uphold the principles set forth in applicable data protection laws, including but not limited to the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all visitors, users, and others who access our website and services. As the data controller, Gallery47Official determines the purposes and means by which your personal data is collected and processed in accordance with applicable law. For any privacy-related inquiries, please direct correspondence to [email protected].
3. Categories of Personal Data Processed
We may collect and process the following categories of personal data:
a. Usage Data: Includes data such as IP address, browser type and version, device identifiers, time zone setting, geographic location, operating system and platform, and details about your interactions on gallery47official.com (e.g., pages visited, session durations, referral URLs).
b. Account Data: Includes your full name, email address, billing and shipping addresses, contact telephone numbers, and account login credentials, if applicable.
c. Profile Data: Encompasses your preferences, order history, wishlists, product views, saved items, browsing behavior, and customer satisfaction surveys.
d. Communication Data: Includes records of correspondence between you and our team such as emails, online inquiries, support tickets, and chat transcripts.
e. Technical Data: Encompasses information about the devices, technology configurations, and connection specifications used for accessing our website, including types of mobile/desktop devices and system diagnostics.
f. Transaction Data: Includes details associated with your purchases such as order details, payment methods (though payment information is stored only by our third-party processors), delivery tracking milestones, and invoicing records.
g. Preference Data: Encompasses your expressed consents and preferences relating to marketing communications, product interests, and customer engagement channels.
4. Legal Bases for Processing
We rely on the following legal bases under the GDPR and relevant data processing principles under the CCPA when handling your personal data:
– Contractual Necessity: Processing required to fulfill our contractual obligations to you, including order fulfillment, payment processing, and providing customer support.
– Consent: Where you have given explicit consent, such as opting in to our newsletter or targeting cookies.
– Legitimate Interests: For purposes such as improving website functionality, fraud detection and prevention, and maintaining internal records, provided your rights do not override these interests.
– Legal Obligation: Where processing is necessary for compliance with legal and regulatory requirements.
5. Your Rights
As a data subject, you are entitled to a number of rights regarding your personal data. Subject to applicable law and verification of your identity, your rights include:
– Access: You have the right to request access to the personal data we hold about you.
– Rectification: You may request that incorrect or incomplete information be corrected.
– Erasure: Also known as the “right to be forgotten,” you may request deletion of your data in certain circumstances.
– Restriction: You may request that we limit processing of your personal data in scenarios defined by applicable law.
– Portability: You have the right to receive your data in a structured, commonly used, and machine-readable format and to transfer it to another controller, where technically feasible.
To exercise any of these rights, you may contact us at [email protected].
6. Security Measures
We implement a robust suite of technical and organizational security measures to safeguard your personal information against unauthorized access, disclosure, alteration, or destruction. These include:
– Data encryption in transit and at rest
– Access control protocols, including role-based access for internal staff
– Secure system architecture and intrusion detection mechanisms
– Regular security audits and vulnerability management
– Mandatory data protection training for personnel handling personal data
7. International Transfers
Gallery47Official operates globally, and your personal data may be processed by third-party service providers or hosted on servers located outside of your country. Where applicable, we ensure adequate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission or compliance with regional data transfer frameworks to maintain the same level of data protection as in your jurisdiction.
8. Data Retention
We retain personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. Retention periods are as follows:
– Usage Data: Up to 12 months
– Account Data: For the life of the account and up to 7 years thereafter where legally required
– Profile Data: Up to 3 years following your last interaction with our services
– Communication Data: Up to 3 years or longer where legally warranted
– Technical Data: Up to 12 months
– Transaction Data: Retained for a minimum of 7 years for tax and regulatory purposes
– Preference Data: Until you withdraw your consent or adjust settings
9. Cookie Policy
Cookies are small text files stored on your browser used to collect information about your browsing behavior and device. We use the following types of cookies on gallery47official.com:
– Essential Cookies: Necessary for website functionality (e.g., user authentication, shopping cart).
– Functional Cookies: Enhance usability and personalization (e.g., remembering preferences).
– Analytics Cookies: Help us understand site traffic and interactions (e.g., Google Analytics).
– Performance Cookies: Improve loading times and system responsiveness.
10. Cookie Management and Compliance
Upon your first visit to gallery47official.com, you are presented with a cookie consent banner that allows you to accept, reject, or customize your cookie preferences. You can also modify your cookie settings at any time using your browser settings. We respect your opt-out rights under both the GDPR and CCPA.
For California residents, the CCPA provides the right to opt-out of the sale or sharing of personal data by using applicable tools where available. We do not sell your personal information.
11. Special Protections for Children Under 13
Gallery47Official does not knowingly collect personal data from children under the age of 13. If you believe a child has provided us with personal data without parental consent, please contact us at [email protected], and we will delete the data promptly.
12. Policy Updates and Notification
We reserve the right to amend or update this Privacy Policy as our practices evolve or as required by regulatory changes. Material changes will be communicated through reasonable means, including posting an updated version on gallery47official.com and, where appropriate, notifying users via email.
13. Contact
If you have any questions, concerns, or requests with respect to this Privacy Policy or our handling of your personal data, please contact us at:
—
We are committed to maintaining your trust and ensuring compliance with all applicable data protection laws. Should you require further information or wish to submit a data subject request, our team is available and ready to assist at the contact email provided above.