Privacy Policy
At The Moon Oakland, accessible at themoon-oakland.com, your privacy is of paramount importance. We are firmly committed to protecting the confidentiality, integrity, and security of the data we collect and process about you. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information, and how you can exercise your data protection rights pursuant to applicable privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
1. Introduction
The Moon Oakland values your trust and is resolute in ensuring that your personal data is collected and handled responsibly. This policy explains how we use the information you provide to us, and the measures we take to protect your data and comply with privacy regulations. Our goal is to maintain a privacy-first approach in all aspects of our interactions with users and customers.
2. Scope of Policy and Data Controller
This Privacy Policy applies to all users and visitors who access or use services through themoon-oakland.com. The Moon Oakland operates as the Data Controller for any personal data collected through this website or connected services. As a Data Controller, we determine how and why your personal information is processed and are accountable for ensuring its protection.
For questions regarding how we act as Data Controller, or for data access inquiries, you may contact us at [email protected].
3. Categories of Data We Collect
Depending on your interaction with themoon-oakland.com, we may collect the following categories of personal and usage data either directly from you or automatically via cookies and similar technologies:
a. Usage Data
Includes data about how you interact with our website, such as your IP address, browser type, browsing actions, session durations, traffic patterns, and referral URLs.
b. Account Data
Includes identifying details you provide when creating an account or placing an order, such as your full name, email address, billing and shipping addresses, and telephone number.
c. Profile Data
Includes your service or product preferences, order histories, account settings, and any feedback you submit. This data enables us to tailor your experience and deliver personalized services.
d. Communication Data
Includes records of communications you initiate with us, such as support enquiries, feedback forms, messages sent via contact forms, and correspondence history.
e. Technical Data
Includes information from your device, including the type of device, operating system version, browser information, time zone settings, screen resolution, and system configurations.
f. Transaction Data
Includes purchase and payment details such as items ordered, order date and time, delivery preferences, and anonymized payment verification data from trusted third-party providers.
g. Preference Data
Refers to your expressed choices in subscriptions or communications, such as marketing preferences, product interest categories, and opt-in or opt-out statuses.
4. Legal Bases for Processing
We only process your personal data when permitted by law. Applicable legal bases under both the GDPR and CCPA include:
– Consent: Where you have given clear consent for us to process your data for specific purposes.
– Contractual Necessity: Where processing is required to fulfill a service or transaction you have requested.
– Legitimate Interests: Where processing is necessary for our legitimate business operations, and those interests are not overridden by your data protection rights.
– Legal Obligations: Compliance with applicable laws and regulatory requirements.
5. Your Rights
As a data subject under applicable privacy laws, you are entitled to various rights regarding your personal information:
– Right of Access: You may request a copy of the personal data we hold about you.
– Right to Rectification: You may ask us to correct any inaccurate or incomplete data.
– Right to Erasure: You may request deletion of your data where legally permissible.
– Right to Restriction: You may ask us to restrict further processing where there is a dispute about accuracy or lawfulness.
– Right to Data Portability: You may request your data in a structured, machine-readable format.
– Right to Object: You may object to processing based on legitimate interests or direct marketing.
To exercise any of these rights, please contact [email protected]. We endeavor to respond to all valid requests in accordance with applicable laws.
6. Security Measures
The protection of your personal data is critical to us. We implement market-standard technical and organizational safeguards, including but not limited to:
– End-to-end encryption of sensitive data in transit and at rest
– Role-based access controls to limit internal access
– Secure data backups and disaster recovery protocols
– Employee privacy and data handling training
– Continuous monitoring for data integrity and system intrusions
While we employ robust measures, no system is entirely immune to unauthorized access. We encourage users to also safeguard their credentials and report any security concerns promptly.
7. International Transfers
Your data may be transferred to and processed in countries outside your jurisdiction, including but not limited to the United States. When such transfers occur, we rely on appropriate safeguards as required by GDPR and other applicable laws, including Standard Contractual Clauses (SCCs) approved by the European Commission and commitments to equivalent protection standards.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy. Specific retention timelines include:
– Account and Profile Data: Retained until account deletion or inactivity for a continuous 24-month period
– Communication Data: Retained for up to 36 months for support and customer service audit purposes
– Transaction Data: Retained for a minimum of 7 years as required by financial and tax regulations
– Usage and Technical Data: Retained in anonymized or aggregated form for analytical and performance purposes for up to 24 months
– Marketing Preference Data: Retained until users opt out or revoke consent, whichever comes first
9. Cookie Policy
The website themoon-oakland.com uses essential and non-essential cookies to optimize functionality and enhance the user experience. Categories of cookies used include:
– Essential Cookies: Necessary for the operation of the site and to facilitate core features such as account login, cart management, and order processing.
– Functional Cookies: Enhance usability by remembering user preferences and saved settings.
– Analytics Cookies: Collect anonymized data for statistical analysis of site use and user interaction to improve website design and performance.
– Performance Cookies: Monitor page load times, error reporting, and usage behavior to help us optimize user experience.
10. Cookie Management and Compliance
Users are provided with control over the use of cookies through a banner and consent mechanism in compliance with GDPR and CCPA guidelines. You may manage your cookie preferences at any time via your browser settings or through our dedicated cookie settings panel, which allows you to:
– Accept or refuse non-essential cookies
– Withdraw consent previously given
– Learn how cookies are used in a transparent manner
Residents of California may also exercise their right to opt-out of the sale or sharing of personal information by using the “Do Not Sell My Personal Information” link provided in the footer.
11. Children’s Privacy
The services offered on themoon-oakland.com are not intended for or directed to children under the age of 13. We do not knowingly collect or process personal data from minors. If it is brought to our attention that a child under the age of 13 has provided us with personal information, we will take immediate corrective measures including deletion of such data.
12. Updates to This Policy
We may update or amend this Privacy Policy to comply with changes in legal frameworks, operational practices, or website functionality. Material changes that impact your data rights will be clearly communicated through our website or by direct communication to affected users where legally required. We encourage regular review of this Privacy Policy to stay informed of how we protect your information.
13. Contact Information
If you have questions, concerns, or requests relating to this Privacy Policy or your personal data, you may contact us using the following details:
The Moon Oakland
Email: [email protected]
Website: themoon-oakland.com
We are committed to upholding your privacy rights and complying fully with all applicable privacy protections. Please do not hesitate to reach out to us with any privacy-related inquiries or concerns.