Privacy Policy for HeyLookItsEric.com
1. Introduction
At HeyLookItsEric.com (“we,” “us,” or “our”), we are deeply committed to safeguarding your privacy and ensuring the protection of your personal data. We recognize the importance of transparency, data minimization, and giving individuals control over their personal information. This Privacy Policy outlines how we collect, use, store, and protect your data when you access our services, use our website (https://heylookitseric.com), or communicate with us.
We uphold the rights of users under applicable privacy and data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act (“CCPA”), and we strive to go beyond minimum standards wherever possible, putting your privacy first.
2. Scope of this Policy and Data Controller Role
This Privacy Policy applies to all users who visit and interact with heylookitseric.com, whether as visitors, subscribers, account holders, or customers. This Policy governs the collection and processing of personal data through our website, services, applications, and communications.
HeyLookItsEric.com operates as the “Data Controller” for the personal data we collect and process unless otherwise specified. If you have any questions regarding how we handle your personal data, you may contact us at [email protected].
3. Categories of Data Processed
We may collect and process the following categories of personal information:
a. Usage Data
Includes information such as your IP address, browser type and version, time zone setting, referral sources, pages visited, session duration, and interactions with our website.
b. Account Data
Includes identity data provided when you create an account, such as your full name, billing and shipping address, email address, and phone number.
c. Profile Data
Includes your preferences, feedback, purchase history, browsing behavior, and settings associated with your use of heylookitseric.com.
d. Communication Data
Includes messages and inquiries submitted through our contact forms or customer service channels, including customer service transcripts and correspondence history.
e. Technical Data
Includes data about devices used to access our site, including operating system, device type, screen resolution, browser plug-in types and versions, and system configuration settings.
f. Transaction Data
Includes transactional records such as order history, payment method details (processed through a secure, PCI-compliant payment processor), delivery tracking, and invoice information.
g. Preference Data
Includes marketing consents, promotional preferences, notifications settings, and affinity toward particular products or categories.
4. Legal Bases for Processing Personal Data
In accordance with GDPR and other applicable data protection laws, we process your personal data based on one or more of the following legal grounds:
– Performance of a contract: Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
– Legitimate interests: Where processing is necessary for our legitimate business interests, provided those interests are not overridden by your fundamental rights and freedoms.
– Legal obligation: Where processing is necessary to comply with legal obligations to which we are subject.
– Consent: Where you have provided your clear and explicit consent for specific processing activities (e.g., newsletter subscriptions or targeted marketing communications).
5. Your Rights
You have the following rights under applicable laws:
– Right of Access: Request a copy of personal data we hold about you.
– Right to Rectification: Request correction of inaccurate or incomplete information concerning you.
– Right to Erasure: Request that we delete your personal data, subject to legal and business retention obligations.
– Right to Restrict Processing: Ask us to suspend the processing of your data in certain circumstances.
– Right to Data Portability: Receive your data in a structured, commonly used format and, if feasible, transmit it to another controller.
– Right to Object: Object to data processing based on public interest or legitimate interests, including profiling and direct marketing.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement robust technical and organizational safeguards to maintain the confidentiality, integrity, and availability of your data, including but not limited to:
– TLS/SSL encryption for data in transit
– Secure access protocols and authentication measures
– Role-based access controls
– Regular security training for staff
– Scheduled backups and disaster recovery protocols
– Security audits and vulnerability management
While we endeavor to protect your data, no system can be guaranteed to be 100% secure, and users are encouraged to keep their login credentials secure.
7. International Transfers
Your data may be transferred and stored outside your country of residence, including jurisdictions that may not provide the same level of data protection. In such cases, we ensure appropriate safeguards are in place including:
– Standard Contractual Clauses (SCCs) approved by the European Commission
– Data processing agreements with processors located in countries with adequacy decisions
– Supplemental measures in line with European Data Protection Board (EDPB) guidance
8. Data Retention
We retain personal data only as long as reasonably necessary for the purposes for which it was collected, including to fulfill legal, regulatory, contractual, accounting, or reporting obligations.
Data retention periods vary by category:
– Usage Data: 12 months from collection
– Account Data: For the duration of the account and up to 6 years thereafter (for legal obligations)
– Profile Data: Retained in line with activity or until user revokes consent
– Communication Data: 3 years from date of last communication
– Technical Data: 12 months from collection
– Transaction Data: Up to 7 years (in compliance with accounting laws)
– Preference Data: Until consent is modified or withdrawn
9. Cookie Policy
HeyLookItsEric.com uses cookies to enhance your experience and analyze performance. Categories include:
– Essential Cookies: Required for navigation and core functionality (e.g., log-in, shopping cart management).
– Functional Cookies: Personalize your experience by remembering preferences and settings.
– Analytics Cookies: Collect usage data to improve website functionality and usability.
– Performance Cookies: Monitor and optimize performance based on visitor interactions.
We do not use cookies for profiling children or for unauthorized third-party tracking.
10. Cookie Management and GDPR/CCPA Compliance
By default, only essential cookies are enabled. Upon your first visit, a cookie banner will request your consent for optional cookies. You may update your preferences at any time via our Cookie Settings tool accessible in the website footer.
Under the CCPA, California residents have the right to opt out of the “sale” of personal information. HeyLookItsEric.com does not sell your personal information for commercial gain or value exchange in the traditional sense, but we honor opt-out signals and provide a Do Not Sell My Personal Information link where applicable.
11. Children’s Privacy
We do not knowingly collect or process personal information from children under the age of 13. If you believe a child has provided personal data to us without parental consent, please contact us immediately at [email protected]. Upon verification, we will delete any such data promptly and in accordance with applicable law.
12. Policy Updates & User Notifications
We reserve the right to update this Privacy Policy as necessary to reflect changes in our practices, services, or legal requirements. Any material changes will be communicated via our website or by direct notice if applicable. Users are encouraged to periodically review this Policy to remain informed.
13. Contact
If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, you can contact us confidentially at:
Email: [email protected]
Website: https://heylookitseric.com
We are committed to maintaining the highest standards of privacy and will take prompt and appropriate action to address any concern raised.
Compliance and Further Information
HeyLookItsEric.com is committed to full compliance with all relevant data protection laws, including GDPR, CCPA, and applicable global privacy regulations. If you have any concerns regarding your personal data or our privacy practices, please reach out to us at [email protected]. We value your privacy and are here to safeguard it.
