Privacy Policy
1. Introduction
At Rustic Base (rusticbase.com), we are committed to safeguarding the privacy and personal data of our users. We recognize the importance of protecting the integrity, security, and confidentiality of all personal information entrusted to us. This Privacy Policy outlines in clear and comprehensive terms how we collect, use, disclose, and protect your personal data, as required under data protection laws including, but not limited to, the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”). Our approach is rooted in transparency, accountability, and respect for your privacy rights.
2. Scope of Policy and Data Controller
This Privacy Policy applies to all users of our website, rusticbase.com, including visitors, account holders, and customers. For the purposes of applicable data protection legislation, Rustic Base is the “Data Controller” of your personal data. As Data Controller, we determine the purposes and methods by which personal data is collected and processed.
3. Categories of Data Processed
We may collect and process the following categories of personal data, depending on your interaction with rusticbase.com:
a. Usage Data
Includes information about your browser type, device configuration, operating system, IP address, pages visited on the site, session duration, referring URLs, and interaction events for analytics and service optimization purposes.
b. Account Data
Includes identifying information such as your full name, email address, billing and shipping addresses, and contact phone number provided during registration or checkout.
c. Profile Data
Includes your saved preferences, past purchases, product interests, and browsing behavior related to your personalized experience on our website.
d. Communication Data
Includes correspondence between you and Rustic Base, such as support tickets, emails, live chat messages, and contact history to improve service delivery and communication.
e. Technical Data
Includes device identifiers, time zone settings, language, screen resolution, and browser plug-in types for compatibility and performance optimization.
f. Transaction Data
Includes payment details (processed by secure third-party payment processors), transaction identifiers, purchase history, and shipping/delivery details.
g. Preference Data
Includes marketing preferences, newsletter sign-ups, opt-in or opt-out choices, interest profiles, and engagement with promotional content.
4. Legal Bases for Processing
We process your personal data only where lawful grounds exist under applicable law. These include:
– Your Consent: When you explicitly agree to certain types of data processing (e.g., marketing communications).
– Contractual Necessity: When processing your data is required to enter into or fulfill a contract (e.g., to process and deliver your orders).
– Legitimate Interest: When processing is necessary for our legitimate business purposes, provided your rights and freedoms do not override our interests (e.g., fraud prevention, analytical improvements).
– Legal Obligation: Where we are required to comply with legal or regulatory obligations.
5. Your Rights
As a data subject, you may have the following rights, subject to verification and applicable legislation:
– Right of Access: Obtain a copy of your personal data being processed by us.
– Right to Rectification: Request correction of inaccurate or incomplete personal information.
– Right to Erasure: Ask us to erase your data where it is no longer necessary or where you withdraw consent.
– Right to Restriction: Request that we limit the processing of your personal data in certain situations.
– Right to Data Portability: Receive your data in a structured, commonly used format and transmit it to another controller.
– Right to Object: Object to processing, particularly in direct marketing or automated decision-making contexts.
– Right to Non-Discrimination: We will never discriminate against you for exercising your rights under the CCPA or GDPR.
To exercise any of these rights, please contact us using the contact details provided in section 13.
6. Security Measures
We implement robust technical and organizational measures to ensure your personal data is secure. These include:
– End-to-end encryption of all transactional and personal data.
– Strict access control and account-based role permissions.
– Regular system backups and real-time monitoring.
– Staff training programs focused on data protection best practices.
– Secure development protocols and vulnerability scanning.
7. International Transfers
If and when personal data is transferred outside your country of residence—including to jurisdictions that may not offer the same level of protection as your home jurisdiction—we ensure that appropriate safeguards are put in place. These include the use of European Commission-approved Standard Contractual Clauses and compliance with relevant cross-border privacy frameworks. We take steps to ensure any recipient organization is compliant with privacy obligations equivalent to those required under GDPR and CCPA.
8. Data Retention
We retain your personal data only for as long as is necessary for the purposes for which it was collected or as required by applicable laws. Specific retention periods include:
– Account and Profile Data: Retained while your account remains active and for six (6) years thereafter for compliance and audit purposes.
– Communication Data: Retained for three (3) years after the resolution of the inquiry or complaint.
– Transaction Data: Retained for seven (7) years in accordance with tax and financial regulations.
– Marketing Preference Data: Retained until you opt out or unsubscribe from our communications.
After these periods, personal data is securely deleted or anonymized.
9. Cookie Policy
Rusticbase.com uses cookies and similar tracking technologies to enhance user experience, analyze site usage, and tailor promotional content. These fall into the following categories:
– Essential Cookies: Necessary for website functionality, such as account access and secure checkouts.
– Functional Cookies: Enable personalization and enhanced features, such as remembering preferences.
– Performance Cookies: Collect anonymous user behavior data to monitor and improve website efficiency.
– Analytics Cookies: Employed by tools like Google Analytics to evaluate traffic patterns and user interaction.
10. Cookie Management and Compliance with GDPR & CCPA
Users based in the EU or California will encounter cookie consent banners upon visiting rusticbase.com for the first time. You may manage your cookie preferences at any time by accessing our Cookie Settings page or directly through your browser. Under the GDPR, we seek explicit consent for non-essential cookies. Under the CCPA, you may opt out of the “sale” of your personal data, including tracking technologies deemed part of this category.
11. Children’s Data
Rustic Base does not knowingly collect or solicit personal data from children under the age of 13. If we become aware that we have inadvertently obtained data from a child without verifiable parental consent, we will take immediate steps to delete such information. If you are a parent or guardian and believe your child has provided us with personal data, please contact us directly.
12. Policy Updates and User Notifications
We may revise this Privacy Policy from time to time to reflect changes in legal requirements, our practices, or technological advancements. Material changes will be communicated by reasonable means, such as messaging you through your account or posting a notice on rusticbase.com. Continued use of the site implies acceptance of any revised policies.
13. Contact
If you have questions, requests, or concerns relating to your privacy or this Privacy Policy, you may contact us at:
Email: [email protected]
Rustic Base is fully committed to complying with all applicable data privacy regulations. We encourage users to reach out with any inquiries about how their data is managed or to exercise their rights under relevant legislation.