Privacy Policy
1. Introduction: Our Commitment to Your Privacy
At kandvbake.com (“we”, “our”, or “us”), we are committed to safeguarding your personal data and respecting your privacy. We recognize the importance of protecting the personal information of users (“you”, “your”) who interact with our website and services. Our practices align with the principles established by the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), with a privacy-first approach at the core of our policies.
We strive to process your data transparently, lawfully, and securely. This Privacy Policy outlines how we collect, use, store, and share your information, as well as your rights and choices concerning your personal data.
2. Scope of This Policy & Data Controller Role
This Privacy Policy applies to all users who access or interact with kandvbake.com, including through direct site visits, purchases, contact requests, or newsletter subscriptions.
For the purposes of applicable data protection laws, we act as the “data controller” of your personal data. This means we determine the purposes and means of processing your personal information.
Should you have any questions about this policy or your data, you may contact us at: [email protected].
3. Categories of Personal Data We Process
We collect and process several categories of personal data, including:
a. Usage Data
Includes information about your interaction with our website, such as IP address, browser type, session duration, pages visited, referral URLs, access times, and location data inferred from device IP.
b. Account Data
Includes data you provide when setting up an account or placing an order, including your full name, billing and shipping address, email address, and phone number.
c. Profile Data
Includes your product preferences, order history, saved items, and behavioral activity while browsing kandvbake.com.
d. Communication Data
Includes communications you’ve sent or received through our support channels, request forms, or email correspondence. This may include metadata associated with your requests.
e. Technical Data
Includes your device identifiers, operating system, browser specifications, system configuration settings, and mobile device data, if applicable.
f. Transaction Data
Includes your payment details (which are processed securely via third-party providers), order records, shipping logistics, and fulfilment status related to your purchases on kandvbake.com.
g. Preference Data
Includes your marketing preferences, informed consents or rejections for promotional messaging, and interests in specific types of products or services.
4. Legal Bases for Processing
We only process your personal data where there is a lawful basis for doing so under GDPR and CCPA frameworks, including:
– Consent: where you have explicitly consented to the use of your data (e.g. subscribing to newsletters).
– Contract: where processing is required for the performance of a contract with you (e.g. processing and delivering an order).
– Legitimate Interest: where the processing is necessary for our legitimate interests and does not override your rights (e.g. fraud prevention, website security).
– Legal Obligation: where processing is required to fulfill our legal obligations (e.g. tax and accounting responsibilities).
5. Your Rights
Subject to applicable data protection laws, you have the right to:
– Access: Request access to the personal data we hold about you.
– Rectification: Request correction or update of inaccurate or incomplete data.
– Erasure: Request deletion of your personal data, subject to retention exceptions.
– Restriction of Processing: Request limitations on how we use your data under certain conditions.
– Data Portability: Receive personal data you have provided in a structured, commonly used format and transmit it to another controller.
– Object: Object to processing carried out on the basis of legitimate interests or for direct marketing purposes.
To exercise any of these rights, please contact us at: [email protected].
6. Security Measures
We implement rigorous technical and organizational measures to protect your data, including:
– Encrypted communications using TLS/SSL protocols
– Role-based access controls and account authentication safeguards
– Regular data backups and data integrity monitoring
– Employee training on data security and breach prevention
While no system is entirely immune to risks, we regularly assess and improve our security strategy to ensure reasonable protection of your personal information.
7. International Transfers
If your personal data is transferred outside the European Economic Area (EEA) or California, we ensure an adequate level of data protection through:
– Standard Contractual Clauses approved by the European Commission
– Binding corporate rules and third-party processor compliance mechanisms, where applicable
Such transfers are made only to jurisdictions that ensure adequate protection in line with GDPR and CCPA standards.
8. Data Retention
We retain your personal data only as long as necessary for the purposes for which it was collected, including to comply with legal, accounting, or reporting obligations.
Indicative retention periods include:
– Account and Transaction Data: 7 years (for compliance and recordkeeping)
– Communications and Support Data: 2 years
– Marketing and Preference Data: Until you withdraw consent or opt out
– Usage and Technical Data: up to 26 months for analytics and website optimization
After expiration of retention periods, data is securely deleted or fully anonymized.
9. Cookie Policy
kandvbake.com uses cookies and similar technologies to enhance user experience, understand website usage, and provide personalized services. Cookies used include:
– Essential Cookies: required for the operation of our website (e.g. shopping cart functionality)
– Functional Cookies: enhance your user experience (e.g. remembering preferences)
– Analytics Cookies: collect usage statistics to help us improve the site (e.g. Google Analytics)
– Performance Cookies: monitor the effectiveness of our advertising and loading speed
10. Cookie Management & Compliance
Upon your first visit to kandvbake.com, you will be presented with a cookie consent banner allowing you to accept or manage your cookie preferences in accordance with the GDPR and CCPA.
You can manage or revoke your cookie preferences at any time via your browser settings or by using the cookie management tool available on our website.
Under CCPA, residents of California may also opt-out of the sale of personal information where applicable, by clicking the “Do Not Sell My Personal Information” link, if such selling occurs.
11. Children’s Privacy
kandvbake.com does not knowingly collect or solicit personal data from children under the age of 13. If you believe a child has provided us with personal information without proper parental consent, please contact us at [email protected], and we will take prompt actions to delete such data.
12. Policy Updates
We reserve the right to amend this Privacy Policy to reflect changes in legal requirements, operational needs, or our data handling practices. If material changes are made, we will post a notice on kandvbake.com and, where legally required, seek your consent or provide advance notice.
You are encouraged to periodically review this Privacy Policy to remain informed on how we protect your information.
13. Contact Us
For any questions concerning this Privacy Policy, your personal data, or to exercise your rights, please contact us at:
Email: [email protected]
Website: https://kandvbake.com
We are committed to ensuring your privacy rights are respected and protected. Thank you for trusting us with your personal data.