GDPR – General Data Protection Regulation

Privacy Policy

Introduction

At Bookish Shirt, your privacy is a top priority. This Privacy Policy explains how we collect, process, and protect your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable privacy laws.

Data Protection Commitment

We are committed to protecting your personal information when you visit our website, make purchases, or interact with our services. This policy applies to all customers, including those from the European Union (EU) and European Economic Area (EEA).

How We Collect and Use Your Data

Information We Collect

When you use our website and services, we collect the following types of information:

• Contact Information: Name, email, shipping address
• Payment Information: Securely processed via authorized payment providers
• Order History and Preferences: Details about your purchases
• Website Usage Data: Information about your interactions with our site
• Communication Preferences: Your preferences for how we communicate with you

Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Contract Fulfillment: To process your orders and provide the services you request
• Legal Obligations: To comply with applicable laws and regulations
• Legitimate Business Interests: For the purpose of improving our services and business operations
• Your Explicit Consent: Where required, we will obtain your explicit consent for certain processing activities

Data Security Measures

We implement strong measures to safeguard your data:

• SSL Encryption: Secure transfer of data between your browser and our website
• Secure Payment Processing: Payments are processed through trusted and authorized providers
• Regular Security Audits: To identify and address vulnerabilities
• Restricted Access: Limited access to personal data to authorized personnel only
• Compliance: Adherence to the EU-US and Swiss-US Privacy Shield Frameworks for cross-border data transfers

Your Privacy Rights

Under GDPR, you have the right to:

• Access: Request a copy of your personal data
• Correction: Correct any inaccurate or incomplete data
• Deletion: Request the deletion of your personal data
• Objection: Object to certain types of data processing
• Data Portability: Request your personal data in a structured, machine-readable format
• Withdraw Consent: If consent was provided for processing, you can withdraw it at any time

International Data Transfers

If we transfer your data outside the EEA, we ensure:

• Appropriate Safeguards: Data transfers will be protected with the necessary safeguards
• GDPR Compliance: Our agreements with third parties comply with GDPR requirements
• Adequate Protection: Recipients of your data maintain standards in line with GDPR

Data Retention

We retain your personal data only as long as necessary to:

• Fulfill Business Purposes: Complete the transactions and services you’ve requested
• Comply with Legal Obligations: Meet any legal requirements
• Protect Against Fraud: Safeguard against any potential fraud
• Honor Deletion Requests: Fulfill your request for data deletion

Cookie Policy

We use cookies to:

• Improve Website Functionality: Enhance user experience
• Analyze Traffic: Understand how users interact with our site
• Personalize Content: Tailor content based on your preferences
• Remember Preferences: Store settings and choices you’ve made

You can control your cookie preferences via your browser settings. However, blocking cookies may affect your user experience.

Contact Us

If you have any privacy-related inquiries or would like to exercise your rights under GDPR, please contact us:

• Email: support@bookishshirt.com
• Response Time: We will respond within 30 days of your request

Updates to This Policy

We regularly review and update this Privacy Policy to ensure continued compliance with data protection laws. The latest update was made on [Insert Date].

Technical and Organizational Measures

We maintain robust security measures to protect your personal data, including:

• Regular Security Assessments: Continuous monitoring for vulnerabilities
• Employee Training: Ensuring staff are educated on data protection best practices
• Incident Response Procedures: Clear steps to address potential data breaches
• Processing Documentation: Detailed logs of all data processing activities
• Automated Compliance Tools: Tools to help ensure compliance with privacy laws

Commitment to Compliance

Bookish Shirt is dedicated to:

• Transparent Data Processing: Ensuring you are informed about how your data is used
• Regular Policy Updates: Keeping our privacy practices up to date
• Prompt Response to Privacy Requests: Addressing all privacy concerns efficiently
• Continuous Security Improvement: Ongoing enhancements to our data protection measures
• Customer Rights Protection: Safeguarding your rights under GDPR

For more details on our privacy practices or to exercise your rights, please contact our support team at support@bookishshirt.com.