Privacy Policy
SproutTrail (“we”, “our”, “us”) is firmly committed to protecting your privacy and upholding the highest standards in data security and transparency. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit or interact with our website, sprouttrail.com (the “Site”), and the rights available to you as a user under applicable data protection laws including the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA).
1. Commitment to Privacy and Data Protection
Your privacy is of paramount importance to us. We take a privacy-first approach to all personal data we process and are dedicated to ensuring that your personal information is handled lawfully, fairly, and in a transparent manner.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of our Site and related services. For the purposes of data protection laws, SproutTrail is the “data controller” of your personal data, meaning we determine the purposes and means of processing any personal data collected through sprouttrail.com.
If you have any questions regarding this policy or your personal data, please contact us at: [email protected].
3. Categories of Data We Process
We may collect and process the following categories of personal data depending on your interactions with the Site:
a) Usage Data
Includes information about your browsing activity on sprouttrail.com such as IP address, browser type, pages visited, referring URLs, time stamps, and session durations.
b) Account Data
Includes personal identifiers provided when you create or manage an account, such as full name, email address, residential or shipping address, and telephone number.
c) Profile Data
Includes user-generated content and preferences such as purchase history, behavioral analytics, language choice, and interface customization.
d) Communication Data
Includes content of correspondence between you and us, including customer service inquiries, support ticket logs, contact form entries, and call notes.
e) Technical Data
Comprises data related to your device and system configurations, such as device model, operating system version, browser plugins, and screen resolution.
f) Transaction Data
Includes order details, payment history, billing information, delivery data, and tax or invoice documentation.
g) Preference Data
Includes information regarding your consent to receive marketing communications, promotional preferences, and choice of product categories.
4. Legal Bases for Processing
We rely on the following legal bases for processing your personal data under GDPR and related privacy frameworks:
– Consent: When you have provided clear and affirmative consent for us to process your personal data for specific purposes (e.g., for marketing communications).
– Contractual Obligation: When processing is necessary to fulfill a contract with you or to take pre-contractual measures at your request (e.g., to process orders or manage your account).
– Legal Compliance: When processing is necessary to comply with a legal obligation, such as tax or accounting requirements.
– Legitimate Interests: When processing is necessary for our legitimate business interests (e.g., website improvement, fraud prevention), provided your rights do not override those interests.
5. Your Rights
As a user located in a jurisdiction covered by the GDPR or CCPA, you are entitled to:
– Right of Access: Obtain confirmation as to whether we process your data and, if so, access that data and the purposes of processing.
– Right to Rectification: Request correction of inaccurate or incomplete personal data.
– Right to Erasure (“Right to Be Forgotten”): Request deletion of your data, subject to legal limitations.
– Right to Restriction of Processing: Request we limit processing under specific circumstances.
– Right to Data Portability: Receive personal data you have provided in a structured, commonly used format for transmission to another controller.
– Right to Object: Object to specific forms of processing such as direct marketing or profiling.
– Right to Withdraw Consent: If processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior activities.
For California residents, additional rights under CCPA include the right to opt-out of the sale of personal information and the right to non-discrimination for exercising your privacy rights.
To exercise your rights, please contact us at: [email protected].
6. Security Measures
We employ robust technical and organizational security measures to ensure the confidentiality, integrity, and availability of your data, including but not limited to:
– Encrypted data transmission using SSL/TLS protocols;
– Secure access controls and authentication mechanisms;
– Regular system backups and disaster recovery plans;
– Restricted access to personal data on a need-to-know basis;
– Internal staff training on data protection and privacy.
7. International Transfers
Your personal data may be transferred to and processed in countries outside of your country of residence, including those without an adequate level of data protection. In such cases, we implement appropriate data safeguards, such as Standard Contractual Clauses (SCCs) approved by the European Commission or comply with applicable regional data protection regulations.
8. Data Retention
Personal data will be retained only for as long as necessary to fulfill the purposes outlined in this policy or as required by law. Specific retention periods by category include:
– Usage Data: up to 12 months;
– Account Data: up to 5 years after last interaction;
– Transaction and Payment Data: at least 7 years for tax compliance;
– Communication Data: up to 3 years for support history auditing;
– Marketing Preferences: until consent is withdrawn.
Once the retention period expires, your data will be securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar tracking technologies to enhance your experience and improve our services. The types of cookies used on sprouttrail.com include:
– Essential Cookies: Required for website operation (e.g., login authentication, cart management);
– Functional Cookies: Improve site usability by remembering preferences;
– Analytics Cookies: Help us analyze website traffic and user behavior (e.g., Google Analytics);
– Performance Cookies: Optimize site speed and performance.
10. Cookie Management and Compliance
You can manage or revoke your cookie consents through the cookie banner or under your browser settings. Our use of cookies aligns with GDPR and CCPA compliance standards. For example, we request prior consent where required before setting non-essential cookies and honor global opt-out preferences where supported.
11. Children’s Privacy
SproutTrail does not knowingly collect personal information from children under the age of 13. If we become aware that such data has been collected inadvertently, we will take steps to delete it as soon as reasonably possible. Parents or legal guardians who believe their child has provided us with their data may contact us at [email protected] to request its removal.
12. Policy Updates
We reserve the right to update this Privacy Policy from time to time to reflect changes in legal, technological, or business conditions. Any changes will be published on this page. Where required by law, you will be informed of material updates and provided an opportunity to review and consent to changes as appropriate.
13. Contact
For any questions, concerns, or requests related to your personal data or this Privacy Policy, please contact:
SproutTrail
Email: [email protected]
Website: https://www.sprouttrail.com
We are committed to upholding your rights and ensuring that your personal data is handled responsibly and in compliance with global data protection laws. If you have any concerns about our data practices, please reach out to our team.