Privacy Policy
1. Introduction
At JustLeftTheCloset.com, we are deeply committed to safeguarding your personal data and respecting your privacy. As a company guided by the principles of data minimization, transparency, and accountability, we adhere to the highest standards of data protection, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we collect, use, disclose, store, and secure your data when you use our website and services.
2. Scope of This Policy and Our Role as Data Controller
This Privacy Policy applies to all personal data processed through our website, located at justleftthecloset.com, and any associated services under our operational control. For purposes of GDPR and CCPA, JustLeftTheCloset.com operates as the data controller, meaning we determine the purposes and means of processing your personal data.
3. Categories of Data We Process
We collect and process the following categories of personal data, depending on your interaction with our website:
a. Usage Data
This includes information such as your IP address, browser type and version, geolocation, device identifiers, time and duration of visits, pages viewed, and navigation paths.
b. Account Data
When you create an account or make a purchase, we collect your full name, email address, telephone number, billing and shipping addresses, and date of account creation.
c. Profile Data
This includes information related to your interests, user preferences, product purchases, behavior on the site, product reviews, and any preferences you voluntarily store in your profile.
d. Communication Data
Includes communications you send to us (e.g., messages, emails, support requests), as well as contact history with customer service or other correspondence.
e. Technical Data
Information about the devices you use to access our site, such as operating system, hardware type, browser plugins, screen resolution, device ID, and diagnostic logs.
f. Transaction Data
Details relating to the purchase of products or services from us, including order history, payment method (tokenized where applicable), billing information, fulfillment, and delivery data.
g. Preference Data
Includes marketing preferences, interest in specific product categories, opt-in or opt-out indicators, and consent records relating to promotional communications.
4. Legal Bases for Data Processing
We process your personal data only where we have a lawful basis to do so. The legal grounds under the GDPR and CCPA include:
– Consent: When you provide us with your explicit permission to process your personal data for a specific purpose.
– Performance of a Contract: To fulfill our contractual obligations when you purchase products or services.
– Legal Obligation: To comply with our legal and regulatory requirements.
– Legitimate Interests: For purposes such as fraud prevention, improving our website, managing user relationships, and protecting our platform—provided such interests are not overridden by your privacy rights.
5. Your Rights as a Data Subject
You have the following rights regarding your personal data under GDPR and CCPA:
– Right of Access: You may request a copy of the personal data we hold about you.
– Right of Rectification: You may request correction of inaccurate or incomplete data.
– Right to Erasure: You have the right to request deletion of your personal data, subject to legal exceptions.
– Right to Restrict Processing: You may request that we temporarily restrict how we process your personal data.
– Right to Data Portability: You may request that we provide your data in a structured, commonly used, and machine-readable format.
– Right to Object: You may object to the processing of your data where we rely on legitimate interests.
– Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time.
– Right to Non-Discrimination: We will not discriminate against you for exercising your data rights under CCPA.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement robust organizational and technical safeguards to ensure the confidentiality, integrity, and availability of your data. These measures include:
– End-to-end encryption of sensitive data in transit and at rest
– Strict access controls and logged user activity
– Multi-factor authentication for administrative access
– Regular data backups and disaster recovery protocols
– Employee data protection training and awareness initiatives
7. International Data Transfers
Your personal data may be transferred to, and maintained on, servers located outside your jurisdiction. In such cases, we use appropriate legal safeguards—such as Standard Contractual Clauses approved by the European Commission and adherence to adequate protection frameworks—to protect your data in compliance with GDPR and other applicable laws.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. Specific retention periods include:
– Account and Profile Data: Retained for the duration of the user relationship and up to 2 years thereafter
– Transaction Data: Retained for 7 years for tax and audit purposes
– Communication Data: Retained for 3 years to manage support history
– Usage and Technical Data: Retained for 24 months for site analytics and security review
9. Cookie Policy
We use cookies and similar tracking technologies to collect and store certain information about your browsing behavior. These include:
– Essential Cookies: Necessary for website operation (e.g., session cookies)
– Functional Cookies: Enable personalized features such as language and regional settings
– Analytics Cookies: Help us understand how visitors interact with the site (e.g., Google Analytics)
– Performance Cookies: Improve performance and user experience (e.g., page load metrics)
10. Cookie Management and Compliance
Consent for non-essential cookies is obtained via a cookie management banner in accordance with GDPR and CCPA requirements. You may adjust your cookie preferences through the banner settings or via your browser controls. Disabling certain cookies may affect website functionality.
Do Not Track (DNT) signals are honored where supported.
11. Children’s Privacy
Our services are not directed to children under the age of 13, and we do not knowingly collect personal data from individuals in that age group. If we learn that we have collected personal data from a child under 13, we will take immediate steps to delete such data. Parents or legal guardians who believe their child has provided personal data may contact us at [email protected].
12. Changes to This Policy
We reserve the right to revise this Privacy Policy at our discretion to reflect changes in legal, technical, or business developments. In the event of any material changes, we will notify users through appropriate means, which may include a notice on the website or an email alert.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data protection practices, please reach out to us at:
Compliance Assurance
JustLeftTheCloset.com is committed to full compliance with GDPR, CCPA, and all other applicable data protection laws. We encourage you to contact us with any privacy-related concerns or to exercise your rights under this policy.