Privacy Policy
1. Introduction
At Little Star Writing (“we,” “us,” or “our”), accessible through littlestarwriting.com (“Website”), we are committed to protecting the privacy and personal information of our users. We believe in a privacy-first approach and strive to handle your data with care, transparency, and in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we collect, use, and safeguard your personal data when you access or interact with the Website.
2. Scope of Policy and Data Controller Role
This Privacy Policy governs the processing of personal data collected from website users, customers, and other individuals who interact with littlestarwriting.com. For the purposes of data protection legislation, Little Star Writing is the data controller of the personal data you provide to us. If you have questions or concerns regarding your data, our designated contact is available at [email protected].
3. Categories of Data Processed
We collect and process the following categories of personal data:
a. Usage Data
Information about how you access and use the Website, including IP address, browser type and version, operating system, referral source, pages visited, and interaction timestamps.
b. Account Data
Information you provide when registering or updating your account, including name, postal address, email address, and telephone number.
c. Profile Data
Details relating to your personal preferences, purchase history, interests, feedback, and engagement with our content or products.
d. Communication Data
Records of correspondence sent or received, including support queries, messages via the Website or email, and communication logs.
e. Technical Data
Data relating to your device and system configuration, such as device identifiers, operating system, screen resolution, language and timezone settings.
f. Transaction Data
Information associated with your purchases or financial transactions, including payment processing details, invoicing, and delivery logistics.
g. Preference Data
Marketing permissions, event participation, opt-in/opt-out settings, and any preferences expressed regarding product offerings or communications.
4. Legal Bases for Processing
Under GDPR, we rely on the following legal grounds for processing your personal data:
– Contractual Necessity: To fulfill our obligations to you under our terms of service or when you initiate a transaction with us.
– Legitimate Interests: For purposes such as improving our services, securing the Website, and conducting analytics, where such interests are not overridden by your fundamental rights and freedoms.
– Consent: For sending marketing communications or processing certain sensitive data, where explicit consent is required.
– Legal Obligation: Where processing is necessary to comply with legal obligations, such as taxation or regulatory requirements.
5. Your Rights
Depending on your jurisdiction, you have the following rights in relation to your personal data:
– Right of Access: Request confirmation that your data is being processed and obtain a copy of that data.
– Right to Rectification: Request correction of inaccurate or incomplete personal data.
– Right to Erasure: Request the deletion of your data where legally permissible.
– Right to Restriction: Request limitation of how we process your data in certain circumstances.
– Right to Data Portability: Request your data in a structured, commonly used, and machine-readable format, or for it to be transferred to a third party.
To exercise any of your rights, please contact us at [email protected].
6. Security Measures
We take the security of your data seriously and employ a range of technologies and operational procedures to protect it. Measures include:
– Encryption of personal data at rest and in transit
– Access control systems with strict authorization protocols
– Routine data backups and business continuity procedures
– Staff training on data protection and handling practices
7. International Transfers
If your data is transferred outside the European Economic Area (EEA) or other jurisdictions with differing data protection laws, we ensure that such transfers are subject to appropriate safeguards. These include the use of Standard Contractual Clauses, Privacy Shield certifications (where applicable), or data transfer agreements that ensure the data is protected in accordance with applicable laws.
8. Data Retention
We retain personal data only as long as necessary for the purposes for which it was collected:
– Account Data: Retained while the account remains active and for a period following closure to comply with legal obligations.
– Transaction Data: Retained for a minimum of seven years for audit and tax purposes.
– Communication Data: Retained for up to five years or longer where necessary for dispute resolution or legal compliance.
– Preference and Marketing Data: Retained until consent is withdrawn or after a period of subscriber inactivity (up to three years, subject to periodic review).
9. Cookie Policy
We use cookies and similar tracking technologies to enhance user experience on littlestarwriting.com. These include:
– Essential Cookies: Required for core functionality such as authentication and session management.
– Functional Cookies: Enhance performance by remembering user preferences and settings.
– Analytics Cookies: Help us understand user behavior and website performance (e.g., Google Analytics).
– Performance Cookies: Facilitate diagnostic information and usage metrics to improve site functionality.
Cookies may be session-based (deleted when the browser is closed) or persistent (stored until expiry or manual deletion).
10. Cookie Management and Compliance
Upon your first visit to our Website, a cookie banner will prompt for consent where required by GDPR and CCPA. You may manage your cookie preferences at any time via the cookie settings link on our site or through your web browser settings. Users in the EEA and California will see appropriate notices and options to opt-out or limit data collection, including “Do Not Sell My Personal Information” links where applicable.
11. Special Protections for Children
Our Website is not directed to individuals under the age of 13, and we do not knowingly collect personal information from children. If we become aware that personal data has been collected from a child under 13 without verified parental consent, we will take steps to delete such data promptly. If you believe we may have collected such information, please contact us at [email protected].
12. Policy Updates and User Notifications
We reserve the right to update or amend this Privacy Policy from time to time. Any material changes will be posted on this page and, where appropriate, notified to you via email or site notification. Continued use of littlestarwriting.com after such updates constitutes your agreement to the revised terms.
13. Contact
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact:
Little Star Writing
Email: [email protected]
Website: littlestarwriting.com
We are committed to upholding the highest standards of data protection and privacy compliance. You may reach out to us at any time with concerns about your data rights and security.