PRIVACY POLICY
At Books Personally (“we”, “us”, or “our”), accessible via bookspersonally.com (“Website”), we are committed to protecting your personal data and respecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and safeguard personal information in accordance with applicable privacy regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We value the trust you place in us and are dedicated to processing your personal information lawfully, fairly, and transparently.
1. Introduction
Books Personally upholds the highest standards of data protection and privacy. We are committed to handling your personal information responsibly and in compliance with applicable data protection laws. Our operations are guided by a privacy-first design philosophy that prioritizes integrity, security, and transparency.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data collected from users of the Website in connection with the services we offer. Books Personally, operating at bookspersonally.com, acts as the data controller with respect to your personal data. As such, we determine the purposes and means of processing your personal information.
3. Categories of Data We Process
We may collect and process the following categories of personal data:
3.1 Usage Data
Information about how you use our Website, including your IP address, browser type, device ID, geographical location, referring URLs, session duration, and interaction data with webpages and features.
3.2 Account Data
Information you provide when you register an account, such as your name, email address, postal address, and telephone number.
3.3 Profile Data
Your user preferences, reading behavior, product or content interests, purchase history, and any personalization settings you apply to your profile.
3.4 Communication Data
Records of correspondence through support tickets, emails, contact forms, or other communication channels, as well as customer service interactions, surveys, or queries submitted to us.
3.5 Technical Data
Device and system information, including operating system versions, app settings, hardware models, time zone settings, language preferences, and diagnostic data.
3.6 Transaction Data
Details related to purchases made on bookspersonally.com, including billing and shipping information, payment method (note: we do not store complete credit card numbers), order confirmations, and delivery tracking.
3.7 Preference Data
Marketing preferences, opt-in consents, product notification subscriptions, and user choices regarding the receipt of communications from us.
4. Legal Bases for Processing Personal Data
We rely on several lawful bases to process your data under GDPR:
– Consent: When you provide explicit opt-in consent (e.g., for marketing communications).
– Performance of a Contract: When processing is necessary to fulfill our contractual obligations to you (e.g., processing orders).
– Legal Obligation: When required for compliance with applicable laws (e.g., tax or regulatory compliance).
– Legitimate Interests: For the purpose of improving site performance, user experience, detecting fraud, securing our systems, or analyzing website usage, provided such processing does not override your fundamental rights and freedoms.
5. Your Data Protection Rights
Under GDPR and CCPA (if applicable), you have several data subject rights. These include:
– Right of Access: You have the right to request access to your personal data we hold.
– Right to Rectification: You may correct or update any incomplete or inaccurate personal data.
– Right to Erasure: You may request the deletion of your personal data, subject to legal and contractual restrictions.
– Right to Restrict Processing: You may restrict how we process your data in certain circumstances.
– Right to Data Portability: You have the right to receive your data in a structured, commonly used format and, where technically feasible, to have it transferred directly to another controller.
– Right to Object: You may object to certain types of data processing, including marketing.
– Right Not to Be Subject to Automated Decision-Making: We do not engage in profiling or automated decisions with legal or similarly significant effects.
– California Resident Rights: Under the CCPA, California consumers may also request disclosures regarding categories of personal information collected, sources, business purposes, third parties shared with, and the specific personal information collected about them.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We have implemented technical and organizational security measures to safeguard personal information from unauthorized access, disclosure, alteration, or destruction. These measures include:
– SSL/TLS encryption during data transmission;
– Restricted access to data storage systems;
– Role-based user access management and logging;
– Regular data backups and disaster recovery planning;
– Staff training in cybersecurity and privacy compliance protocols.
7. International Data Transfers
As we may process or transfer your personal data to countries outside of your jurisdiction (including countries outside the European Economic Area), we ensure appropriate safeguards are in place. These safeguards include:
– Standard Contractual Clauses (SCCs) approved by the European Commission;
– Binding corporate rules or privacy frameworks recognized by data protection authorities; and
– Partnering with service providers that demonstrably comply with GDPR or equivalent standards.
8. Data Retention
We retain personal data only as long as necessary to fulfill the purposes for which it was collected, and to comply with legal, tax, and regulatory requirements. Retention periods are as follows:
– Usage and Technical Data: up to 12 months from collection;
– Account and Profile Data: retained for as long as the user maintains an account and up to 6 months post deletion;
– Transaction Data: retained for 7 years for accounting and legal purposes;
– Communication Data: stored for 36 months from last interaction;
– Preference Data: stored indefinitely unless withdrawn or updated.
Upon expiration of these timelines, data is securely deleted or anonymized where possible.
9. Cookie Policy
We use cookies and similar tracking technologies to enhance your browsing experience. The types of cookies include:
– Essential Cookies: Necessary for Website functionality, such as security and authentication;
– Functional Cookies: Remember your preferences and enable customized content;
– Analytics Cookies: Help us understand user behavior and improve website performance;
– Performance Cookies: Measure website usage and traffic sources to optimize performance.
10. Cookie Management and Compliance
In compliance with GDPR and CCPA, we provide users with full control over cookie preferences. On first visit and at any time thereafter, you may manage or withdraw your cookie consent via our cookie banner or settings page. We respect “Do Not Track” signals and also offer opt-outs for third-party services where applicable.
11. Children’s Privacy
Our Website is not intended for children under the age of 13. We do not knowingly collect personal data from children without verified parental consent. If we become aware that information has been inadvertently collected from a child under that age, we will take appropriate steps to delete it.
12. Policy Updates
This Privacy Policy may be updated periodically to reflect changes in legal obligations or practices. If material changes are made, we will notify you by prominent notice on bookspersonally.com or via other appropriate communication methods. We encourage you to review this policy regularly.
13. Contact Us
If you have any questions about this Privacy Policy, your personal data, or wish to exercise your rights, you may contact us at:
We are committed to full compliance with global privacy standards and strive to address all inquiries and concerns promptly. You may reach out to us at any time regarding data privacy matters.
