Privacy Policy - Canvas MOON

At Canvas Moon (canvas-moon.com), we are committed to protecting and respecting your privacy. We recognize your right to privacy and are dedicated to maintaining robust data protection practices to ensure the safety, integrity, and lawful processing of your personal data. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

1. Introduction

We deeply value the trust you place in us by sharing your personal data. In keeping with a privacy-first approach, Canvas Moon limits the collection and use of your information to only what is necessary to provide a high-quality online experience while fully respecting your rights to data privacy and control.

2. Scope of Policy and Data Controller Role

This Privacy Policy applies to all users of the website canvas-moon.com and all services offered therein. Canvas Moon acts as the data controller in relation to the personal data collected through this website. This means that Canvas Moon determines the purposes and methods of processing personal data submitted or automatically collected through our website and associated services.

If you have any questions or concerns about this policy or how your data is handled, please contact us at [email protected].

3. Categories of Data Processed

We collect the following categories of personal data to deliver and improve our services, to communicate with you, and to comply with legal obligations.

– Usage Data:
Includes your IP address, browser type, device identifiers, operating system, referral sources, page views, session duration, and interactions with the website.

– Account Data:
Includes full name, billing and shipping addresses, email address, and phone number provided when creating an account or placing an order.

– Profile Data:
Includes your interests, purchase history, behavioral data, and saved preferences.

– Communication Data:
Includes your contact history with our support team, including emails, messages submitted via forms, and any customer service records.

– Technical Data:
Includes internet connection details, device type, timezone settings, browser plug-in types and versions, screen resolution, and other system configuration details.

– Transaction Data:
Includes payment method, partial payment card details (never full card numbers), transaction ID, and shipping information.

– Preference Data:
Includes marketing communications preferences, consent status, and product interest insights collected through cookies or directly entered by you.

4. Legal Bases for Processing

We process personal data under the following legal grounds, as permitted by data protection laws:

– Consent:
When you voluntarily provide data or opt in to marketing communications, we rely on your explicit consent.

– Contractual Necessity:
Processing necessary to fulfill a contract with you, including order fulfillment, customer service, and account management.

– Legitimate Interests:
For enhancing website functionality, securing our platform, conducting analytics, and improving our products, provided such interests are not overridden by your rights and freedoms.

– Legal Obligation:
Where processing is required to comply with legal and regulatory obligations, such as fraud detection and tax reporting.

5. Your Rights

In accordance with GDPR and CCPA, you have the following rights with respect to your personal data:

– Right of Access:
You may request access to the personal data we hold about you.

– Right of Rectification:
You may request correction or updates to any inaccurate or incomplete data.

– Right of Erasure:
You may request deletion of your personal data, subject to applicable legal exceptions.

– Right to Restrict Processing:
You may request restriction of processing if you contest its accuracy or legality.

– Right to Data Portability:
You may request to receive your data in a structured, commonly used and machine-readable format or have it sent to another controller.

To exercise any of the above rights, you may contact us at [email protected].

6. Security Measures

Your data is stored and processed using industry-standard security protocols and organizational safeguards, including but not limited to:

– Encryption of data in transit and at rest
– Access restrictions and authentication controls
– Regular data backups and secure storage environments
– Comprehensive employee training and onboarding with privacy principles

While we strive to protect your information using these measures, no system can be guaranteed 100% secure. Users are encouraged to practice safe online behavior and report any suspicious activity related to their accounts.

7. International Transfers

When transferring personal data outside the European Economic Area (EEA) or other applicable regions, we ensure such transfers are legally compliant through the use of Standard Contractual Clauses, adequacy decisions, or other suitable safeguards. This includes transfers to service providers and partners in jurisdictions that do not provide an adequate level of data protection by default.

8. Data Retention

We retain personal data only as long as necessary for the purposes described in this policy or as required by law. Retention periods vary depending on the category:

– Account and Transaction Data: retained for 7 years to meet tax and legal obligations.
– Communication Data: kept for 2 years from last contact.
– Usage and Technical Data: retained for up to 24 months for analytics and performance.
– Marketing Preferences: retained until consent is withdrawn.

At the conclusion of retention periods, data is securely deleted or anonymized.

9. Cookie Policy

Canvas Moon uses cookies and similar technologies to enhance your experience, provide analytics, and deliver personalized content. We categorize our cookies as follows:

– Essential Cookies:
Required for proper website functionality, such as session management and cart functionality.

– Functional Cookies:
Remember your preferences or login credentials to improve usability.

– Analytics Cookies:
Collect anonymous data on user behavior to help us understand engagement and improve the platform.

– Performance Cookies:
Measure site speed, page load times, and other performance indicators.

You can manage your cookie preferences at any time through our site’s cookie consent interface or by adjusting browser settings.

10. Cookie Management and Legal Compliance

In compliance with GDPR and CCPA, we seek affirmative, informed consent prior to placing non-essential cookies on your device. You may withdraw consent or update your preferences at any time. Under CCPA, you may opt out of the “sale” of your personal information. While Canvas Moon does not sell data in the traditional sense, certain tracking technologies may constitute a “sale” under California law. Users can opt out of such data processing through our site’s privacy settings or by contacting [email protected].

11. Children’s Data

Canvas Moon does not knowingly collect data from individuals under the age of 13. Our services are not directed toward children under 13. If you believe we have collected personal data from a child, please contact us immediately at [email protected], and we will take prompt action to delete such data.

12. Policy Updates and Changes

We may update this Privacy Policy periodically to reflect changes in applicable law, our business model, or new data processing activities. Users will be notified of material updates through website notifications or direct communication channels, where feasible. Continued use of the website after any updates constitutes acceptance of the revised policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:

Email: [email protected]
Website: https://canvas-moon.com

Canvas Moon is committed to maintaining full compliance with GDPR, CCPA, and other relevant privacy regulations. Your privacy is of paramount importance. Please do not hesitate to reach out if you have any concerns regarding how your personal data is collected, used, or protected.