Privacy Policy & Cookie Information

Effective Date: January 1, 2021

By Rebecca Goddard ("we", "us", "our") operates byrebeccagoddard.com (the "website", "service", "webshop"). This Privacy Policy explains how we collect, use, and protect your personal data, in compliance with the General Data Protection Regulation (GDPR) and other applicable laws.

1. Data We Collect

When you visit our website, we may collect the following personal data:

  • Identity & Contact Data: Name, email address, shipping address, phone number.

  • Transaction Data: Purchase history, payment details (processed securely by third parties).

  • Technical Data: IP address, browser type, operating system, device type, location data (if allowed).

  • Usage Data: Pages visited, time on site, interaction history.

  • Marketing Preferences: Newsletter subscriptions, wishlist items, waitlist sign-ups.

2. Legal Basis for Processing Data (GDPR Compliance)

We process your personal data under these lawful bases:

  • Contractual Obligation: To process purchases, fulfill orders, and provide customer support.

  • Legitimate Interest: To analyze website performance and improve user experience.

  • Consent: For email marketing, cookies, and waitlist notifications (you can withdraw consent at any time).

  • Legal Compliance: To meet tax, accounting, and fraud prevention obligations.

3. How We Use Your Data

We use your data for the following purposes:

  • Order Fulfillment & Customer Support: To process purchases, ship products, and respond to inquiries.

  • Marketing & Communications: Sending newsletters, product updates, and promotional offers (only with your consent).

  • Website Improvement & Analytics: Monitoring site traffic and engagement to enhance user experience.

  • Legal & Security Compliance: Fraud prevention, dispute resolution, and compliance with applicable laws.

4. Your Rights Under GDPR

Under the General Data Protection Regulation (GDPR), you have the right to:

  • Access: Request a copy of your personal data.

  • Rectify: Correct any inaccurate or incomplete data.

  • Erase ("Right to Be Forgotten"): Request deletion of your data.

  • Restrict Processing: Limit how we use your data.

  • Data Portability: Request a copy of your data in a structured format.

  • Object: Withdraw consent for marketing or profiling.

  • Not Be Subject to Automated Decision-Making: We do not use AI-driven decision-making that affects users.

  • Lodge a Complaint: File a complaint with your local Data Protection Authority (DPA).

To exercise your rights, contact us at: info@byrebeccagoddard.com

5. Data Retention Policy

We retain personal data only as long as necessary, based on the following:

  • Order & Transaction Data: Retained for up to 7 years for tax and legal reasons.

  • Marketing Data: Retained until you unsubscribe.

  • Inactive Accounts: Data is deleted after 2 years of inactivity.

  • Legal Compliance: Retained as required by law (e.g., fraud prevention, disputes).

After the retention period, data is securely deleted or anonymized.

6. Third-Party Processors & International Transfers

We work with third-party providers for payments, analytics, and marketing. These providers may process data outside the EU/EEA, but we ensure legal safeguards such as Standard Contractual Clauses (SCCs) or Data Privacy Frameworks.

  • Website Hosting: Squarespace

  • Payments: Stripe, ApplePay

  • Analytics: Google Analytics

  • Marketing: Mailchimp, GoogleWorkspace

These providers process data under their own privacy policies.

7. Cookies & Tracking Technologies

We use cookies to:

  • Enhance website performance and personalize user experience.

  • Track site usage (Google Analytics, performance monitoring).

  • Enable marketing and retargeting (if you opt in).

Your Cookie Choices:

  • Consent Banner: You can accept, reject, or customize cookies via our website banner.

  • Browser Settings: You can disable cookies manually in your browser settings.

To learn more about cookies and the ways we use them, visit our Cookie GDPR page, [click here].

8. External Links & Third-Party Websites

Our website may contain links to third-party websites. Clicking on these links may allow third parties to collect or share your data.

We are not responsible for the privacy policies of external sites. Please read their policies before providing any personal data.

9. Data Security Measures

We use industry-standard encryption, firewalls, and access controls to protect your data. However, no method of online transmission is 100% secure, so we encourage users to take additional precautions (e.g., using strong passwords).

10. Contact Information & Complaints

If you have concerns about data privacy, you have the right to file a complaint with your local Data Protection Authority (DPA).

Rebecca Elaine Goddard
Ludwigsvorstadt-Isarvorstadt, 80469 Munich, Germany
info@byrebeccagoddard.com

Supervisory Authority:
Federal Commissioner for Data Protection and Freedom of Information (BfDI)
Bundesbeauftragter für den Datenschutz und die Informationsfreiheit
Email: poststelle@bfdi.bund.de
Website: www.bfdi.bund.de

11. Policy Updates & Changes

We may update this Privacy Policy from time to time. If changes are significant, we will notify users via email or website banner.

Last Updated: February 2025