Privacy Policy
Scope
This Privacy Policy explains how Eiderfield Conservatory (“we”, “our”, “us”) collects, uses, and protects personal information across our website, seasonal order forms, and direct communications with clients and partners.
Compliance and Data Protection
At Eiderfield Conservatory, we are committed to ensuring full compliance with all applicable laws and regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We prioritize the protection of your data and privacy, implementing industry-standard security measures to safeguard your personal information.
Data Collection and Usage
We collect, store, and process personal information strictly in accordance with legal requirements and ethical standards. Our data-handling practices are regularly reviewed to maintain compliance with evolving regulations and industry best practices.
Transparency and Accountability
Transparency is at the core of our operations. We clearly outline how your data is collected, used, and stored. Our policies reflect our ongoing efforts to maintain compliance and accountability.
User Rights and Choices
As part of our commitment to compliance, we respect your rights to access, update, and delete your personal information. You can request data modifications or removals by contacting us at hello@eiderfield.local.
Lawful Bases
We process personal information on the following lawful bases: performance of a contract (e.g., fulfilling an order), legitimate interests (e.g., keeping a short record of deliveries), consent (e.g., receiving seasonal sheets), and compliance with legal obligations (e.g., tax and accounting rules).
Information We Collect
Typical data includes your name, business details, email address, phone number, delivery preferences, order history, and any notes you choose to provide about timing, access, or handling instructions.
How We Use Information
We use information to confirm small lots, schedule a cool pickup, issue invoices or receipts, and send explicit updates you asked for (like seasonal availability). We do not sell personal data or run third-party advertising.
Data Minimization
We only collect the minimum data needed to provide our services. If a field is not required for confirmation, delivery, or compliance, we do not store it.
Retention
Operational records are kept only as long as necessary for business, legal, or accounting purposes. Routine reviews ensure older data is archived or securely deleted when it is no longer required.
Security Measures
We apply layered security: account access controls, device encryption, limited internal permissions, and regular software updates. Backups are protected in transit and at rest.
Cookies & Tracking
Our website uses only essential cookies for basic functionality (e.g., remembering navigation state). We do not use third-party tracking pixels or interest-based advertising cookies.
Third-Party Processors
Where we rely on service providers (for example, secure email or invoicing tools), they act under contract, follow our instructions, and implement appropriate technical and organizational measures.
International Transfers
If personal data is transferred outside your jurisdiction, we use recognized safeguards (such as standard contractual clauses) to protect the information according to applicable law.
Children’s Data
Our services are intended for business customers and adults. We do not knowingly collect personal information from children. If you believe a child has provided data, contact us to remove it.
Your Requests
To access, correct, delete, or port your data—or to object to processing—email hello@eiderfield.local. We will verify your request and respond within the applicable legal timeframe.
Changes to This Policy
We may update this Privacy Policy from time to time to reflect operational, legal, or regulatory changes. The “Last updated” date will be adjusted accordingly. Material changes will be communicated through our usual channels.
Last updated: