Privacy Policy
1. Introduction
LaSéptimaM.com (“we,” “us,” or “our”) is committed to safeguarding the privacy rights and personal data of its users. This Privacy Policy outlines our practices in collecting, using, disclosing, and protecting your personal information in accordance with applicable data protection laws, including the European Union’s General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
We recognize the importance of your privacy and are dedicated to transparency, accountability, and user empowerment in managing personal data. This policy is designed to help you understand your rights and how to exercise them.
2. Scope and Role of the Data Controller
This Privacy Policy applies to all visitors, users, and others who access the website https://laseptimam.com (“Site”). For the purpose of data protection laws, the data controller of your personal data is La Séptima M, reachable via [email protected].
By accessing or using our Site, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.
3. Categories of Personal Data Collected
We process the following categories of personal data, which may vary depending on your interactions with the Site:
a. Usage Data – Information about how you use the Site, including IP address, browser type and version, time zone setting, pages visited, clickstream data, session duration, and other diagnostic data.
b. Account Data – When you register for an account, we collect identifiers such as your full name, billing/shipping addresses, email address, telephone number, and other necessary contact details.
c. Profile Data – Information derived from your use of the Site that helps us build a profile of your interests, preferences, habits, browsing patterns, and purchase history.
d. Communication Data – Information you voluntarily submit to us when you contact customer support, make inquiries, provide feedback, or respond to surveys. This includes message contents and correspondence history.
e. Technical Data – Including device and network information such as your operating system, device type, mobile network, language settings, screen resolution, and system settings.
f. Transaction Data – Payment information (note we do not process card details directly but through secure third-party providers), billing status, delivery data, transaction logs, and related service details.
g. Preference Data – Records of your marketing preferences, consent flags, email subscription status, and information about products or services you are interested in.
4. Legal Bases for Processing Personal Data
We process your personal data lawfully, fairly, and transparently. The legal bases under which we process your data include:
– Consent: Where you have given explicit consent (e.g., for marketing communications).
– Contractual Necessity: To perform a contract with you or take steps at your request prior to entering into a contract (e.g., order fulfillment).
– Legitimate Interests: Where processing is necessary for our legitimate interests, such as improving the Site, preventing fraud, or ensuring network and information security.
– Legal Obligation: Where we are required to comply with a legal or regulatory obligation.
5. Your Data Protection Rights
Under GDPR and CCPA, you may have the following rights:
– Right of Access: You have the right to request copies of the personal information we hold about you.
– Right to Rectification: You can request correction of inaccurate or incomplete personal data.
– Right to Erasure: Under certain conditions, you may request deletion of your personal data (“right to be forgotten”).
– Right to Restrict Processing: You may request restricted processing of your personal information in specific circumstances.
– Right to Data Portability: You may request to receive your data in a structured, commonly used, machine-readable format or to have it transferred to another data controller.
To exercise any of these rights, please contact us at [email protected]. We may require verification of your identity before responding to a rights request.
6. Security Measures
We implement appropriate technical and organizational measures to protect the confidentiality, integrity, and availability of your personal data. These measures include:
– Data encryption during transfer and at rest;
– Restricted access to personal data on a need-to-know basis;
– Intrusion detection between internal systems;
– Periodic data security assessments and system audits;
– Secure system configurations and patch management;
– Staff training on data protection and privacy.
While we strive to use high levels of protection, no method of transmission over the Internet is 100% secure. By using laseptimam.com, you acknowledge this inherent risk.
7. International Data Transfers
Your information may be processed outside your country of residence, including in countries that may not offer the same level of protection as your jurisdiction. When we transfer personal data internationally, we do so in accordance with legal safeguards, such as:
– The European Commission’s Standard Contractual Clauses for non-EEA data recipients;
– Binding Corporate Rules where applicable;
– Requirements under CCPA regarding service provider contracts and privacy terms.
8. Data Retention
We retain your personal information only for as long as reasonably necessary for the purposes described in this policy or as required by law. Retention periods vary by data category:
– Usage and Technical Data: Up to 2 years from last activity;
– Account and Profile Data: Retained for as long as the account is active and up to 6 years thereafter for compliance purposes;
– Communication Data: 3 years after resolution;
– Transaction Data: 7 years for tax, accounting, and regulatory compliance;
– Preference Data: Retained until you change or withdraw your preferences.
After expiration of these periods, data is securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar tracking technologies on laseptimam.com to enhance user experience, analyze traffic, and ensure proper site functionality. Categories include:
– Essential Cookies: Required for core site functionality, authentication, and security.
– Functional Cookies: Enhance usability, save settings, and remember user preferences.
– Analytics Cookies: Help us understand user behavior through aggregate statistical reporting (e.g., Google Analytics).
– Performance Cookies: Help monitor technical performance and website loading consistency.
Cookies do not store sensitive personal data unless explicitly provided.
10. Cookie Management and Compliance
Upon arrival to the Site, you are presented with a cookie consent banner in accordance with GDPR and CCPA. You may:
– Opt-out of non-essential cookies directly from the banner;
– Adjust browser settings to reject or delete cookies;
– Revoke cookie consent at any time by visiting the Cookie Settings page on laseptimam.com.
We honor “Do Not Track” signals and Global Privacy Control (GPC) settings where legally required.
11. Children’s Data
La Séptima M does not knowingly collect or solicit information from children under the age of 13. If we learn that a child under 13 has provided us personal data without verified parental consent, we will promptly delete such information.
If you believe we might have any information from or about a child under 13, please contact us immediately at [email protected].
12. Changes to This Privacy Policy
We may amend this Privacy Policy from time to time in response to legal, technical, or business developments. When such changes occur, we will post the updated policy on laseptimam.com and, when material, may notify users by other appropriate means.
Continued use of the Site after modifications constitutes acceptance of the updated policy.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data handling practices, please contact us at:
Email: [email protected]
We are committed to resolving any privacy-related concerns swiftly and in accordance with applicable laws.
—
La Séptima M operates in full compliance with GDPR, CCPA, and other data protection regulations. To raise a concern or exercise your privacy rights, you may reach out to us anytime at [email protected].