Privacy Policy for themouthofghosts.com

1. Introduction

The Mouth of Ghosts (“we,” “us,” or “our”) is fully committed to protecting and respecting your privacy. This Privacy Policy outlines our principles and practices with respect to the collection, processing, storage, and disclosure of your personal data. The policy reflects our ongoing commitment to data protection in accordance with global privacy regulations, including but not limited to the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).

By accessing or using themouthofghosts.com (the “Website”), you acknowledge and agree to the practices described herein.

2. Scope of Policy and Data Controller Role

This Privacy Policy applies to all personal data collected through our Website and any related communications or services. The Mouth of Ghosts operates as the data controller for all user data collected through themouthofghosts.com and determines the purposes and means of processing such data.

Inquiries regarding personal data processing may be directed to [email protected].

3. Categories of Data Processed

We may collect and process the following categories of personal data:

a. Usage Data:
Including information such as IP address, browser type and version, operating system, pages visited, timestamps, clicks, session duration, referral sources, and general geographical data.

b. Account Data:
Collected when users create an account or make a purchase, including full name, email address, billing and shipping address, phone number, and login credentials.

c. Profile Data:
Information regarding user account preferences, purchase history, authentication tokens, behavior patterns on our Website, wishlists, and saved preferences.

d. Communication Data:
Includes records of all correspondence with us, including customer support requests, email exchanges, inquiries, and complaints.

e. Technical Data:
Collected automatically to ensure proper function of the Website and services, including device types, operating system and platform, browser extensions, and device identifiers.

f. Transaction Data:
Collected in the course of completing purchases or other financial interactions, including payment card information, order history, delivery data, and invoice records.

g. Preference Data:
Marketing preferences, content interests, communication consent status, participation in surveys, or feedback forms submitted on themouthofghosts.com.

4. Legal Bases for Processing

We process your personal data on the following legal bases:

– Contractual Necessity: To perform a contract or prepare to enter into a contract with you, including account registration and processing of purchases.
– Legitimate Interests: To improve our Website, communicate offers, maintain site security, and prevent fraudulent activity.
– Consent: Where you have given explicit permission for data collection, including for optional marketing and certain cookies.
– Legal Obligation: Where processing is required by law or regulatory obligations.

5. Your Rights

In compliance with GDPR and CCPA, you have the following data protection rights:

– Right of Access: You may request a copy of the personal data we hold about you.
– Right to Rectification: You may request correction of inaccurate or incomplete data.
– Right to Erasure (“Right to Be Forgotten”): You may request the deletion of your data under certain legal grounds.
– Right to Restriction: You may request a halt on processing while the accuracy or legality of the data is verified.
– Right to Data Portability: You may request a transfer of your personal data to you or a third party in a structured, commonly used format.
– Right to Object: You may object to processing carried out on the basis of legitimate interests.

To exercise these rights, please contact us at [email protected].

6. Security Measures

We prioritize the security of your data through robust technical and organizational measures, including but not limited to:

– Data encryption for transmission and storage
– Secure access controls and authentication systems
– Regular security audits and malware scanning
– Ongoing staff privacy training and awareness programs
– Routine data backups and disaster recovery systems

7. International Transfers

Should your personal data be transferred outside of your country of residence, we ensure that such transfers comply with legal mechanisms:

– For transfers from the European Economic Area (EEA), we use Standard Contractual Clauses approved by the European Commission.
– For transfers subject to CCPA rules, we ensure compliance through binding agreements with our service providers or third parties.

8. Data Retention

Personal data is retained only for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required or permitted by law. For example:

– Account and Transaction Data: Retained for 7 years to meet legal and taxation purposes.
– Technical and Usage Data: Retained for 24 months for security analytics and optimization.
– Communication Data: Retained for 3 years from the date of last correspondence.
– Preference and Marketing Data: Retained as long as consent remains valid or until withdrawn.

9. Cookie Policy

We use cookies and similar tracking technologies for a variety of functions, including:

– Essential Cookies: Necessary for Website functionality (e.g., login authentication, shopping cart).
– Functional Cookies: Remember your preferences and choices for enhanced user experience.
– Analytics Cookies: Help us understand Website usage patterns (e.g., via Google Analytics).
– Performance Cookies: Used to measure Website performance and loading times.

Please refer to our Cookie Disclosure for a complete list of the cookies used at themouthofghosts.com.

10. Cookie Management and Compliance with GDPR & CCPA

In compliance with applicable privacy laws, we provide:

– A cookie consent banner which enables users to opt-in before non-essential cookies are placed.
– A cookie preference center where you can withdraw or modify your consent at any time.
– A “Do Not Sell My Personal Information” mechanism in accordance with CCPA where applicable.

You can also manage cookies through your browser settings to delete or block cookies.

11. Children’s Privacy

The Website is not directed to individuals under the age of 13, and we do not knowingly collect or solicit personal data from children. If we learn that data has been inadvertently collected from a child under the age of 13, we will take appropriate steps to delete it promptly.

Parents or legal guardians who believe that their child may have provided us with personal information may contact us at [email protected].

12. Policy Updates and User Notifications

We may update this Privacy Policy from time to time to reflect legal or operational changes. We encourage users to revisit this page periodically. Substantive changes to this policy will be communicated via email (where appropriate) or posted conspicuously on themouthofghosts.com.

Continued use of our Website following any update indicates understanding and acceptance of the revised terms.

13. Contact

For any questions, concerns, or requests related to this Privacy Policy or your personal data, please contact:

The Mouth of Ghosts
Email: [email protected]
Website: https://www.themouthofghosts.com

This Privacy Policy is intended to ensure transparency and uphold your rights under GDPR, CCPA, and other applicable privacy laws. We remain committed to safeguarding your information and fostering trust through accountability and compliance.