Privacy Policy - My Minx

1. Introduction

At my-minx.com, we are committed to respecting and protecting your privacy. Your personal information is handled with the utmost care, in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy sets forth how we collect, use, disclose, and safeguard your personal data when you interact with our website and services. We maintain a privacy-first approach in managing data and prioritize transparency and user control at all times.

2. Scope of Policy & Data Controller Responsibilities

This Privacy Policy applies to all personal information that is collected through the services offered on our website, my-minx.com, and to all individuals whose personal data we collect or process, including visitors, customers, and contact form users. For purposes of the GDPR, My Minx is the “data controller” in relation to the processing of personal data collected via my-minx.com. This means we determine the purposes and means of the processing of your personal information.

If you reside in California, this Policy also serves as our “Notice at Collection” under the CCPA.

3. Categories of Data We Process

We may collect and process the following categories of personal data:

a. Usage Data
Includes information about how you use our website, such as IP address, browser type, pages visited, referring URLs, session duration, and other diagnostic and log information.

b. Account Data
Includes personal identifiers such as full names, billing/shipping addresses, email addresses, phone numbers, and other information necessary when users create an account on my-minx.com.

c. Profile Data
Includes your preferences, previous purchases, product interest history, behavioral interactions with the site, saved items, and feedback or reviews submitted.

d. Communication Data
Includes all correspondence history you have with us, including messages sent through email, chat, contact forms, or customer support interactions.

e. Technical Data
Includes device identifiers, operating system versions, browser configurations, language preferences, time zones, network settings, and other system variables.

f. Transaction Data
Includes information related to the purchases you make through my-minx.com such as payment method, transaction timestamps, order history, delivery addresses, and invoice details. We do not retain full payment card details; these are securely handled by our third-party payment processors.

g. Preference Data
Includes communication preferences, marketing consent, opted-in subscriptions, and information you voluntarily provide regarding product category interests or promotional choices.

4. Legal Bases for Processing

We process your personal data pursuant to several lawful bases under the GDPR and CCPA, including:

– Contractual necessity: to fulfill our obligations in delivering products and services you purchase.
– Legitimate interests: to maintain efficient business operations, improve our services, and prevent fraud.
– Legal obligations: to comply with laws and regulatory requirements.
– Consent: when you provide explicit permissions for marketing or optional data sharing. Where required, we will obtain your consent separately and transparently.

5. Your Rights

Depending on your jurisdiction, you may exercise a number of rights in relation to your personal data, including:

– Right of Access – to request a copy of your personal data held by us.
– Right to Rectification – to correct incomplete or inaccurate data.
– Right to Erasure – to request deletion of your personal data under specific conditions.
– Right to Restrict Processing – to temporarily limit how your data is used.
– Right to Data Portability – to receive your data in a structured format and transmit it elsewhere.
– Right to Object – to oppose certain uses of data, including for direct marketing purposes.

To exercise any of these rights, please email [email protected]. We will respond in accordance with the applicable data protection laws and timelines.

6. Security Measures

We implement technical and organizational measures to protect your personal data. These measures include, but are not limited to:

– Secure Socket Layer (SSL) encryption for data in transit;
– Role-based access control and multi-factor authentication for authorized personnel;
– Periodic data backups and encrypted storage;
– Cybersecurity training for staff;
– Regular assessments of our security frameworks and vendor practices.

7. International Transfers

If you are located outside the country where our servers or service providers are located, your information may be transferred internationally. We ensure appropriate safeguards are in place for such transfers, including the use of Standard Contractual Clauses adopted by the European Commission for data transfer outside the EEA. Where data is transferred to the United States or other jurisdictions, we maintain strict compliance with regional data transfer requirements.

8. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected:

– Account and Transaction Data: retained for 7 years following the end of the customer relationship for regulatory and tax purposes;
– Communication Data: retained for 2 years to ensure consistent customer support service;
– Marketing Consent Data: retained until the opt-out is exercised or 24 months, whichever is sooner;
– Technical and Usage Data: retained for no longer than 12 months for analytics and enhanced site functionality.

9. Cookie Policy

my-minx.com uses a variety of cookies and similar tracking technologies for essential and optional purposes:

– Essential Cookies: required for site functionality, including shopping cart functionality, user authentication, and security.
– Functional Cookies: enable features such as saving preferences, language settings, and improved user experience personalization.
– Analytics Cookies: help us understand how our website is used so we can improve performance and usability (e.g., Google Analytics).
– Performance Cookies: collect information about page load times, error messages, and system diagnostics to enhance functionality.

10. Managing Cookies under GDPR & CCPA

Upon first visit to my-minx.com, users are presented with a cookie consent banner providing the ability to manage their preferences in accordance with GDPR requirements. California residents may opt out of the “sale” or “sharing” of personal information, as defined by the CCPA, via our dedicated Data Preferences tool accessible from our footer.

You may modify your cookie consent settings at any time or use your browser settings to block or delete cookies. Essential cookies cannot be disabled without affecting website functionality.

11. Children’s Privacy

Our services are not directed to children under the age of 13, and we do not knowingly collect personal data from anyone in this age group. If we become aware that we have collected personal information from a child under 13, we will take appropriate steps to delete such information. Parents or legal guardians who believe their child has provided us with personal data may contact us at [email protected].

12. Updates to this Privacy Policy

We may revise this Privacy Policy from time to time as our business, services, or legal obligations evolve. Any material changes will be communicated appropriately, which may include a prominent notice on my-minx.com or direct communication. You are encouraged to review this Policy periodically to stay informed of how we protect your personal information.

13. Contact Us

If you have any questions, concerns, or requests relating to this Privacy Policy or our data handling practices, you may contact us at:

Email: [email protected]
Website: https://www.my-minx.com

We are committed to protecting your privacy rights and upholding best practices in data protection. If you believe your data has been processed in violation of applicable law, you also have the right to lodge a complaint with your local data protection authority.

At my-minx.com, we are proud to maintain full compliance with the GDPR, CCPA, and other applicable privacy legislation. Please do not hesitate to reach out with any questions or concerns related to your privacy.