Privacy Policy for MushroomUK.com

MushroomUK.com (“we,” “us,” or “our”) is committed to safeguarding your privacy and the confidentiality of your personal data. We respect the trust you place in us when using our website and services and implement stringent data protection practices in accordance with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (GDPR) and the California Consumer Privacy Act (CCPA).

1. Introduction

At MushroomUK.com, your privacy is our priority. This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you visit and interact with our website or engage with our services. We aim to offer complete transparency and empower you to maintain control over your personal information.

2. Scope of This Policy and Data Controller Role

This Privacy Policy applies to all personal data collected through our website mushroomuk.com and related services. For the purposes of data protection laws, MushroomUK.com is the data controller responsible for determining the means and purposes of processing your personal data.

If you are a resident of California, we process your personal information in accordance with the CCPA.

3. Categories of Data We Process

We may collect and process the following types of personal data, either directly from you or through your use of our website:

– Usage Data: Information such as IP address, browser type and version, time zone settings, operating system, pages visited, session duration, and referring website addresses.
– Account Data: Personal identifiers including your name, billing or shipping address, email address, and telephone number.
– Profile Data: User preferences, purchase history, account settings, product interactions, and communication preferences.
– Communication Data: Records of customer service interactions including support tickets, email communications, inquiries, and feedback.
– Technical Data: Device type, operating system, screen resolution, platform details, and other system configurations obtained through automated means.
– Transaction Data: Details of purchases, payment methods (excluding full card numbers), billing history, order confirmations, and delivery records.
– Preference Data: Marketing consents, product interests, subscription choices, and personalisation settings.

4. Legal Bases for Processing

We rely on the following legal bases to collect and process your personal data:

– Legitimate Interests: We process data to improve user experience, protect against fraud, and conduct business analytics.
– Contractual Necessity: Processing required to fulfill contractual obligations with you, including order fulfillment and customer service.
– Consent: Where you provide explicit permission for marketing communications, cookie placement, or data sharing activities.
– Legal Obligation: Where we are compelled to comply with regulatory or legal requirements.

5. Your Rights

Under GDPR (for EU residents) and CCPA (for California residents), you are entitled to:

– Access: Request a copy of the personal data we hold about you.
– Rectification: Correct inaccurate or incomplete data.
– Erasure: Request deletion of personal data where legally permissible.
– Restriction: Limit the use of your data in specific circumstances.
– Data Portability: Receive your data in a structured, commonly used, machine-readable format or request its transfer to another provider.
– Objection: Object to processing based on our legitimate interests or direct marketing purposes.
– Non-Discrimination: Under CCPA, you have the right not to be discriminated against for exercising any of your privacy rights.

To exercise any of these rights, please contact us via [email protected].

6. Security Measures

We implement industry-standard security measures to protect your data including:

– Encryption of data in transit and at rest.
– Access controls to restrict personal data handling to authorized personnel.
– Regular system monitoring and event logging.
– Secure data backups and disaster recovery protocols.
– Ongoing staff training on data protection best practices.

7. International Transfers

Your data may be transferred and stored outside your country of residence, including in jurisdictions that may not offer the same level of data protection as your home country. In such cases, we use Standard Contractual Clauses and other approved safeguards to ensure that your rights continue to be protected in line with applicable data protection standards.

8. Data Retention

We retain personal data only for as long as is necessary to achieve the purpose for which it was collected and in accordance with our legal obligations:

– Usage and Technical Data: Up to 24 months from the date of collection.
– Account and Transaction Data: Retained for up to 7 years for tax and legal compliance purposes.
– Communication Data: Retained for up to 3 years following last interaction.
– Preference and Profile Data: Maintained until consent is withdrawn or account is deleted.

Upon expiration of the appropriate retention periods, your data will be securely deleted or anonymized.

9. Cookie Policy

We use cookies and similar tracking technologies to enhance user experience on mushroomuk.com. These are categorized as follows:

– Essential Cookies: Enable core website functionality including security, page navigation, and order processing.
– Functional Cookies: Remember your preferences and custom settings to streamline future visits.
– Analytics Cookies: Collect aggregated data on user behavior to improve site performance.
– Performance Cookies: Monitor loading times, usability metrics, and visitor flows.

10. Cookie Management and Compliance

You have full control over cookie preferences. Upon visiting mushroomuk.com, you will be prompted to accept or manage non-essential cookies. European Economic Area (EEA) residents receive full cookie opt-in mechanisms as required under GDPR. California residents may opt out of the sale or sharing of their personal information in line with the CCPA.

Most web browsers also allow you to block, delete, or limit cookies via browser settings. However, disabling cookies may impact the functionality of certain parts of our website.

11. Special Protections for Children

Our services are not directed to children under the age of 13, and we do not knowingly collect or process personal data from minors without parental consent. If you are a parent or guardian and believe that a minor has disclosed personal data to us, please contact [email protected] so we can take appropriate action.

12. Policy Updates

We reserve the right to amend this Privacy Policy from time to time to reflect changes in legal, operational, or technological circumstances. Material changes will be communicated prominently on mushroomuk.com or via direct communication where legally required. Continued use of our services following changes signifies your acceptance of the updated Privacy Policy.

13. Contact Us

For any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Email: [email protected]
Website: https://mushroomuk.com

We are fully committed to protecting your privacy and complying with all applicable data protection obligations. If you have any questions about your rights or our data handling practices, please reach out to us for further assistance.