Privacy Policy for Thistlewood Crest
We maintain an unwavering dedication to protecting and preserving all personal data provided by our website visitors and service users, implementing robust and comprehensive security measures throughout our services and operations.
This policy applies where we are acting as a data controller with respect to the personal data of our website visitors and service users; in other words, where we determine the purposes and means of the processing of that personal data. In this role, we are responsible for ensuring the proper handling, processing, and protection of all personal data submitted through our website.
We may process usage data (“usage data”), which comprehensively includes browser type, operating system, page views, navigation patterns, timing of visits, device information, and interaction metrics. This information is collected through automated logging systems, cookies, and analytics tools and may include time spent on specific pages, features accessed, and user journey patterns. The source of this data is our analytics software and server logs. We process this information for several important purposes, including improving website performance, enhancing user experience, analyzing content effectiveness, and optimizing service delivery, which enables us to provide better services, personalize content, and maintain security. The legal basis for this processing is our legitimate interests in monitoring and improving our website and services.
We may process account data (“account data”), which comprehensively includes name, email address, telephone number, billing address, and account preferences. This information is collected through registration forms, account creation processes, and direct user input and may include newsletter preferences, communication settings, and account security choices. The source of this data is the user’s direct input during account creation and management. We process this information for account administration, service provision, communication purposes, and security maintenance, which enables us to provide personalized services, maintain account security, and facilitate communication. The legal basis for this processing is the performance of a contract between you and us and/or taking steps at your request to enter into such a contract.
We may process profile data (“profile data”), which comprehensively includes biographical information, interests, preferences, saved items, and interaction history. This information is collected through profile customization, saved preferences, and user interactions and may include design preferences, saved articles, and community interactions. The source of this data is your direct input and interaction with our services. We process this information for personalizing user experience, content recommendations, community features, and service optimization, which enables us to deliver relevant content, enhance user engagement, and improve service quality. The legal basis for this processing is our legitimate interests in providing personalized services and maintaining user engagement.
Your Rights:
Right to Access
You have the right to obtain confirmation about whether we process your personal data and to receive a copy of that data in a structured format. This includes the ability to view all personal data we hold about you, understand how we use it, and know who we share it with. To exercise this right, you can submit a written request through our designated data access portal or contact our privacy team directly. We will respond within 30 days and may require proof of identity, account verification, and specific data request details to verify your identity.
Right to Rectification
You have the right to have inaccurate personal data corrected and incomplete data completed. This includes the ability to update your personal information, correct errors in your data, and supplement incomplete information. To exercise this right, you can access your account settings or submit a correction request through our support system. We will respond within 15 days and may require current account credentials, specific correction details, and supporting documentation to verify your identity.
Right to Erasure
You have the right to request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected. This includes the ability to remove your account, delete specific data points, and withdraw previous consent. To exercise this right, you can use our account deletion tools or submit a formal erasure request to our privacy team. We will respond within 30 days and may require account password, deletion confirmation, and identity verification to verify your identity.
Right to Restrict Processing
You have the right to limit how we use your personal data in specific circumstances, particularly when you contest its accuracy or object to processing. This includes the ability to pause data processing, limit data usage, and temporarily block access to your data. To exercise this right, you can submit a processing restriction request through our privacy portal or contact our data protection officer. We will respond within 15 days and may require account verification, restriction scope details, and formal written request to verify your identity.
Right to Data Portability
You have the right to receive your personal data in a machine-readable format and have it transferred to another service provider where technically feasible. This includes the ability to download your data, transfer information between services, and receive data in common file formats. To exercise this right, you can use our data export tools or submit a portability request through our support system. We will respond within 30 days and may require two-factor authentication, specific format preferences, and destination details to verify your identity.Data Processing and Security
At Thistlewood Crest (thistlewoodcrest.com), we carefully manage various types of personal data to provide our services:
We process Service Data which includes account details, user preferences, and platform interactions. This processing involves automated collection and analysis, enabling us to personalize your experience. For example, in the context of home, this includes saving your favorite design inspiration boards and DIY project preferences. The legal basis for this processing is legitimate interests and contract fulfillment, specifically to provide personalized content and maintain service quality.
We process Technical Data which includes browser information, device identifiers, and usage patterns. This processing involves automated logging and analysis, enabling us to optimize site performance. For example, in the context of home, this includes tracking which sustainable living articles are most viewed. The legal basis for this processing is legitimate interests, specifically to ensure optimal website functionality and user experience.
We process Communication Data which includes email correspondence, newsletter subscriptions, and customer service interactions. This processing involves storage and analysis of communications, enabling us to provide support and maintain relationships. For example, in the context of home, this includes responding to queries about specific DIY projects or design advice. The legal basis for this processing is consent and legitimate interests, specifically to maintain effective communication channels.
We process Transaction Data which includes purchase history, payment information, and service usage records. This processing involves secure storage and analysis, enabling us to manage financial transactions and improve services. For example, in the context of home, this includes processing workshop bookings or digital content purchases. The legal basis for this processing is contract performance and legal obligations, specifically to fulfill orders and maintain financial records.
We process Preference Data which includes saved items, customization settings, and content interactions. This processing involves tracking and analysis of user choices, enabling us to deliver personalized experiences. For example, in the context of home, this includes remembering your preferred sustainable living topics and design aesthetics. The legal basis for this processing is legitimate interests and consent, specifically to provide relevant content and improve user satisfaction.
Security Measures
Our commitment to protecting your data includes:
Our comprehensive encryption protocols ensure end-to-end protection of your data, incorporating industry-standard algorithms and regular security updates to maintain data integrity. This includes regular security assessments and penetration testing by qualified professionals.
We implement multi-layered security infrastructure, including advanced firewalls and intrusion detection systems that continuously monitor for and prevent unauthorized access attempts. This infrastructure undergoes regular updates and enhancements.
Access to personal data is strictly controlled through role-based permissions, multi-factor authentication, and detailed access logs. We maintain comprehensive audit trails of all data access and modifications.
Our continuous monitoring systems provide real-time threat detection and automated response protocols, ensuring immediate action against potential security threats.
We maintain comprehensive backup procedures with encrypted offsite storage and regular recovery testing, ensuring data availability and integrity.
All staff undergo regular security awareness training and must comply with detailed data protection protocols, including specific training for handling sensitive data.
International Transfers
We may transfer your personal data to countries outside your jurisdiction. These transfers are protected by appropriate safeguards, including Standard Contractual Clauses, Privacy Shield certification, and Binding Corporate Rules. Each international transfer is conducted under strict protocols that ensure:
– Adequate data protection standards
– Compliant processing procedures
– Enforceable data subject rights
– Effective legal remedies
International transfers are protected by ISO 27001 standards, GDPR requirements, and CCPA guidelines, ensuring compliance with global privacy regulations. We implement additional measures including:
– Regular compliance audits
– Data protection impact assessments
– Documented transfer mechanisms
– Continuous monitoring procedures
Regarding international transfers, you maintain specific rights including:
– Right to information about transfers
– Right to object to transfers
– Right to withdraw consent
– Right to data protection guarantees
Data Retention
We maintain specific retention periods for different data categories:
Account Information: 2 years after account closure to maintain service continuity and handle potential reactivation requests
Usage Data: 12 months to analyze trends and improve services
Transaction Records: 7 years to comply with tax and financial regulations
Communication History: 3 years to maintain service quality and handle ongoing inquiries
Technical Logs: 6 months for security and performance optimization
These retention periods are determined by:
– Legal requirements
– Business purposes
– Technical necessities
– User preferences
Special circumstances affecting retention:
– Legal obligations
– Dispute resolution
– Security investigationsCookie Policy for Thistlewood Crest
Essential cookies serve fundamental functions for our website’s core operations. These cookies process authentication data, security tokens, and session information to enable basic website functionality. For example, in our home inspiration context, these cookies maintain your login status while you browse through our curated collections and save your design preferences.
Essential cookies are vital for website accessibility and security. These cookies handle user authentication, maintain secure browsing sessions, and ensure technical stability. We use them specifically for:
– User authentication during design inspiration browsing
– Security measures to protect your saved collections
– Basic site operations for seamless navigation
– Session management while creating mood boards
– Technical stability across device types
Functional cookies enhance your experience by remembering your preferences and customizations. They enable:
– Language preferences for our international home design community
– Region-specific content for local design trends
– User interface customization for your viewing comfort
– Feature optimization for your favorite sections
– Personalized settings for your creative workspace
Analytics cookies help us understand how visitors interact with our content. They collect information about:
– Page interactions with our design galleries
– Navigation patterns through our DIY tutorials
– Feature usage of our planning tools
– Session duration on inspiration boards
– User preferences for content types
Performance cookies assess and improve website operation by:
– Monitoring site speed during image loading
– Identifying technical issues in interactive features
– Optimizing content delivery for design portfolios
– Analyzing user experience with our tools
– Tracking system performance across devices
Cookie Management
You can control your cookie preferences through:
– Browser settings for basic cookie control
– Cookie consent tools on our platform
– Privacy preferences in your account
– Account settings for personalization
For EU residents, we ensure:
– Explicit consent mechanisms before cookie placement
– Data minimization in tracking processes
– Purpose limitation for collected information
– Storage limitations on personal data
– Processing transparency in all operations
California residents have additional rights:
– Right to know about personal information collected through cookies
– Right to delete personal data stored in cookies
– Right to opt-out of cookie-based tracking
– Right to non-discrimination when exercising privacy rights
– Right to access collected information from cookies
Regarding users under 13:
– Age verification requirements before cookie placement
– Parental consent procedures for any tracking
– Limited data collection through cookies
– Special protection measures for young users
– Parental access rights to cookie settings
Policy updates involve:
– Regular review procedures of cookie implementations
– User notifications of significant changes
– Consent renewal when cookie policies change
– Clear change documentation for transparency
– Continuous compliance monitoring of cookie usage
For privacy-related inquiries:
– Primary Contact: [email protected]
– Response Time: Within 48 hours
– Verification Required: For data-related requests
– Available Support: Privacy concerns, data requests, rights exercise
This policy was created specifically for thistlewoodcrest.com and covers all associated services within the home industry.