Privacy Policy

1. Introduction

At Dixie Rising (“we,” “our,” or “us”), accessible via www.dixierising.com, we recognize the importance of your privacy and are firmly committed to protecting your personal data. This Privacy Policy outlines how we collect, use, disclose, and protect information you provide to us and the rights you are entitled to under applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Our objective is to process your data transparently, securely, and in a manner that respects your legal rights and freedoms.

2. Scope of This Policy and Data Controller Role

This Privacy Policy applies to all users and visitors of dixierising.com and governs all processing of personal data collected both online and offline in connection with our website and related services. For the purposes of applicable data protection legislation, Dixie Rising is the data controller responsible for the processing of your personal data.

If you have any questions regarding the processing of your data or this Privacy Policy, you may contact us at [email protected].

3. Categories of Personal Data We Process

We may collect and process the following categories of personal information, either directly from you, through your interaction with our website, or from third parties in accordance with applicable laws:

a. Usage Data:
– Browsing history
– IP address
– Log files
– Session duration
– Referring/exit pages
– Date/time stamps

b. Account Data:
– Full name
– Mailing address
– Email address
– Telephone number

c. Profile Data:
– Purchase history
– Site behavior and interactions
– User-generated content
– Product preferences

d. Communication Data:
– Customer support interactions
– Chat or inquiry transcripts
– Correspondence history

e. Technical Data:
– Device type
– Operating system
– Browser type and version
– System configuration details

f. Transaction Data:
– Payment card details (processed via secure third-party platforms)
– Order history
– Delivery and billing addresses

g. Preference Data:
– Marketing communications preferences
– Interests and shopping preferences

4. Legal Bases for Processing

We process your personal data on the following lawful bases, depending on the context in which it is collected:

– Contractual Necessity: To fulfill or perform our contractual obligations, such as processing transactions and delivering products or services.
– Legitimate Interests: To pursue our legitimate business interests, such as improving our services, enhancing user experience, or safeguarding our platform, provided that such interests are not overridden by your rights.
– Consent: Where expressly required, we rely on your freely given, specific, informed, and unambiguous consent to process personal data (e.g., for sending marketing communications).
– Legal Obligation: To comply with legal and regulatory obligations, such as those related to tax, fraud prevention, or law enforcement requests.

5. Your Legal Rights

Subject to certain limitations under applicable law, you have the following rights regarding your personal information:

– Right of Access: You may request access to the personal data we hold about you.
– Right to Rectification: You can request correction or updates to your data if inaccurate or incomplete.
– Right to Erasure: Under certain conditions, you may request deletion of your data (“right to be forgotten”).
– Right to Restriction: You have the right to restrict processing of your personal data in certain circumstances.
– Right to Data Portability: You may request to receive your personal data in a structured, commonly used, and machine-readable format and/or have it transmitted to another data controller.
– Right to Object: You can object to the processing of your personal data where we rely on legitimate interests as our legal basis or where your data is processed for direct marketing.

To exercise any of the above rights, please contact us at [email protected]. We will respond as required under applicable law and may need to verify your identity before fulfilling your request.

6. Data Security Measures

We have implemented appropriate technical and organizational measures to secure your personal data and protect it against unauthorized or unlawful processing, accidental loss, destruction, or damage. These measures include:

– End-to-end encryption (HTTPS)
– Role-based access controls
– Regular data backups
– Secure data storage mechanisms
– Staff training on data protection and confidentiality
– Firewalls and intrusion detection systems

7. International Data Transfers

Your personal data may be processed outside your country of residence, including in countries that may not provide the same level of data protection. Where required under law, we implement safeguards such as Standard Contractual Clauses approved by the European Commission or rely on equivalent protective mechanisms to ensure your data remains protected to the standards required by the GDPR and other applicable regulations.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by applicable laws. We follow defined retention schedules:

– Account Data: Retained for the duration of your relationship with us, and up to 6 years thereafter for compliance and audit purposes.
– Transaction Data: Retained for up to 7 years in accordance with financial and tax laws.
– Usage and Technical Data: Retained for up to 2 years for analytics and performance optimization.
– Communication Data: Retained for up to 3 years for reference and service analysis.
– Marketing Preferences: Retained until consent is withdrawn or the data is determined to be outdated.

9. Cookies and Tracking Technologies

We use cookies and other tracking technologies to improve site functionality, analyze performance, and deliver personalized content. Cookies used on dixierising.com fall within the following categories:

– Strictly Necessary Cookies: Essential for enabling navigation and accessing secure areas of the site.
– Functional Cookies: Enable site customization, remembering user choices, and enhancing usability.
– Analytics Cookies: Help us understand site usage and optimize content based on user interaction.
– Performance Cookies: Improve speed and responsiveness of the site by monitoring technical metrics.

10. Managing Cookies and Consent

In compliance with GDPR and CCPA, users are offered a cookie consent banner upon first visit, with the ability to manage their cookie preferences at any time via the Cookie Settings link available on our website. You may also adjust your browser settings to refuse certain types of cookies; however, this may affect website functionality.

Under CCPA, California residents may opt out of the “sale” or “share” of personal data through a dedicated “Do Not Sell or Share My Personal Information” link on the website and may contact us at [email protected] for additional inquiries on data sharing practices.

11. Children’s Privacy

We do not knowingly collect or solicit personal data from children under the age of 13. If you are a parent or guardian and believe that a child under 13 has provided personal information on dixierising.com, please contact us at [email protected], and we will promptly take steps to delete the information.

12. Policy Updates

We may update this Privacy Policy from time to time to reflect changes in legal obligations, technologies, or our practices. When such changes occur, we will revise the policy posted on dixierising.com and, where appropriate, provide notice to you via email or a prominent notice on our homepage.

13. Contacting Us

If you have any questions, concerns, or complaints regarding this Privacy Policy or our data processing practices, or if you would like to exercise your rights, please contact us at:

Email: [email protected]

We are committed to ensuring your privacy is respected and protected in accordance with applicable privacy laws. For further questions or to report a concern, please don’t hesitate to contact our team.