Privacy Policy for halfmoonandsevenstars.com
1. Introduction
At Half Moon and Seven Stars (“we,” “our,” “us”), accessible at halfmoonandsevenstars.com (“Website”), your privacy is of paramount importance. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal information. We are committed to maintaining the highest standards of privacy and data protection in accordance with applicable laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope of this Policy and Our Role as Data Controller
This Privacy Policy applies to the processing of personal data collected through your use of our Website, related services, and interactions with us via email or other communication channels. For the purposes of the GDPR, we operate as the Data Controller, determining the purposes and means of processing your personal data.
3. Categories of Personal Data We Process
We may collect and process the following categories of personal information:
A. Usage Data
Information automatically collected when you visit our Website, including:
– Browser type and version
– IP address
– Referral sources
– Operating system
– Time and duration of pages visited
– Clickstream behavior and session data
B. Account Data
When you register or make a purchase, we may collect:
– Full name
– Billing and shipping addresses
– Email address
– Phone number
– Login credentials
C. Profile Data
Information related to your preferences and behavior, including:
– Purchase history
– Wishlist items
– Product interest categories
– Customer profile settings
D. Communication Data
When you interact with us, including support requests and contact forms:
– Email communication history
– Live chat transcripts
– Support ticket history
– Feedback and survey responses
E. Technical Data
Details about the devices and systems you use to access our services:
– Device type and model
– Operating system, browser versions, and system configurations
– Language preferences
– Screen resolution and plug-ins
F. Transaction Data
Information related to your purchases and transactions:
– Order details
– Payment method (note: we do not store full card numbers)
– Delivery and fulfillment status
– Applicable promotions or discounts
G. Preference Data
Your stated and implied preferences including:
– Marketing consents
– Opt-in/opt-out choices
– Subscription settings
– Selected notification and language preferences
4. Legal Bases for Processing
We process your data under the following legal grounds, as defined by the GDPR:
– Contractual Necessity: To fulfill our contractual obligations to you, such as processing orders and providing requested services.
– Consent: When you freely give your explicit consent, for example when subscribing to marketing communications.
– Legitimate Interests: To improve our Website, detect fraud, maintain security, and offer relevant products and services.
– Legal Obligation: To comply with legal and regulatory requirements.
Where consent is the legal basis for processing, you have the right to withdraw it at any time without affecting the lawfulness of processing prior to its withdrawal.
5. Your Rights Under the GDPR and CCPA
As a data subject under GDPR and/or consumer under CCPA, you have the following rights:
– Right of Access: Obtain confirmation as to whether your data is being processed and request a copy of such data.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure (“Right to be Forgotten”): Request deletion of your personal data where legally applicable.
– Right to Restriction: Request a restriction on the processing of your personal data.
– Right to Data Portability: Receive your data in a structured, commonly used, and machine-readable format.
– Right to Object: Object to the processing of your data on grounds relating to your particular situation.
– Right to Opt-Out Under CCPA: California residents may opt out of the sale of personal information.
To exercise your rights, please contact us using the information in Section 13 of this policy.
6. Security Measures
We implement appropriate technical and organizational measures to ensure the security and confidentiality of your data, including:
– Secure sockets layer (SSL) encryption for data in transit
– Access controls and role-based permissions
– Regular data backups and endpoint monitoring
– Employee training and awareness programs
– Firewalls, intrusion detection systems, and secure server environments
7. International Data Transfers
Where your data is transferred outside your country of residence—including the European Economic Area (EEA)—we ensure appropriate safeguards are in place. These may include:
– Standard Contractual Clauses (SCCs) approved by the European Commission
– Certifying to relevant international frameworks
– Ensuring the recipient country has adequate data protection standards
8. Data Retention
We retain personal data only as long as necessary for the purposes for which it was collected. Retention periods vary by data category:
– Usage and Technical Data: retained for 12–24 months for analytics and security
– Account and Profile Data: retained while your account remains active and for up to 6 years thereafter for legal and legitimate interests
– Transaction Data: retained for 7 years for tax and financial recordkeeping
– Communication Data: retained for 2 years from last contact
– Preference Data: retained until you modify or withdraw them
Upon expiry of the relevant period, your data will be securely deleted or anonymized.
9. Cookie Policy
Our Website uses cookies to enhance user experience and gather analytics data. Cookies fall into the following categories:
– Essential Cookies: Required for the functionality of our Website (e.g., login, cart functions)
– Functional Cookies: Enable personalization and improved functionality (e.g., remembering preferences)
– Analytics Cookies: Collect aggregated data about how visitors interact with the Website
– Performance Cookies: Monitor performance to improve responsiveness and reliability
These cookies may be set by us or third-party analytics or advertising providers.
10. Cookie Management and Compliance
Users based in the EU and California are presented with a cookie notice upon first visit, in compliance with GDPR and CCPA respectively. You have the ability to:
– Accept or reject non-essential cookies
– Manage cookie preferences via browser settings
– Withdraw cookie consent at any time via a designated link found on the Website
We also honor global privacy control (GPC) signals as required under the CCPA.
11. Protections for Children
Our Website is not directed to children under the age of 13, and we do not knowingly collect personal information from such individuals. If we become aware that we have collected personal data from a child under 13 without verified parental consent, we will take steps to delete it promptly. If you believe a child has provided us with personal information, please contact us.
12. Updates to This Privacy Policy
We reserve the right to amend this Privacy Policy periodically to reflect legal, regulatory, or operational changes. Any significant modifications will be communicated via the Website or by email if appropriate.
We encourage you to review this Privacy Policy regularly to stay informed about our privacy practices.
13. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, you may contact us by email at:
We affirm our commitment to full compliance with GDPR, CCPA, and other relevant privacy regulations. Your trust and privacy are essential to us. Please reach out if you need any further assistance regarding your personal information.