PRIVACY POLICY
1. Introduction
At Bark Baby Bark (“we,” “our,” or “us”), accessible via barkbabybark.com, we are committed to safeguarding the privacy and personal data of our users, customers, and visitors. We recognize the importance of protecting your personal information and handling it with the utmost care in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we collect, use, disclose, and protect your personal data and informs you of your data protection rights.
2. Scope of Policy and Data Controller Role
This Privacy Policy governs the collection and processing of personal data by Bark Baby Bark in relation to your use of our website, barkbabybark.com, and our products and services. For purposes of the GDPR, Bark Baby Bark is the data controller responsible for the processing of personal data described herein.
3. Categories of Data Processed
We may collect and process the following categories of personal data:
a. Usage Data
Information automatically collected through your interaction with our website, including IP addresses, browser types, device identifiers, access times, referring websites, and navigation patterns.
b. Account Data
Information provided during account creation or order placement, such as full name, billing and shipping address, email address, and phone number.
c. Profile Data
Information collected or inferred regarding your preferences, interests, past purchases, product browsing behaviors, and account settings.
d. Communication Data
Any information you provide when you contact us, including support requests, technical questions, email correspondence, and contact history.
e. Technical Data
Device and system information such as device type, operating system, screen resolution, language settings, and other system configurations.
f. Transaction Data
Details related to product orders, payments, refunds, delivery addresses, and other related financial and logistical data (excluding full credit card numbers, which are processed securely by third-party payment processors).
g. Preference Data
Marketing and communications preferences, opt-in consents, newsletter subscriptions, product wish-lists, and survey responses.
4. Legal Bases for Processing
In accordance with the GDPR, we rely on the following legal bases when processing your personal data:
– Contractual Obligation: For processing necessary to fulfill a contract with you, such as completing purchases or providing customer support.
– Legitimate Interests: Where we have a legitimate business interest not overridden by your data rights, such as enhancing website functionality or improving customer experience.
– Consent: When you have explicitly given us permission, such as for marketing communications or use of non-essential cookies.
– Legal Compliance: When processing is necessary to comply with legal obligations applicable to us.
5. Your Rights
Depending on your jurisdiction and under applicable law, you may have the following rights regarding your personal data:
– Right of Access: Request access to personal information we hold about you.
– Right of Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your data, subject to legal retention obligations.
– Right to Restriction: Request a restriction of data processing in certain situations.
– Right to Portability: Receive a copy of your data in a structured, machine-readable format and transfer it to another controller.
– Right to Object: Object to processing based on legitimate interest or direct marketing.
To exercise any of these rights, you may contact us at [email protected].
6. Security Measures
We implement technical and organizational safeguards designed to protect your data against accidental loss, misuse, unauthorized access, disclosure, alteration, or destruction. These include, but are not limited to:
– Data encryption in transit and at rest
– Role-based access controls and authentication protocols
– Regular backup and disaster recovery procedures
– Continuous staff training on data protection requirements
– Secure data hosting in compliant environments
7. International Transfers
Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA) or your home jurisdiction. In such cases, we implement appropriate safeguards, including standard contractual clauses approved by the European Commission or other mechanisms recognized by applicable law to ensure an adequate level of data protection.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, regulatory, tax, accounting, or reporting requirements. Specific retention periods include:
– Account and profile data: Stored until you request deletion or for up to 7 years after your last interaction.
– Transaction and order data: Retained for a minimum of 7 years for auditing and compliance.
– Communication data: Held for up to 3 years following the last point of contact.
– Cookie and usage data: Retention periods vary by cookie type (see Cookie Policy).
9. Cookie Policy
We use cookies and similar technologies to enhance your experience, provide analytics, secure our website, and deliver personalized content and advertisements. The types of cookies we use include:
– Essential Cookies: Required for core functionality such as navigation and checkout.
– Functional Cookies: Enable features like saved preferences and language settings.
– Performance/Analytics Cookies: Collect anonymous usage data to evaluate and improve website performance.
– Marketing Cookies: Track browsing across sites to target advertising and promotions based on your interests.
10. Cookie Management and Compliance with GDPR & CCPA
You may control your cookie preferences at any time via our website’s cookie consent banner or your browser settings. Under GDPR, we seek your explicit consent before deploying non-essential cookies. California residents are entitled under the CCPA to opt out of the sale or sharing of personal information; we honor such requests and provide mechanisms to manage cookie preferences in compliance with both frameworks.
11. Special Protections for Children
Bark Baby Bark does not knowingly collect or process data from individuals under the age of 13. If we become aware that personal data has been collected from a child under this age without verifiable parental consent, we will take steps to delete such data promptly. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at [email protected].
12. Policy Updates & User Notifications
We reserve the right to review and amend this Privacy Policy to reflect changes in our practices, technology, operational needs, or legal obligations. Any material updates will be posted to this page, and where required by law, we will notify you through website notices or direct communication, when feasible.
13. Contact Us
If you have any questions about this Privacy Policy, your personal data, or wish to exercise your data protection rights, you may contact us at:
Email: [email protected]
At Bark Baby Bark, we uphold a strong commitment to privacy and legal compliance. Should you have any concerns about our data practices or would like to make a complaint, we encourage you to contact us through the above email.