Privacy Policy

At Morton Hill (“we”, “our”, or “us”), accessible at morton-hill.com, we are committed to safeguarding your privacy and ensuring that your personal data is handled in accordance with applicable data protection laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”). We value transparency and want you to understand how we collect, use, disclose, and secure your personal information, as well as the rights you have with respect to your data.

1. Commitment to Privacy and Data Protection

We are committed to enforcing the highest standards of data protection and individual privacy. Your trust is central to our operations, and we take this responsibility seriously. We process your personal data lawfully, fairly, and in a transparent manner, consistent with the rights and expectations set forth under applicable privacy regulations.

2. Scope of Policy and Data Controller Role

This Privacy Policy applies to all personal data collected through the services offered on morton-hill.com and via related communications. Morton Hill is the data controller responsible for determining the purposes and means by which your personal data is processed. This policy covers visitors to our website, prospective and current customers, as well as individuals who communicate with us through various channels.

3. Categories of Data Processed

We collect and process the following categories of personal data:

a. Usage Data
Data related to your interactions with our website, including IP addresses, browser type and version, device identifiers, time zone settings, browsing behavior, referral sources, and website navigation paths.

b. Account Data
Information provided when you create an account or engage with our services, including your full name, billing and delivery address, email address, and telephone number.

c. Profile Data
Details such as preferences, past purchases, user behavior, and activity history collected to tailor our offerings and enhance your user experience.

d. Communication Data
Records of support inquiries, chat transcripts, email correspondence, and any other interactions or feedback you provide to us.

e. Technical Data
Device-specific information such as operating systems, device models, browser configurations, and system settings.

f. Transaction Data
Details of product purchases, order history, payment methods, billing details, and delivery logistics.

g. Preference Data
Marketing consents, newsletter subscriptions, interest categories, and product or service preferences you may communicate or indicate through the website or settings.

4. Legal Bases for Processing

We only process personal data when legally permitted. The legal bases we rely on include:

– Consent: When you explicitly provide your consent for certain processing activities, such as subscribing to marketing newsletters.
– Contractual Necessity: To fulfill our obligations under a contract with you, such as processing orders and providing customer support.
– Legitimate Interests: To pursue our legitimate business interests in maintaining and improving our services, except where overridden by your rights and interests.
– Legal Obligation: When necessary to comply with applicable laws and regulations.

5. Your Rights

Under data protection law, you have the following rights:

– Right of Access – To request access to your personal data held by us.
– Right of Rectification – To correct or update inaccurate or incomplete data.
– Right to Erasure – To request deletion of your personal data where applicable.
– Right to Restrict Processing – To limit the processing of your data under certain circumstances.
– Right to Data Portability – To receive a copy of your data in a structured, machine-readable format and to transmit that data to another controller.
– Right to Object – To object to processing based on legitimate interests or marketing purposes.
– Rights under CCPA – If you are a California resident, you have additional rights including the right to know, delete, and opt-out of the sale of your personal information.

To exercise any of these rights, please contact us at [email protected].

6. Security Measures

We implement technical and organizational safeguards to protect your personal data, including:

– Encryption of data during transmission and storage
– Secure authentication protocols and access controls
– Regular system backups and integrity monitoring
– Employee training on data privacy and security
– Periodic audits and security assessments

These measures are designed to prevent unauthorized access, disclosure, alteration, or destruction of your personal data.

7. International Transfers

When your data is transferred outside the European Economic Area (EEA) or other jurisdictions, we ensure such transfers are conducted in accordance with applicable data protection standards. This may include entering into Standard Contractual Clauses approved by regulatory authorities or transferring to jurisdictions with adequate data protection laws.

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. General retention periods include:

– Account and Profile Data: For the duration of your account and up to 7 years thereafter.
– Transaction Data: For a minimum of 7 years to comply with financial obligations.
– Communication Data: Up to 3 years following your most recent interaction.
– Usage and Technical Data: For analytics purposes, retained up to 2 years.
– Preference Data: As long as consent remains valid or until unsubscribed.

9. Cookie Policy

Our website uses cookies and similar technologies to enhance user experience, analyze traffic, and personalize content. The types of cookies we use include:

– Essential Cookies – Necessary for the website to function properly.
– Functional Cookies – Enable enhanced features and user settings.
– Analytics Cookies – Used to collect aggregated data for performance and usage statistics.
– Performance Cookies – Monitor performance to improve functionality and responsiveness.

10. Cookie Management and Compliance

Users are given clear options to manage cookie preferences upon their first visit to morton-hill.com in compliance with GDPR and CCPA. You may modify your cookie settings anytime via your browser or the cookie preference panel. CCPA opt-out mechanisms are also provided as required, including the ability to refuse sale or disclosure of personal information.

11. Children’s Data

We do not knowingly collect or solicit personal data from children under the age of 13. If we become aware that we have collected data from a child under 13 without verified parental consent, we will take immediate steps to delete such information. Users must be over 13 years old to use morton-hill.com and its services.

12. Policy Updates

We may update this Privacy Policy from time to time to reflect changes in law, technology, or our practices. When we do, we will revise the policy and, where appropriate, notify you through prominent notices on morton-hill.com or via email. We encourage you to review this policy periodically to stay informed about how your data is protected.

13. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or how we process your personal data, you may contact us at:

Email: [email protected]

We strive to maintain full compliance with GDPR, CCPA, and other applicable data protection laws. If you believe we have not adhered to this policy or treated your data unfairly, please reach out to us through the contact information provided.