PRIVACY POLICY

1. Introduction

At Morton-Hill, accessible via morton-hill.com, we value your trust and are firmly committed to safeguarding your personal data and protecting your privacy. This Privacy Policy outlines our practices regarding the collection, use, disclosure, and protection of personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Morton-Hill is dedicated to maintaining the confidentiality, integrity, and security of your personal information. Our processing of data is guided by transparency, accountability, and your rights as a user, ensuring a privacy-first approach in all our business activities.

2. Scope of Policy and Data Controller Role

This Privacy Policy applies to all personal data collected through morton-hill.com and related services, including user accounts, communications, and transactions. For data collected via this website, Morton-Hill is the “Data Controller,” meaning we determine the purposes and means of processing your personal data.

If you have any questions or concerns about this policy or our data handling practices, you may reach us directly at [email protected].

3. Categories of Data We Process

We collect and process various categories of personal data to provide you with a tailored, secure, and optimized user experience on morton-hill.com:

a. Usage Data
This includes information about how you use the site, such as pages visited, time spent on site, IP addresses, browser types, referring URLs, and session timestamps.

b. Account Data
Collected when you register or create an account, such as your full name, email address, postal address, phone number, and login credentials.

c. Profile Data
Encompasses data related to your preferences, purchase history, browsing behavior, and interactions with our website features.

d. Communication Data
Information arising from your interactions with our support services, including support tickets, chat transcripts, feedback, and contact history.

e. Technical Data
Information from your devices and systems used to access our site, including device type, operating system, screen resolution, language setting, and browser version.

f. Transaction Data
Includes details about purchases you make through morton-hill.com, payment method information (processed through secure third parties), billing and delivery addresses, and order history.

g. Preference Data
Marketing and communication preferences, including your interests in products or services, and consent statuses related to newsletters or promotional materials.

We synthesize or aggregate this information to improve the user experience while minimizing intrusion and avoiding unauthorized identification.

4. Legal Bases for Processing

We process your personal data only when legally permissible. The lawful bases we rely on include:

– Contractual Necessity: For fulfilling obligations arising from your use of our services or related agreements (e.g., processing online orders or responding to service requests).
– Legitimate Interests: To maintain, optimize, and secure our platform, improve customer relationships, and strengthen service quality, provided your rights do not override these interests.
– Consent: When explicitly provided by you for specific purposes such as marketing communications. You may withdraw your consent at any time.
– Legal Obligations: For compliance with applicable laws and regulatory requirements.

5. Your Rights

As a data subject, you have the following rights under GDPR and, where applicable, CCPA:

– Right of Access: To request copies of your personal data and information about our processing activities.
– Right to Rectification: To correct or update inaccurate or incomplete personal data.
– Right to Erasure: To request deletion of your personal data under certain conditions (“right to be forgotten”).
– Right to Restriction: To request that we suspend processing of your data in specific contexts.
– Right to Data Portability: To receive your personal data in a structured, commonly used, and machine-readable format for portability to another service provider.

Under CCPA, California consumers may additionally exercise:

– Right to Know: The categories and specific pieces of personal data collected.
– Right to Opt-Out: Of the sale or sharing of personal data, where applicable.
– Right to Non-Discrimination: For exercising your data rights.

To exercise your rights, please contact us at [email protected]. We will respond in accordance with applicable legal requirements.

6. Security Measures

We implement robust organizational and technical measures to protect your data, including:

– Encryption of data in transit and at rest
– Role-based access controls and two-factor authentication for internal systems
– Secure data storage and periodic integrity checks
– Regular training programs for staff on privacy and security best practices
– Scheduled security audits and vulnerability assessments

While we take reasonable precautions, no method of transmission or storage is completely secure. We continually monitor and enhance our security infrastructure to reduce risks.

7. International Transfers

If your data is transferred outside of the European Economic Area (EEA) or California, we ensure an adequate level of protection is maintained. This includes use of:

– Standard Contractual Clauses (SCCs) approved by the European Commission
– Country-specific adequacy decisions
– Binding corporate rules or other lawful mechanisms under applicable legislation

Morton-Hill ensures appropriate technical and legal safeguards are in place to comply with cross-border data transfer requirements.

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by legal or regulatory obligations.

– Usage Data: Retained for 12 months for analytics purposes
– Account Data: Retained for 3 years after account deactivation
– Profile Data: Retained for the duration of the service relationship
– Communication and Support Data: Retained for up to 2 years
– Transaction Data: Retained for 7 years for accounting and compliance
– Preference and Consent Data: Retained while valid or until revoked

At the conclusion of retention periods, data is securely deleted or anonymized.

9. Cookie Policy

We use cookies and similar tracking technologies on morton-hill.com to enhance site functionality and personalize user experience.

Types of cookies:

– Essential Cookies: Required for core functionality such as login, security, and navigation.
– Functional Cookies: Support personalized settings, such as language or saved preferences.
– Analytics Cookies: Collect aggregated data about user behavior to improve user experience.
– Performance Cookies: Measure load times, site responsiveness, and system diagnostics.

These technologies do not collect information that personally identifies you without your consent.

10. Cookie Management and Compliance

As required by GDPR and CCPA, we seek user consent for non-essential cookies. Upon your first visit to morton-hill.com, a cookie banner allows you to accept or manage your preferences.

You may also:

– Adjust or withdraw cookie preferences using our Cookie Settings portal
– Configure your browser settings to reject or delete cookies
– Exercise your “Do Not Sell or Share My Personal Information” rights if applicable

Our site respects browser-based opt-out mechanisms and Global Privacy Control (GPC) signals where supported.

11. Special Protections for Children

Morton-Hill does not knowingly collect or process personal data from children under the age of 13. If we learn that such data has been inadvertently collected, we will take prompt steps to delete it. Parents or guardians who believe their child has provided information through morton-hill.com may contact us via [email protected] for appropriate removal.

12. Policy Updates and User Notifications

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or services. Users will be notified of material changes through morton-hill.com or direct communication methods, where applicable.

We encourage you to periodically review this page to remain informed about how we protect your data.

13. Contact

For any questions, concerns, or requests related to your personal data, or to exercise your rights under this policy, please contact our Data Protection Office at:

Email: [email protected]

Morton-Hill remains committed to full compliance with GDPR, CCPA, and all applicable privacy regulations. Your privacy matters to us, and we strive to uphold the highest standards in data protection.