Privacy Policy for The Pink Skirt Project

Last Updated: November 21, 2024

1. Introduction

This Privacy Policy explains how The Pink Skirt Project, owned by Martell Growth Solutions ("we," "us," or "our"), collects, uses, and protects your personal information when you use www.thepinkskirtproject.com or attend our events. We are committed to protecting your privacy and ensuring transparency in our data practices.

2. Information We Collect

2.1 Personal Information

• Identity Information: full name, username, password

• Contact Information: email address, physical address, phone number

• Financial Information: credit card information (processed through Stripe)

• Professional Information: job title, company name, industry

• Event Preferences: dietary requirements, accessibility needs

• Marketing Preferences: communication opt-ins/opt-outs

• Emergency Contact Information: name and phone number of designated contact

2.2 Automatically Collected Information

• Technical Data: IP address, browser type and version, time zone setting

• Device Information: device type, operating system, platform

• Location Data: approximate location based on IP address

• Usage Data: pages visited, time spent on pages, referral sources

• Performance Data: error logs, crash reports

• Marketing Data: email open rates, click-through rates

2.3 Special Categories of Data Health Information: only if voluntarily provided for accessibility or dietary requirements

• Photographs and Video Recordings: during events

• Social Media Information: if you connect your social media accounts

3. Legal Basis for Processing

3.1 We process your data based on:

• Contract Performance: processing necessary for event registration

• Legal Obligations: tax, business records, safety regulations

• Legitimate Interests: improving our services, marketing

• Consent: marketing communications, cookies, photography

3.2 Marketing Communications

• Opt-in consent required for marketing emails

• Clear unsubscribe options in every communication

• Preference center for communication management

• Regular review of marketing consents

4. How We Use Your Information

4.1 Primary Uses

• Process event registrations and payments

• Provide event information and updates

• Customer support and communication

• Emergency contact during events

• Dietary and accessibility arrangements

4.2 Secondary Uses

• Service improvement and development

• Marketing and promotional activities

• Analytics and research

• Legal compliance and audit requirements

• Fraud prevention and security

5. Data Sharing and Transfers

5.1 Third-Party Service Providers

• Payment Processors: Stripe

• Email Service Providers: [Specify Provider]

• Event Management Platforms: [Specify Platform]

• Analytics Services: [Specify Service]

• Cloud Storage: [Specify Provider]

5.2 International Data Transfers

• Data may be transferred between Canada and USA

• Appropriate safeguards in place

• Standard contractual clauses

• Regular security assessments

6. Data Security

6.1 Technical Measures

• SSL/TLS encryption for data transmission

• Firewalls and intrusion detection

• Regular security patches and updates

• Access control and authentication

• Regular security audits

6.2 Organizational Measures

• Employee training on data protection

• Access restricted on need-to-know basis

• Data breach response plan

• Regular policy reviews

• Incident response procedures

7. Data Retention

7.1 Retention Periods

• Account Information: 5 years after last activity

• Financial Records: 7 years (legal requirement)

• Marketing Data: 2 years after last interaction

• Event Photos: 3 years

• Technical Logs: 1 year

7.2 Data Deletion

• Secure deletion procedures

• Regular data review and cleanup

• Option for manual account deletion

8. Your Privacy Rights

8.1 You have the right to:

• Access your personal data

• Correct inaccurate data

• Request data deletion

• Restrict processing

• Data portability

• Object to processing

• Withdraw consent

• Lodge a complaint with supervisory authorities

8.2 Exercise Your Rights

• Online privacy dashboard

• Email requests to [Privacy Email]

• Response within 30 days

• Identity verification required

• No fee (except excessive requests)

9. Cookie Policy

9.1 Types of Cookies

• Essential Cookies: website functionality

• Analytics Cookies: performance monitoring

• Marketing Cookies: advertising tracking

• Social Media Cookies: sharing capabilities

9.2 Cookie Management

• Cookie consent banner

• Cookie preference center

• Browser settings information

• Third-party cookie list

10. Children's Privacy

• Minimum age requirement: 13 years

• Parental consent requirements

• Special data protection measures

• Immediate deletion if underage data discovered

11. Specific Regional Rights

11.1 Canadian Users (PIPEDA)

• Transparency requirements

• Consent management

• Access and correction rights

• Challenge compliance procedure

11.2 US Users

• State-specific rights (CCPA, CPRA, etc.)

• Do Not Sell My Information rights

• Specific consent requirements

• State-specific disclosures

12. Changes to Privacy Policy

• Regular policy reviews

• Update notifications

• Version history maintained

• Material changes require consent

13. Data Protection Officer

Renee: renee@thepinkskirtproject.com

• Independent oversight

• Regular compliance reviews

• Direct reporting line

• Available for inquiries

14. Contact Information

Privacy Officer

The Pink Skirt Project

Martell Growth Solutions

Renee: renee@thepinkskirtproject.com

Response Time: Within 2 business days

15. Governing Law

This Privacy Policy is governed by British Columbia law. Any disputes shall be resolved in the courts of British Columbia, Canada.

16. Additional Resources

• FAQ about privacy practices

• Data request forms

• Cookie preference center

• Privacy rights exercise forms