Privacy Policy
Last updated: June 13, 2026
This privacy policy explains what data Peace Love Decor (the "Site") collects, why we collect it, and what rights you have under the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA/CPRA), and the Children's Online Privacy Protection Act (COPPA).
1. Who we are
Peace Love Decor is operated by the editors. For data-protection questions, email hello@peacelovedecor.com or use our GDPR data request form.
2. What we collect
- Newsletter: email address, opt-in timestamp, IP. We use double opt-in.
- Contact form: name, email, message, IP, timestamp.
- Server logs: URL requested, referrer, user-agent, IP. Rotated weekly, kept 30 days.
- Cookies: see our Cookie Policy. Non-essential cookies (analytics, advertising) are blocked until you consent.
3. Third-party processors
We rely on a small set of services that may process your data on our behalf, only with your consent where required:
- Hosting (server logs and uptime).
- Google Analytics 4 (Google Ireland Ltd / Google LLC) — only if you accept analytics cookies. Loaded via Consent Mode v2 with IP anonymization; aggregate usage measurement only. Any transfer to Google LLC in the US relies on Google's certification under the EU–US Data Privacy Framework (and the UK/Swiss extensions) plus Standard Contractual Clauses. See Google's Privacy Policy and opt out with the GA opt-out add-on.
- Ad networks (only if you accept advertising cookies; we work only with networks that contractually accept GDPR/CCPA obligations).
- Email delivery for the newsletter and transactional confirmations.
4. Legal basis (GDPR Art. 6)
- Newsletter and analytics: your consent.
- Contact form responses: our legitimate interest in answering you.
- Server logs: legitimate interest in keeping the site secure.
5. Retention
- Newsletter: until you unsubscribe, then erased within 30 days.
- Contact form: 24 months unless you request earlier deletion.
- Server logs: 30 days, rotated weekly.
- Backups: 90 days, then overwritten.
6. Your rights
You can request access, correction, deletion, portability, or restriction of your personal data, and you can object to processing or withdraw consent at any time. Use our GDPR data request page or email hello@peacelovedecor.com. California residents have the same rights under CCPA, plus the right to opt out of "sale or sharing" — we do not sell or share personal data outside the consent-bound purposes above.
7. Children
The Site is not aimed at children under 13. We do not knowingly collect data from them. If you believe a minor has submitted information, contact us and we'll delete it.
8. Security
HTTPS-only with HSTS, prepared SQL statements, hashed admin passwords, content security policy with nonces. We will notify affected users of any breach within 72 hours of discovery.
9. Changes
If this policy changes materially, we'll post a notice on the homepage for 30 days and email active subscribers.