Privacy Policy

This Privacy Policy outlines how Holy Headshot (“we”, “our”, or “us”) collects, uses, discloses, and safeguards your personal data when you visit our website at holyheadshot.com or contact us via email at [email protected]. We are committed to respecting your privacy and protecting your personal information in accordance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws.

1. Commitment to Privacy and Data Protection

At Holy Headshot, your privacy is paramount. We are committed to maintaining the confidentiality, integrity, and security of your personal data. We strive to ensure transparency in our data handling practices and give you control over your personal information. We implement industry best practices to ensure that your data is processed responsibly and lawfully.

2. Scope and Role of Data Controller

This Privacy Policy applies to all personal data we collect through our website, services, and communications. Holy Headshot acts as the “Data Controller” for the purposes of the GDPR and as the “Business” within the meaning of the CCPA, determining the purpose and means of data processing related to your interaction with holyheadshot.com.

3. Categories of Data We Collect

We collect and process the following categories of personal data:

a. Usage Data:
Includes information about how you access and use our website. This data may include your IP address, browser type, browser version, pages visited, time spent on pages, clickstream data, and other diagnostic data.

b. Account Data:
If you register or create an account with us, we collect personal identifiers including your full name, email address, mailing address, and phone number.

c. Profile Data:
Contains details related to your preferences, past purchases, user behavior, interaction history with our site, and feedback.

d. Communication Data:
Refers to any data you provide when contacting customer support or interacting with us, including inquiries, emails, chat logs, and contact history.

e. Technical Data:
Includes data about your device, such as device type, operating system, hardware version, device settings, screen resolution, and browser configuration.

f. Transaction Data:
Refers to purchase information, payment method details (excluding full credit card numbers), billing/shipping addresses, and fulfillment or delivery records related to any transactions.

g. Preference Data:
Encompasses your consents, marketing preferences, subscription settings, and interest in particular products or services.

4. Legal Bases for Processing

We process your personal data under the following legal bases:

– Performance of a Contract: When necessary for fulfilling or entering into a contract with you (e.g., facilitating a purchase).
– Consent: Where you have provided voluntary and informed consent (e.g., opting into marketing emails).
– Legitimate Interests: When processing is necessary for our legitimate business interests, provided these interests are not overridden by your rights and freedoms (e.g., analytics for improving website performance).
– Compliance with Legal Obligations: When we are required to process your data to comply with applicable laws and regulations.

5. Your Data Protection Rights

Under applicable laws, you have the following rights in relation to your personal data:

– Right of Access: Obtain confirmation and access to the personal data we hold about you.
– Right to Rectification: Request correction of inaccurate or incomplete personal data.
– Right to Erasure (Right to be Forgotten): Request deletion of your data, subject to certain legal exceptions.
– Right to Restriction: Limit the way your data is processed in specific circumstances.
– Right to Data Portability: Receive your personal data in a commonly used and machine-readable format, or request its transfer to a third party.
– Right to Object: Object to processing carried out on the basis of legitimate interests or direct marketing.

To exercise any of these rights, please contact [email protected].

6. Security Measures

We implement appropriate technical and organizational measures to protect personal data. These may include:

– Data encryption during transit and at rest
– Access controls and user authentication protocols
– Regular system and security audits
– Firewalls and threat detection systems
– Staff training in data protection policies and secure data handling
– Secure backups and disaster recovery mechanisms

7. International Data Transfers

Your personal data may be transferred to and stored in countries outside your country of residence that may have different data protection laws. Where applicable, we use standard contractual clauses approved by the European Commission or rely on other approved safeguards to ensure adequate protection for international data transfers, particularly in line with GDPR and regional compliance obligations.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. The retention periods vary by data type:

– Usage Data: up to 12 months for analytics purposes
– Account Data: retained as long as the account is active plus 3 years
– Communication Data: retained for up to 24 months for support and internal review
– Transaction Data: retained for up to 7 years for tax and compliance purposes
– Preference Data: retained until you withdraw your consent or request deletion

9. Cookie Policy

We use cookies and similar tracking technologies on holyheadshot.com to enhance your browsing experience and analyze site performance. Cookies fall into the following categories:

– Essential Cookies: Necessary for the core functionality of the site (e.g., login, secure checkout).
– Functional Cookies: Enable personalization and remember your preferences.
– Analytics Cookies: Help us understand how users interact with our site to improve usability and content.
– Performance Cookies: Monitor site performance and loading speeds.

You can learn more about each cookie in our detailed Cookies Disclosure section, accessible via our website’s footer.

10. Managing Cookies and Compliance

We provide full cookie consent mechanisms to comply with GDPR and CCPA. When you visit holyheadshot.com, you will be prompted to accept or manage your cookie preferences. You may update or revoke your consent at any time using the “Cookie Settings” link. Additionally, you can manage your cookie preferences via your browser settings. Under the CCPA, California residents may opt-out of the sale of their personal information directly on our site.

11. Children’s Privacy

Our services are not directed to children under the age of 13. We do not knowingly collect personal data from individuals under 13 years of age. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at [email protected] and we will promptly delete such data.

12. Policy Updates and Notification

We reserve the right to amend this Privacy Policy as our data processing practices evolve or to reflect changes in legal and regulatory requirements. If significant changes are made, we will notify you via our website or through direct communication, where appropriate. We encourage you to periodically review this policy to stay informed about how we protect your information.

13. Contact Us

For any questions, concerns, or requests regarding this Privacy Policy or your personal data rights, please contact:

Holy Headshot
Email: [email protected]
Website: https://holyheadshot.com

We are dedicated to ensuring compliance with all applicable privacy laws and to responding promptly and thoroughly to any privacy-related inquiries.

 © 2025 Holy Headshot. All Rights Reserved.