Zephyr & Co

Home » 

Privacy Policy for Zephyr & Co.

Last Updated: [Insert Current Date - e.g., 20 June 2025]

At Zephyr & Co. (https://zephyrnco.online/), we are committed to protecting your privacy and ensuring a transparent experience. This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and what rights you have regarding your data.

By using our website, you agree to the collection and use of information in accordance with this policy.

1. Who We Are

Zephyr & Co. is a platform dedicated to providing curated insights, digital essentials, and lifestyle finds for intentional living and holistic well-being. We act as the data controller for the personal data collected through this website.

Our Website Address: https://zephyrnco.online/

Contact for Privacy Concerns: [Insert Your Dedicated Privacy Contact Email Address Here, e.g., privacy@zephyrnco.online]

2. What Personal Data We Collect and Why We Collect It

We collect various types of personal data for different purposes, all aimed at improving your experience and delivering our services effectively.

a. Comments When visitors leave comments on the site, we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment. Purpose: To facilitate user interaction, prevent spam, and display public comments. Legal Basis (GDPR): Legitimate interest (for spam detection, site integrity), Consent (for public display of comments).

b. Media If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website. Purpose: To display user-generated content safely.

c. Newsletter Subscriptions When you sign up for our newsletter, we collect your email address and, optionally, your name. Purpose: To send you our newsletter, updates, curated content, special offers, and promotional information relevant to Zephyr & Co.'s mission. Legal Basis (GDPR): Consent (you explicitly opt-in).

d. Contact Forms If you use a contact form on our site, we collect the information you provide (e.g., name, email address, message content). Purpose: To respond to your inquiries and provide support. Legal Basis (GDPR): Legitimate interest (to respond to user queries), Performance of a contract (if your inquiry relates to a service agreement).

e. Cookies If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year. If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select "Remember Me", your login will persist for two weeks. If you log out of your account, the login cookies will be removed. If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day. Purpose: To enhance user experience, remember preferences, and facilitate site functionality. Legal Basis (GDPR): Legitimate interest (for essential site functionality), Consent (for non-essential cookies like tracking).

f. Embedded Content from Other Websites Articles on this site may include embedded content (e.g., videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website. Purpose: To enrich content and provide additional resources.

g. Analytics (Google Analytics) We use Google Analytics to understand how visitors engage with our website. This service collects data such as your IP address, browser type, operating system, referring pages, pages visited, and the time and date of your visit. This data is largely anonymized and aggregated. Purpose: To analyse website traffic, understand user behaviour, and improve our website's performance and content. Legal Basis (GDPR): Legitimate interest (for website improvement and analysis).

3. Who We Share Your Data With

We only share your data with trusted third parties necessary for the operation of our website and services, or when legally required.

a. Service Providers: We use third-party services for website hosting, email marketing (e.g., Substack for newsletters), analytics (Google Analytics), and spam detection. These providers only have access to personal information as needed to perform their functions and are obligated not to disclose or use it for any other purpose.

b. Affiliate Partners & External Websites: Zephyr & Co. participates in various affiliate marketing programs. When you click on links on our site (including links to our Benable lists, which then redirect to various retailers), third-party cookies may be placed on your device to track purchases for commission purposes. We do not store your financial details or directly process transactions related to these affiliate purchases.

Crucial Note: These external websites and affiliate partners (e.g., Benable, Amazon, other retailers) have their own independent privacy policies. We encourage you to review their policies to understand how they collect, use, and share your information. We are not responsible for the privacy practices or content of these third-party sites.

For more details on our affiliate relationships, please see our dedicated Affiliate Disclosure Page: [Insert Link to Your Affiliate Disclosure Page Here]

c. Legal Requirements: If you request a password reset, your IP address will be included in the reset email. We may also disclose your data if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).

4. How Long We Retain Your Data

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Comments: If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

Newsletter Subscribers: Email addresses are retained as long as you remain subscribed to our newsletter. You can unsubscribe at any time.

User Accounts (if any): For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

Analytics Data: Data collected by Google Analytics is retained according to Google's data retention policies.

5. What Rights You Have Over Your Data

Under applicable data protection laws, including the GDPR for our UK/EU audience, you have certain rights regarding your personal data.|

Right to Access: You can request to receive an exported file of the personal data we hold about you, including any data you have provided to us.

Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.

Right to Erasure: You can request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.

Right to Object to Processing: You have the right to object to our processing of your personal data, under certain conditions.

Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

Right to Withdraw Consent: If we are processing your personal data based on your consent, you have the right to withdraw that consent at any time.
To exercise any of these rights, please contact us using the contact information provided at the beginning of this policy.

6. Where Your Data Is Sent

Visitor comments may be checked through an automated spam detection service. Data collected by third-party services (like Google Analytics or email marketing providers) may be transferred to and stored on servers located outside your country of residence, including in the United States. We ensure that appropriate safeguards are in place for such transfers in compliance with applicable data protection laws.

7. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. We advise you to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Disclaimer: This Privacy Policy template is provided for informational purposes only and does not constitute legal advice. While it aims to cover key aspects relevant to Zephyr & Co., it is highly recommended that you consult with a legal professional to ensure full compliance with all applicable privacy laws and regulations relevant to your specific operations and target audience (e.g., GDPR, CCPA, etc.).