Holy Land Photography — Digital Photo Sales
Website: https://holylandflowers.com
Effective Date: March 15, 2026
Last Updated: March 15, 2026
1. Introduction
Holy Land Photography ("we," "us," "our," or the "Company") is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, store, share, and protect your personal data when you visit our website at https://holylandflowers.com (the "Website") or purchase our digital photographic products ("Digital Products").
This Privacy Policy complies with the General Data Protection Regulation (GDPR – EU 2016/679), the California Consumer Privacy Act (CCPA), Jordan's Electronic Transactions Law No. 15 of 2015, ISO/IEC 27001 (Information Security Management), ISO/IEC 27701 (Privacy Information Management), and other applicable international data protection regulations.
By using our Website, you consent to the practices described in this Privacy Policy. If you do not agree with this policy, please discontinue use of our Website.
2. Data Controller
The data controller responsible for your personal data is:
Holy Land Photography
Location: Jordan
Email: info@holyland.whatsnewit.com
Website: https://holylandflowers.com
3. Information We Collect
3.1. Information You Provide Directly
- Account Information: Name, email address, username, and password when you create an account.
- Purchase Information: Billing address, payment card details (processed securely through our Payment Gateway provider — we do not store full card numbers), purchase history, and transaction records.
- Communication Data: Any information you provide when contacting us via email, contact forms, or customer support, including your name, email address, and message content.
3.2. Information Collected Automatically
- Device Information: Device type, operating system, browser type and version, screen resolution, and unique device identifiers.
- Usage Data: Pages visited, time spent on pages, click patterns, referring/exit pages, and browsing behavior on the Website.
- Log Data: IP address, access timestamps, server logs, and error reports.
- Location Data: General geographic location derived from your IP address (country/region level only).
3.3. Cookies and Tracking Technologies
We use cookies, web beacons, pixels, and similar technologies to enhance your experience, analyze Website traffic, and personalize content. For detailed information, see Section 10 (Cookies Policy).
4. Legal Basis for Processing (GDPR)
We process your personal data based on the following legal grounds:
| Legal Basis | Purpose |
|---|---|
| Contractual Necessity | To process your Orders, deliver Digital Products, and manage your account. |
| Legitimate Interest | To improve our Website, prevent fraud, and ensure security. |
| Consent | For marketing communications and non-essential cookies. |
| Legal Obligation | To comply with applicable laws, tax requirements, and legal proceedings. |
5. How We Use Your Information
We use your personal data for the following purposes:
- Order Processing: To process and fulfill your purchases, send order confirmations, and deliver Digital Products.
- Account Management: To create and manage your user account, authenticate your identity, and provide customer support.
- Payment Processing: To process payments securely through our authorized Payment Gateway, detect and prevent fraud.
- Communication: To respond to your inquiries, provide customer support, and send transactional emails (order receipts, download links, account notifications).
- Marketing (with consent): To send promotional offers, newsletters, and updates about new products. You may opt out at any time.
- Website Improvement: To analyze usage patterns, improve Website functionality, and enhance user experience.
- Security: To detect, prevent, and address fraud, unauthorized access, and other illegal activities.
- Legal Compliance: To comply with applicable laws, regulations, and legal processes.
6. Data Sharing and Disclosure
We do not sell, rent, or trade your personal information. We may share your data with the following categories of recipients:
6.1. Service Providers
- Payment Processors: To securely process your payments (PCI DSS compliant).
- Hosting Providers: To host and maintain our Website infrastructure.
- Email Service Providers: To send transactional and marketing emails.
- Analytics Providers: To analyze Website usage (e.g., Google Analytics with IP anonymization enabled).
6.2. Legal and Regulatory Authorities
We may disclose your data when required by law, in response to valid legal processes, to protect our rights, or to prevent harm.
6.3. Business Transfers
In the event of a merger, acquisition, or sale of assets, your personal data may be transferred as part of the transaction. We will notify you of any such transfer and the choices available to you.
6.4. With Your Consent
We may share your information with third parties when you have given us explicit consent to do so.
7. International Data Transfers
Your data may be transferred to and processed in countries other than your country of residence. When transferring data internationally, we ensure adequate safeguards are in place, including:
- Standard Contractual Clauses (SCCs) approved by the European Commission.
- Data Processing Agreements with all third-party processors.
- Compliance with applicable data transfer regulations.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:
| Data Type | Retention Period |
|---|---|
| Account Information | Duration of account + 2 years after deletion |
| Transaction Records | 7 years (legal/tax compliance) |
| Communication Records | 3 years from last interaction |
| Usage/Analytics Data | 26 months (anonymized thereafter) |
| Marketing Consent Records | Duration of consent + 1 year |
After the retention period expires, your data will be securely deleted or anonymized in accordance with ISO/IEC 27001 standards.
9. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
9.1. GDPR Rights (EU/EEA Residents)
- Right of Access: Request a copy of your personal data.
- Right to Rectification: Request correction of inaccurate or incomplete data.
- Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data.
- Right to Restrict Processing: Request limitation of processing your data.
- Right to Data Portability: Receive your data in a structured, commonly used, machine-readable format.
- Right to Object: Object to processing based on legitimate interests or direct marketing.
- Right to Withdraw Consent: Withdraw consent at any time without affecting the lawfulness of prior processing.
- Right to Lodge a Complaint: File a complaint with your local supervisory authority.
9.2. CCPA Rights (California Residents)
- Right to Know: What personal information is collected, used, shared, or sold.
- Right to Delete: Request deletion of personal information.
- Right to Opt-Out: Opt out of the sale of personal information (we do not sell personal information).
- Right to Non-Discrimination: Not be discriminated against for exercising your rights.
9.3. How to Exercise Your Rights
To exercise any of your rights, please contact us at:
- Email: info@holylandflowers.com
- Subject Line: "Data Privacy Request – [Your Right]"
We will respond to your request within 30 days. We may request identity verification before processing your request.
10. Cookies Policy
10.1. What Are Cookies?
Cookies are small text files placed on your device when you visit our Website. They help us recognize you, remember your preferences, and improve your experience.
10.2. Types of Cookies We Use
| Cookie Type | Purpose | Duration |
|---|---|---|
| Strictly Necessary | Essential for Website functionality, security, and payment processing. | Session |
| Functional | Remember your preferences and settings. | Up to 1 year |
| Analytics | Track Website usage and performance (anonymized). | Up to 26 months |
| Marketing | Deliver relevant advertising (with consent only). | Up to 1 year |
10.3. Managing Cookies
You can manage cookie preferences through:
- Our cookie consent banner displayed upon your first visit.
- Your browser settings (note: disabling essential cookies may affect Website functionality).
- Opt-out tools provided by analytics services (e.g., Google Analytics Opt-out Browser Add-on).
11. Data Security
We implement robust technical and organizational measures to protect your personal data in accordance with ISO/IEC 27001 standards, including:
- Encryption: SSL/TLS encryption for all data in transit; AES-256 encryption for data at rest.
- Access Controls: Role-based access controls and multi-factor authentication for system access.
- Monitoring: Continuous security monitoring, intrusion detection systems, and regular security audits.
- PCI DSS Compliance: All payment data is handled in compliance with PCI DSS standards.
- Employee Training: Regular privacy and security awareness training for all staff.
- Incident Response: A documented data breach response plan with notification procedures compliant with GDPR Article 33 (within 72 hours).
12. Children's Privacy
Our Website and services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected data from a minor, we will take prompt steps to delete such information.
13. Third-Party Links
Our Website may contain links to third-party websites. We are not responsible for the privacy practices of such websites. We encourage you to review the privacy policies of any third-party websites you visit.
14. Marketing Communications
14.1. We may send you marketing communications with your prior consent.
14.2. You can opt out of marketing communications at any time by:
- Clicking the "Unsubscribe" link in any marketing email.
- Contacting us at info@holyland.whatsnewit.com.
14.3. Opting out of marketing communications does not affect transactional emails related to your Orders.
15. Changes to This Privacy Policy
15.1. We may update this Privacy Policy from time to time. The updated version will be posted on this page with a revised "Last Updated" date.
15.2. For material changes, we will notify registered users via email and/or prominent notice on the Website.
15.3. Your continued use of the Website after changes are posted constitutes your acceptance of the updated Privacy Policy.
16. Data Protection Officer
For privacy-related inquiries, you may contact our designated privacy representative:
Email: info@holylandflowers.com
Subject Line: "Attn: Data Protection Officer"
Response Time: Within 30 days of receipt
17. Supervisory Authority
If you are located in the EU/EEA and are not satisfied with our response to a privacy concern, you have the right to lodge a complaint with your local data protection supervisory authority.
18. Contact Us
For questions, concerns, or requests regarding this Privacy Policy, please contact us at:
Holy Land Photography
Location: Jordan
Website: https://holylandflowers.com
Email: info@holylandflowers.com
Support Hours: Sunday – Thursday, 9:00 AM – 5:00 PM (GMT+3)
By using this Website, you acknowledge that you have read, understood, and agree to this Privacy Policy.