1. Who We Are

This privacy policy applies to the website and services operated by Aisling Collective Inc. DBA [ash-ling] Booksellers, located at 47 Doyle Street, Historic Toccoa, Georgia 30577.

We are the data controller responsible for personal information collected through this website. For residents of the European Economic Area (EEA), [ash-ling] Booksellers is the data controller responsible for your personal data.

This policy explains what information we collect, why we collect it, how we use it, and what rights you have regarding your data. We may update this policy from time to time — the date above reflects the most recent revision. Continued use of our site after changes constitutes acceptance of the updated policy.

2. Information We Collect

We collect information in the following ways:

Information you provide directly: When you create an account, place an order, sign up for our newsletter, fill out a form, or contact us, we may collect your name, email address, mailing address, phone number, and payment information.

Information collected automatically: When you visit our site, we automatically collect certain technical information including your IP address, browser type, device type, pages visited, and how you arrived at our site. This is collected through cookies and similar technologies (see Section 6).

Information from transactions: When you make a purchase, we collect details about the transaction including what was ordered, the amount, and shipping information necessary to fulfill your order.

You may visit our site without creating an account or providing personal information.

3. How We Use Your Information

We use the information we collect for the following purposes:

• To process and fulfill orders — including payment processing, shipping, and order-related communications
• To manage your account — including account creation, order history, and wish lists
• To send transactional emails — order confirmations, shipping updates, and receipts
• To send marketing communications — newsletters, new arrivals, event announcements, and promotions, only if you have opted in or are an existing customer (you may unsubscribe at any time)
• To improve our website and services — analyzing how our site is used to make it work better for you
• To prevent fraud — protecting our customers and our business from unauthorized activity
• To comply with legal obligations — including tax records and Georgia breach notification requirements

Under GDPR, our lawful bases for processing are: (1) performance of a contract — to process your orders; (2) legitimate interests — for fraud prevention, security, and improving our services; (3) consent — for marketing communications and non-essential cookies; and (4) legal obligation — where law requires us to retain or process data.

4. Sharing Your Information

We do not sell your personal information. We do not sell, rent, or trade your personal data to third parties for their marketing purposes.

We share your information only in the following limited circumstances:

• Service providers — We work with third-party companies that help us operate our website and fulfill orders, including payment processors, shipping carriers, and email service providers. These providers are contractually required to protect your data and use it only to perform services on our behalf.
• Fulfillment of your order — We share your shipping address and order details with shipping carriers solely to deliver your purchases.
• Legal requirements — We may disclose your information if required by law, court order, or governmental authority, or to protect the rights, property, or safety of [ash-ling] Booksellers, our customers, or others.
• Business transfers — In the event of a merger, acquisition, or sale of assets, customer data may be among the assets transferred. We will notify you in the event of such a change.

5. Security

We take reasonable technical and organizational measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction. Our website uses SSL (Secure Socket Layer) encryption for all sensitive data transmission, including payment information.

Payment card information is transmitted securely to our payment gateway provider and is not stored on our servers. After a transaction, your contact information (name, address, email) may be retained on file for legitimate business purposes including future transactions and customer service.

While we take these precautions seriously, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security but are committed to maintaining industry-standard protections.

6. Cookies

Cookies are small text files placed on your device by websites you visit. They are widely used to make websites work efficiently and to provide information to site owners.

We use cookies for the following purposes:

• Essential / Functional cookies — These are necessary for the website to work. They enable core functionality such as your shopping cart, account login, language preferences, and security features. The site cannot function properly without them. These cookies do not require your consent.
• Analytics cookies — We use cookies to understand how visitors use our site, which pages are most visited, and how we can improve the experience. This data is used in aggregate and does not identify you personally.
• Preference cookies — These remember your choices and settings (such as your preferred store view) to personalize your experience on return visits.

Managing cookies: Most web browsers automatically accept cookies. You can usually modify your browser settings to decline cookies, block third-party cookies, or delete existing cookies. Please note that disabling certain cookies may prevent some features of our site from functioning correctly — in particular, your shopping cart requires cookies to operate.

You can find information on managing cookies in your specific browser through your browser's help documentation. You may also opt out of certain analytics tools through industry opt-out tools such as the Google Analytics Opt-Out Browser Add-On.

For EEA residents, non-essential cookies require your consent. You may withdraw consent at any time by adjusting your browser settings or contacting us.

7. Data Retention

We keep your personal data for as long as necessary for the purposes for which it was collected. Specifically:

• Account information is retained for as long as your account is active or as needed to provide you services
• Order and transaction records are retained as required for accounting, tax, and legal purposes (typically 7 years under US tax law)
• Marketing opt-in data is retained until you unsubscribe or request removal
• After your account is closed, we may retain certain information for a reasonable period to handle any queries, complaints, or legal obligations

We periodically review the personal information we hold and securely delete or anonymize it when there is no longer a legal, business, or consumer need to retain it.

8. Links to Other Websites

Our website may contain links to third-party websites, including social media platforms, community partners, and external resources. Once you follow a link to leave our site, we have no control over that website and this privacy policy no longer applies. We encourage you to read the privacy policy of any third-party site you visit.

9. Children's Privacy

Our website is not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us emailing us and we will promptly delete it.

10. Data Breach Notification

In the event of a data breach involving your personal information, we will comply with Georgia's Personal Identity Protection Act (O.C.G.A. § 10-1-912), which requires that we notify affected individuals expeditiously. If a breach affects more than 10,000 Georgia residents, we are also required to notify the major national consumer reporting agencies.

We will notify you by email using the address associated with your account. If you believe your account information may have been compromised, please contact us immediately by emailing us..

11. GDPR — Rights for EEA Residents

If you are located in the European Economic Area (EEA), you have specific rights regarding your personal data under the General Data Protection Regulation (GDPR).

International Data Transfers: [ash-ling] Booksellers is a US-based business. When you use our services from the EEA, your data may be transferred to and stored on servers in the United States, where data protection laws may differ from those in your country. We take steps to ensure that appropriate safeguards are in place for any such transfers.

12. Contact & Data Requests

To exercise any of your rights, request access to your personal data, request deletion, or submit any privacy-related inquiry, please contact us with your name, mailing address, and email address, along with the specifics of your request.

We will respond to all verified requests within 30 days. We reserve the right to verify your identity before processing any data request, and pursuant to applicable law we may be entitled to decline certain requests.

This privacy policy applies to ashlingbooksellers.com and all subdomains. It does not apply to third-party websites linked from our site. This policy should not be construed as legal advice. If you have specific legal questions about data privacy compliance, we recommend consulting a licensed attorney.