Data Privacy & Processing Agreement
1. Enterprise Scope and Intent
This Privacy Policy governs the data collection and processing infrastructure for the Johanna Howard Home B2B Trade Portal. This portal is strictly restricted to registered Wholesale Stockists and Trade Discount Program members. We do not process consumer (B2C) retail data through this specific infrastructure.
2. Strictly Transactional Data Processing
We collect corporate contact information (including email addresses and procurement routing details) for the sole purpose of fulfilling our contractual obligations. Collected emails are processed via our MTA sub-processors (e.g., Mailgun) exclusively for:
- Dispatching automated fiscal invoices and payment receipts.
- Delivering real-time logistics webhooks and shipping tracking (Bill of Lading).
- Executing Two-Factor Authentication (2FA) and Secure Magic Links for portal access.
Strict Prohibition: Johanna Howard Home explicitly forbids the use of this B2B database for marketing, newsletters, or promotional campaigns. Data is siloed and ring-fenced for operational alerts only.
3. Third-Party Sub-processors
To guarantee 99.9% uptime for critical notifications, we utilize enterprise-grade infrastructure providers. All email dispatch is routed through Sinch Mailgun. Data transmitted to Mailgun is encrypted in transit (TLS 1.2/1.3) and is subject to strict data processing agreements ensuring GDPR and CCPA compliance.
4. Data Retention and Security
Account access logs and transactional email metadata are retained for 12 months for compliance, auditing, and debugging purposes. All databases are encrypted at rest using AES-256 encryption.