Overview — short and clear

GoldenBloom ("we", "us", "our") operates goldenbloom.blog, a garden-focused resource for seniors and gardening enthusiasts. We collect only the information we need to provide services, improve our site, and deliver relevant content and advertising. We respect your privacy rights and aim to be transparent about our practices, how data is used, and how you can control your information.

Table of contents

This policy covers: what we collect; why we collect it; how we use, share, and protect data; cookie and tracking details; user rights (GDPR & CCPA); storage and retention; third-party services; international transfers; and how to contact us.

1. What information we collect

We collect information in several ways depending on how you interact with GoldenBloom:

1.1. Information you give us directly

When you contact us by email or via our contact form (for example: name, email address, message content), we collect that data to respond and to maintain a record of communications. When you subscribe to newsletters, we collect the email address and optional name you provide so we can deliver the content you requested.

1.2. Information collected automatically

We automatically collect certain technical data when you visit our site, including:

• IP address;
• device and browser type;
• operating system;
• referrer URL (the site you visited before arriving at ours);
• pages you view and the time spent on those pages; and
• clicks, scroll events, and other interaction signals for analytics.

1.3. Cookies and similar technologies

We use cookies, pixel tags, and local storage to personalize your experience, analyse site performance, and serve relevant advertising through partners such as Google Ads. Cookie types we use:

• Essential cookies: required for the site to function (navigation, forms).
• Functional cookies: remember preferences (language, font size).
• Analytics cookies: gather anonymous usage statistics (Google Analytics).
• Advertising cookies: used to show ads based on interests (Google Ads / DoubleClick).

2. Why we collect information — legitimate purposes

We collect data to:

• respond to your messages and requests;
• provide and maintain our services;
• improve and personalize content and site features;
• measure and analyze user behavior to improve our offerings;
• deliver relevant advertising in a privacy-respecting manner;
• detect, prevent and address technical issues or abuse; and
• comply with legal obligations and enforce our Terms of Service.

3. How we use your information

Your data is used only for the purposes stated when it was collected. Typical uses include:

• replying to enquiries and providing customer support;
• sending newsletter content you explicitly signed up for;
• optimising site navigation, layout, and content relevance;
• running analytics to assess which articles and pages most help our audience;
• displaying ads through Google Ads and other networks in a manner consistent with your consent and preferences;
• fulfilling security and fraud prevention needs; and
• complying with lawful requests from authorities.

4. Legal basis for processing (for EU / EEA users)

If you are in the European Union or EEA, our legal bases for processing personal data are:

• Consent — where you have opted in (for example, newsletter subscription or accepting non-essential cookies);
• Contract — when processing is necessary to perform our contract with you (e.g., deliver a paid product or service);
• Legitimate interests — for website security, site improvement, analytics, and fraud prevention, where those interests are not overridden by your fundamental rights; and
• Legal obligation — to comply with applicable law or regulatory requests.

5. Cookies, consent and managing preferences

On first visit we show a cookie banner with a clear option to accept or manage cookie settings. You may withdraw or change consent at any time by:

• using the cookie banner control (if available);
• changing your browser cookie settings (blocking or deleting cookies); or
• visiting the advertising opt-out pages listed below for ad personalization controls.

Advertising opt-out links:

• Google Ad Settings
• YourAdChoices / AboutAds

6. Analytics and measurement

We use Google Analytics and similar analytics tools to understand traffic patterns and engagement. We take the following privacy measures with analytics:

• we enable IP anonymization where supported;
• we limit access to analytics reports to authorised staff;
• we do not combine analytics data with contact form data unless you explicitly provide consent for that use.

7. Advertising partners and how ads are served

GoldenBloom partners with Google Ads and other advertising networks. These third parties may use cookies and device identifiers to deliver or measure ads. Data they collect is subject to their own privacy policies—links are provided where appropriate. Importantly:

• we do not allow or use deceptive techniques such as cloaking or misrepresentation to direct ad traffic;
• we do not knowingly request ad networks to serve prohibited content against their policies;
• we follow Google Ads requirements for transparency and user control.

8. Sharing and disclosure of information

We will not sell or rent your personal data. We may share information in the following limited situations:

• with service providers who perform functions on our behalf (hosting, email delivery, analytics, ad serving);
• to comply with a legal obligation (court order, law enforcement request);
• to protect and defend our rights or the safety of our users (safety, fraud, legal claims);
• in connection with a corporate transaction (merger, sale, or transfer), with notice to users and appropriate safeguards.

9. Third-party websites and links

Our site may link to external websites (for example, advertiser landing pages or referenced resources). Once you leave goldenbloom.blog, other sites’ policies apply. Please review each site’s privacy policy before sharing personal information.

10. Data retention and deletion

We retain personal data only for as long as necessary for the purposes described and to comply with law. Specific retention examples:

• contact form messages and related correspondence: up to 24 months (or longer if required for legal compliance);
• newsletter lists: retained until you unsubscribe or request deletion;
• analytics and aggregate logs: retained in anonymized form for up to 26 months unless anonymized earlier.

11. Your rights and how to exercise them

Depending on where you live, you may have certain rights over your personal information. We describe them below and how to exercise them.

11.1. Rights for EU/EEA residents (GDPR)

• Access: request a copy of the personal data we hold about you;
• Rectification: ask us to correct inaccurate or incomplete data;
• Erasure: request deletion of personal data under certain conditions;
• Restriction: ask to limit processing under specific circumstances;
• Data portability: request your data in a commonly used, machine-readable format;
• Objection: object to processing for direct marketing or legitimate interests;
• Withdraw consent: where processing is based on consent, you may withdraw at any time.

11.2. Rights for California residents (CCPA)

• Know: request details of personal information we collect, sell, or disclose;
• Delete: request deletion of personal information subject to exceptions;
• Opt-out: opt out of the sale of personal information (we do not sell personal data);
• Non-discrimination: we will not discriminate for exercising CCPA rights.

To exercise any rights, contact us at privacy@goldenbloom.blog. For verification we may request reasonable information to confirm your identity. We aim to respond within 30 calendar days of a verified request.

12. How we protect your information

We implement industry-standard measures to safeguard data. These include:

• secure hosting with reputable providers;
• use of HTTPS/SSL on the site;
• limited employee access under strict confidentiality obligations;
• regular updates and security scans;
• encryption at rest and in transit where applicable;
• procedures for responding to security incidents and data breaches.

If we identify an actual data breach affecting your personal data, we will notify you and the appropriate authorities as required by law without undue delay.

13. International transfers and where data is processed

GoldenBloom may transfer data internationally to service providers located in countries that may have different data protection laws. When we do so, we use appropriate safeguards (for example, Standard Contractual Clauses or adequate safeguards recognized under applicable law) to protect your data in accordance with GDPR and other applicable standards.

14. Minors and children’s privacy

GoldenBloom is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such data, contact us at privacy@goldenbloom.blog and we will promptly delete the information.

15. Advertiser and publisher responsibilities

We expect our advertising partners and publishers to follow applicable laws and ad network policies (including Google Ads policies). We require that partners do not engage in deceptive practices, cloaking, misleading redirects, or content that violates applicable policies. If you are an advertiser or partner and require details about data handling or ad-serving practices on our site, contact us and we will provide reasonable cooperation.

16. Accessibility and language

This Privacy Policy is provided in English. If you require a version in another language for accessibility reasons, please contact us at privacy@goldenbloom.blog and we will make reasonable efforts to assist.

17. Changes to this policy

We may update this Privacy Policy to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will post the updated date at the top of this page and provide notice where appropriate (for example, via a site banner or email notification to subscribers). Non-material changes may be implemented without explicit notice but will be posted on this page.

18. Contact & supervisory authority

If you have questions, concerns, or a privacy-related complaint, please contact our privacy team:

Email: privacy@goldenbloom.blog
Website: goldenbloom.blog

If you are an EU resident and remain unsatisfied after contacting us, you have the right to lodge a complaint with your local data protection authority. For California residents, if you have concerns you can contact the California Attorney General’s office.

Annex — Technical & processing details (for clarity)

The annex below explains some of the technical terms and processing rationale in plain language so you — and reviewers at Google Ads — can clearly see our intent and safeguards:

Annex A — Cookie details

Purpose: Cookies used fall into categories: essential (session cookies), analytics (Google Analytics), functional (language or preference storage), and advertising (Google Ads remarketing/DoubleClick).

How long: session cookies expire at session end; persistent analytics and advertising cookies may persist up to 2 years depending on the provider; we do not control third-party cookie retention — refer to the provider’s policy.

Annex B — Google Ads & remarketing

We may use Google Ads remarketing to show ads to users who previously visited our site. Those ads are subject to Google’s controls and the user may opt out via Google Ad Settings.

Annex C — Data processors

We use reputable processors and require data processing agreements that include confidentiality, data security, and deletion obligations. Examples: our hosting company, the email provider used for newsletters, Google for analytics and ad serving.

Annex D — Security controls

Example technical measures we use (summary): HTTPS/TLS for transport security; principle of least privilege for internal access; secure password and credential policies for admin areas; regular backups and monitored logs for suspicious activity.

This annex is intended to demonstrate transparency and to help with compliance checks or ad review processes. If you need more specific processor names or contractual references for compliance audits, contact us at privacy@goldenbloom.blog.