Privacy Policy for OliversCorfeCastle.com

1. Introduction

At OliversCorfeCastle.com, we are committed to safeguarding the privacy and personal data of our website visitors, users, and customers (“you”). This Privacy Policy outlines how we collect, process, store, and protect your information in compliance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws. We take a privacy-first approach to all aspects of our operations and endeavor to give you the transparency and control you deserve over your personal data.

2. Scope of Policy and Data Controller Role

This Privacy Policy applies to all personal data collected and processed in connection with your use of OliversCorfeCastle.com (the “Website”). The data controller responsible for processing your data is Olivers Corfe Castle, which can be contacted at [email protected].

By accessing or using the Website, you acknowledge and accept the terms of this Privacy Policy.

3. Categories of Data We Process

We process the following categories of personal data:

a. Usage Data

This includes information such as IP addresses, browser type, operating system, pages visited, access times, time spent on the site, click-through data, and session identifiers. This data is collected automatically to help us understand how users interact with the Website and improve its functionality.

b. Account Data

When you register or make a purchase, we may collect your full name, billing and shipping addresses, email address, and telephone number.

c. Profile Data

This category includes your preferences, past purchases, customer history, behavioral data on the Website (e.g., page views, saved items), and engagement with products or promotions.

d. Communication Data

Includes any data shared when you contact customer support, submit inquiries, or communicate with us via form submissions, email, or other messaging systems, along with correspondence history.

e. Technical Data

Covers device type, operating system, app versions, screen resolution, time zone settings, and system diagnostics.

f. Transaction Data

Includes records of purchases, payment method details (excluding full credit card information, which are processed securely through third parties), billing coordinates, delivery preferences, and receipt information.

g. Preference Data

Consists of information related to your opt-in choices, chosen communication channels, product or service interests, event participation, and marketing consents.

4. Legal Bases for Processing

We process your personal data only when we have a lawful basis for doing so. The legal bases under the GDPR include:

– Contractual Necessity: Processing is required to fulfill our contract with you (e.g., for account services or purchases).
– Consent: Where we rely on your explicit consent (e.g., for marketing communications), you may withdraw your consent at any time.
– Legitimate Interests: We process data for our legitimate interests in improving services, ensuring security, or better understanding usage patterns, provided these interests are not overridden by your rights.
– Legal Obligations: Where we are required to comply with applicable laws and regulations, such as tax or fraud obligations.

5. Your Rights

We are committed to ensuring you can exercise your rights under applicable data protection laws, which include:

– Right of Access: Know what personal data we hold about you.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your personal data under certain conditions (“right to be forgotten”).
– Right to Restrict Processing: Restrict processing in certain scenarios (e.g., accuracy disputes).
– Right to Portability: Receive a structured, machine-readable copy of your data and/or have it transferred to another controller.

To exercise any of these rights, please contact us at [email protected].

6. Security Measures

We maintain appropriate administrative, technical, and organizational safeguards to protect your personal data, including:

– Encryption of data in transit using TLS/SSL.
– Role-based access controls to minimize data access.
– Regular data backups and network monitoring.
– Employee training in data privacy and secure handling practices.

We continually assess our security practices to ensure we maintain a high standard of protection.

7. International Data Transfers

Where your data is transferred outside of your region (e.g., the European Economic Area), we implement appropriate safeguards, including the use of Standard Contractual Clauses approved by the European Commission, to ensure an adequate level of data protection consistent with this Privacy Policy.

8. Data Retention

We retain personal data only for as long as necessary for the purposes outlined in this Privacy Policy. Retention periods vary based on the type of data:

– Usage and Technical Data: 12 months from collection.
– Account and Profile Data: Retained as long as you maintain an account, and for up to 24 months after closure.
– Communication Data: Retained for 24 months for audit and support purposes.
– Transaction Data: Retained for 6 years to comply with tax and legal obligations.
– Preference Data: Retained until we receive an opt-out or withdrawn consent.

Upon expiration of applicable retention periods, your data is securely deleted or anonymized.

9. Cookie Policy

We use cookies and similar tracking technologies to provide and improve our services. These include:

– Essential Cookies: Required for website functionality (e.g., login authentication, cart retention).
– Functional Cookies: Enable personalization and enhanced functionality, such as language settings.
– Analytics Cookies: Help us understand how users interact with the Website (e.g., Google Analytics).
– Performance Cookies: Measure responsiveness and user experience across different devices.

10. Cookie Management and Compliance

In compliance with the GDPR and CCPA, we allow you to manage your consent preferences via our cookie banner and settings interface. You may disable non-essential cookies at any time by accessing the “Cookie Settings” link in the footer of our website or by adjusting your browser settings.

Note: Disabling certain cookies may limit your access to some features of OliversCorfeCastle.com.

11. Children’s Privacy

We do not knowingly collect personal data from children under the age of 13. If you are a parent or legal guardian and believe your child has provided us with personal data, please contact us at [email protected], and we will promptly delete such information.

12. Policy Updates and User Notifications

We may update this Privacy Policy to reflect changes to our practices or legal requirements. Substantive changes will be communicated through the Website or via email when appropriate. We encourage you to review this Policy regularly to remain informed of your rights and how we protect your information.

13. Contact Us

For any privacy-related questions, concerns, or requests to exercise your rights under this Privacy Policy, please contact:

Email: [email protected]

We are committed to upholding the highest standards of transparency and compliance with privacy laws. If you have any concerns regarding your personal data or our data practices at OliversCorfeCastle.com, please do not hesitate to reach out.