Privacy Policy
1. Introduction
Shatley Strong (“Company”, “we”, “us”, or “our”) is fully committed to respecting and protecting your privacy and the personal data you entrust to us. This Privacy Policy outlines our data handling practices and your rights and choices when interacting with our website, shatleystrong.com. We adopt a privacy-first approach, ensuring that your information is collected, used, and protected in strict compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope of Policy and Data Controller Role
This Privacy Policy governs the collection, use, storage, disclosure, and protection of personal data submitted or gathered via shatleystrong.com. We act as the Data Controller for the purposes of GDPR, meaning we determine the purposes and means of processing your personal data.
This policy applies to all users and any form of personal data processed through the website, whether directly provided by you or collected automatically when you access our services. Visitors from the European Economic Area (EEA), California, or other applicable jurisdictions are afforded specific rights and safeguards detailed herein.
3. Categories of Data Processed
We process the following categories of personal data, either directly from users or automatically via the operation of shatleystrong.com:
a) Usage Data
Includes information about how you interact with our website, such as IP address, browser type, operating system, pages viewed, session duration, referring URLs, and timestamps.
b) Account Data
If you register an account with us, we may collect your full name, residential or mailing address, email, and phone number.
c) Profile Data
Encompasses any preferences you submit, purchase history, product or content interests, browsing behavior, and other information used to personalize your experience.
d) Communication Data
Captures requests for support, customer service inquiries, emails sent to our support team, and other communication history with the shatleystrong.com team.
e) Technical Data
Comprises information about your device (e.g., device type, model, unique device identifiers), internet connection, geographic location (at a regional level), and system configuration data.
f) Transaction Data
Includes payment method details, transaction history, delivery addresses, and billing information. Payment credentials are processed securely via third-party payment services and are not stored by shatleystrong.com.
g) Preference Data
Covers your consent to marketing communications, areas of interest related to our services or products, subscription settings, and communication preferences.
4. Legal Bases for Processing
We collect and process your personal data pursuant to the following lawful bases, as defined under the GDPR:
– Consent: Where you have provided explicit consent, such as opting in to marketing emails.
– Contractual Necessity: When processing is required to fulfill a contract with you or to take steps at your request prior to entering into a contract (e.g., order fulfillment).
– Legitimate Interests: Where processing is necessary for our legitimate interests, provided such interests are not overridden by your rights and freedoms (e.g., site diagnostics, security, analytics).
– Legal Obligation: Where processing is necessary to comply with applicable legal or regulatory obligations.
Data subjects located in California have similar protections under the CCPA. We do not sell personal information as defined under the CCPA.
5. Your Privacy Rights
Under applicable data protection laws, you have the following rights:
– Right of Access: You may request access to your personal data and obtain information about how we process it.
– Right to Rectification: You may request the correction of inaccurate or incomplete data concerning you.
– Right to Erasure (“Right to be Forgotten”): You may request the deletion of your personal data under certain conditions.
– Right to Restrict Processing: You may request that we limit the processing of your data in specific situations.
– Right to Data Portability: You may request a copy of your personal data in a structured, commonly used machine-readable format to transmit to another controller.
To exercise any of these rights, please contact us at [email protected]. We will respond to valid requests in accordance with applicable laws.
6. Security Measures
We implement robust technical and organizational security measures to maintain the confidentiality, integrity, and availability of your personal data. Such measures include, but are not limited to:
– HTTPS encryption across the website
– Role-based access controls and authentication protocols
– Secure data backups and disaster recovery processes
– Staff training on data protection responsibilities
– Regular review and testing of security systems
While no system is wholly immune to intrusion, we strive to minimize risks through layered defenses and best practices.
7. International Transfers
Personal data we collect may be transferred to and processed in countries other than your own, including the United States. Where such transfers occur, we comply with applicable laws by implementing appropriate safeguards, including Standard Contractual Clauses or transfer mechanisms recognized by the European Commission. For EEA residents, such transfers will only occur when adequate levels of protection are in place.
8. Data Retention
We retain your personal data only as long as necessary for the purposes described in this policy or as required under applicable laws. Retention periods vary by data category:
– Account and Profile Data: maintained for as long as your account remains active.
– Transaction Data: retained for up to 7 years for taxation and audit purposes.
– Communication Records: retained for a minimum of 24 months to handle ongoing support issues.
– Technical and Usage Data: retained for analytics and performance monitoring typically for no more than 12 months.
– Preference Data: retained until consent is withdrawn or user modifies preferences.
Upon expiration of the applicable retention period, data is securely deleted or anonymized.
9. Cookie Policy
shatleystrong.com uses cookies and similar tracking technologies to enhance site functionality, analyze traffic, remember user preferences, and provide tailored content.
The types of cookies we use include:
– Essential Cookies: Required for core website functionality and security (e.g., login, session integrity).
– Functional Cookies: Enable user preferences such as language or geographical settings.
– Analytics Cookies: Help us understand how visitors interact with our website for performance optimization.
– Performance Cookies: Monitor site performance and user experience metrics.
10. Cookie Management and Compliance
In compliance with GDPR and CCPA, visitors to shatleystrong.com are presented with the option to manage and consent to non-essential cookies upon arrival via our cookie consent banner.
You may also manage cookie preferences through your browser settings. Most browsers allow you to refuse, delete, or block cookies; however, disabling certain cookies may impact the functionality of our site.
To exercise your rights under the CCPA (including opting out of tracking cookies), please contact us at [email protected] or use the designated cookie management options available on the website.
11. Children’s Privacy
shatleystrong.com is not intended for or directed at children under the age of 13, and we do not knowingly collect personal data from children under 13. If you believe that a child has disclosed personal information to us without appropriate parental consent, please contact us at [email protected] so that we may delete the information.
12. Policy Updates and Notifications
We may revise this Privacy Policy from time to time to reflect changes in our data practices, legal obligations, or operations. Where such changes are material, we will provide appropriate notice, which may include updating the version on our website or notifying users via email or notices on shatleystrong.com.
13. Contact Information
If you have any questions, concerns, or requests regarding this Privacy Policy or the way in which Shatley Strong processes your personal data, you may contact us at:
Email: [email protected]
Website: https://shatleystrong.com
We are committed to complying with all data protection regulations and to safeguarding your privacy. Please do not hesitate to reach out should you have any concerns about how your data is handled.