Privacy Policy for ShatleyStrong.com
1. Introduction
At ShatleyStrong.com, we value and respect your privacy. This Privacy Policy describes our commitment to safeguarding your personal information in compliance with applicable data protection laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”). We are dedicated to transparency, accountability, and maintaining the trust of our users by handling all data with the utmost care and discretion.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all users who visit or interact with the website ShatleyStrong.com (“the Site”), including those who submit personal data through the Site for communications, transactions, or other interactions. ShatleyStrong.com functions as the data controller as defined under the GDPR, meaning we determine the purposes and means of processing your personal data.
For all inquiries related to this Privacy Policy or the processing of your personal information, please contact [email protected].
3. Categories of Personal Data We Process
We may collect and process the following categories of personal data:
– Usage Data: Includes information such as your IP address, browser type and version, time zone settings, device and session information, and pages viewed on ShatleyStrong.com.
– Account Data: Includes information provided when signing up or placing orders, such as your full name, email address, billing/shipping addresses, and contact phone number.
– Profile Data: Includes preferences, browsing behavior, purchase history, user-generated content, and interests related to products and services.
– Communication Data: Includes records of your interactions with us, such as inquiries submitted through forms or email correspondences, including timestamps and content of messages.
– Technical Data: Includes device identifiers, system configurations, and network information used to ensure compatibility, security, and support.
– Transaction Data: Includes data related to orders, payments, and delivery of goods and services, such as transaction dates, product details, and confirmation records.
– Preference Data: Includes your opt-ins to marketing communications, newsletter preferences, and interests explicitly shared with us or inferred from your activity on the Site.
4. Legal Bases for Processing Personal Data
We process personal data under the following lawful bases as provided by GDPR:
– Consent: Where you have actively given consent, such as subscribing to marketing emails.
– Contract: Where processing is necessary for the performance of a contract with you or to take steps prior to entering into a contract.
– Legal Obligation: Where we are required to comply with a legal or regulatory obligation.
– Legitimate Interests: Where we process data to pursue our legitimate interests, such as to improve services, prevent fraud, or understand user behavior, and these interests are not overridden by your privacy rights.
5. Your Rights
Subject to applicable laws, you have the following rights regarding your personal data:
– Right of Access: You may request access to the personal data we hold about you.
– Right to Rectification: You may request correction of inaccurate or incomplete data.
– Right to Erasure (“Right to be Forgotten”): You may request deletion of your personal data in certain circumstances.
– Right to Restriction: You may request that we restrict the processing of your personal data under specific conditions.
– Right to Data Portability: You may request to receive a copy of your data in a structured, machine-readable format and to transmit that data to another controller.
To exercise any of these rights, please contact [email protected]. We may require verification of your identity prior to fulfilling your request.
6. Security Measures
We implement and maintain appropriate technical and organizational security measures to safeguard your personal data. These measures include, but are not limited to:
– Encryption of data in transit and at rest
– Role-based access controls and authentication protocols
– Regular data backups and continuity controls
– Staff training on data protection procedures and privacy best practices
Despite our efforts, no method of data transmission or storage can be guaranteed as completely secure. We therefore encourage you to use a secure internet connection and take precautions with your information.
7. International Data Transfers
Personal data may be processed outside of your country of residence, including in jurisdictions that may not offer the same level of data protection as your own. When we transfer data internationally, particularly outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including the use of:
– Standard Contractual Clauses (SCCs) approved by the European Commission
– Adequacy decisions confirming adequate protection in receiving jurisdictions
– Binding Corporate Rules, where applicable
8. Data Retention
We retain personal data only as long as necessary for the purposes it was collected and to meet legal, contractual, or regulatory obligations. The retention periods are as follows:
– Usage Data: Up to 12 months for analytics and security
– Account Data: Retained during the life of your account plus up to 6 years (for legal audit and compliance)
– Profile and Preference Data: 3 years from last activity or consent
– Communication Data: 2 years from last interaction
– Technical Data: Retained for up to 12 months for diagnostic and compatibility support
– Transaction Data: Retained for 6 years to comply with financial reporting obligations
Data that is no longer needed is securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar technologies on ShatleyStrong.com to enhance user experience, analyze website performance, and offer personalized content. Categories of cookies we use include:
– Essential Cookies: Required for site functionality, such as page navigation and access to secure areas.
– Functional Cookies: Remember preferences, such as language or location preferences.
– Analytics Cookies: Help us understand how users interact with our website and improve usability based on aggregated and anonymized data.
– Performance Cookies: Support optimization of site speed and performance metrics.
10. Cookie Management and Compliance
Upon your first visit to ShatleyStrong.com, you are prompted with a cookie consent banner. You may accept or decline different categories of cookies, except essential ones which are necessary for site operation.
You may also manage and withdraw your cookie consent at any time by adjusting your browser settings or using the cookie preference tool available on ShatleyStrong.com. These processes conform to the requirements under GDPR and CCPA.
11. Special Protection for Children
ShatleyStrong.com does not knowingly collect or solicit personal information from children under the age of 13. If we become aware that we have inadvertently collected personal data from a child under 13 without appropriate parental consent, we will take immediate steps to delete such information.
12. Policy Updates and User Notifications
We reserve the right to update this Privacy Policy as required to reflect changes in data processing practices, regulatory guidance, or service offerings. In the event of material changes, we will provide prominent notice on ShatleyStrong.com and, where appropriate, notify you via email.
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.
13. Contacting Us
If you have questions, concerns, or requests regarding your personal data or this Privacy Policy, please contact us at:
Email: [email protected]
We are committed to complying with all applicable privacy regulations, including those outlined by the GDPR and CCPA. For any privacy-related issues, please do not hesitate to contact us directly.