Privacy Policy for craig-olsen.com
1. Introduction
Your privacy and the protection of your personal data are of paramount importance to us. At craig-olsen.com (“we,” “us,” “our,” or the “Website”), we are fully committed to safeguarding the confidentiality, integrity, and availability of the personal data we collect from our users. This Privacy Policy is intended to transparently explain how your personal data is collected, processed, and protected when you interact with our Website, in accordance with applicable data protection laws including the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all data subjects who access or use craig-olsen.com, regardless of their geographic location. For the purposes of data protection laws applicable within the European Economic Area (EEA), the data controller responsible for your personal data is craig-olsen.com.
If you have any questions about this Policy, please contact us at: [email protected].
3. Categories of Data Processed
We collect and process the following categories of data, depending on your interaction with craig-olsen.com:
A. Usage Data
This includes information about how you use our Website, such as IP addresses, browser types, device identifiers, access times, visited pages, referring URLs, and session durations. This data is used to enhance user experience, improve security, and analyze performance.
B. Account Data
If you create an account on craig-olsen.com, we collect your name, mailing address, email address, and phone number to facilitate account management and necessary communications.
C. Profile Data
Personal preferences, interests, browsing habits, and purchase history related to your use of our services form part of this category. This helps us personalize your experience and offer relevant content and services.
D. Communication Data
This includes all correspondence between you and us, including emails, support requests, queries, and feedback. These records are maintained to ensure quality control and for dispute resolution purposes.
E. Technical Data
We collect details regarding the devices and software you use to access the Website, such as device type, operating system, hardware specifications, and configurations, to ensure compatibility and improve service delivery.
F. Transaction Data
This comprises information necessary to process payments and deliveries, including billing addresses, payment methods, purchase details, and shipping information.
G. Preference Data
Your choices regarding marketing communications, email subscription settings, and product or service preferences are recorded to maintain accurate and tailored communication in compliance with your selections.
4. Legal Bases for Processing
Under the GDPR, we process personal data using the following legal bases:
– Contractual Necessity: When data processing is necessary for performing a contract or taking pre-contractual steps at your request (e.g., account creation, purchases).
– Legitimate Interest: We process certain data to improve our services, enhance security, and prevent fraud, provided these interests are not overridden by your rights and interests.
– Legal Obligation: We are required to process certain data in compliance with statutory obligations.
– Consent: Where legally required, we obtain your explicit consent, notably in the use of cookies and marketing activities. You may withdraw your consent at any time.
5. Your Rights
Under applicable privacy laws, you have the following rights in relation to your personal data:
– Right of Access: Obtain confirmation and a copy of your personal data.
– Right to Rectification: Correct inaccurate or incomplete personal data.
– Right to Erasure: Request deletion of personal data, subject to legal limitations.
– Right to Restrict Processing: Temporarily limit processing under certain circumstances.
– Right to Data Portability: Receive your personal data in a structured, commonly used format and transmit it to another controller.
– Right to Object: Object to processing carried out under legitimate interest or for direct marketing.
– Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without impacting the lawfulness of prior processing.
To exercise any of the above rights, please contact us at [email protected].
6. Security Measures
We implement robust technical and organizational measures to ensure data confidentiality, integrity, and availability. These include:
– Industry-standard encryption (TLS/SSL) for data transmissions.
– Access controls and authentication protocols for staff and systems.
– Secure backups to protect data from accidental loss or destruction.
– Regular staff training in data protection and information security.
– Periodic security audits and platform reviews.
While we strive to maintain an exemplary level of protection, no server or transmission can be guaranteed to be 100% secure. You acknowledge this inherent risk by using our Website.
7. International Transfers
We may store or process your personal data in jurisdictions outside your country of residence, including locations outside the European Economic Area (EEA) or the United States. In accordance with GDPR and other international data regulations, we ensure appropriate safeguards are in place for such transfers, including but not limited to:
– Standard Contractual Clauses (SCCs) endorsed by the European Commission.
– Binding corporate rules and industry-recognized compliance frameworks.
By using craig-olsen.com, you explicitly consent to such international data transfers, where applicable.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal, tax, accounting, or regulatory obligations. Retention periods vary by data category:
– Usage and Technical Data: Retained for up to 12 months.
– Account and Profile Data: For the lifetime of your account and up to 7 years post-deactivation.
– Communication and Transaction Data: Up to 7 years for regulatory compliance.
– Marketing and Preference Data: Retained until consent is withdrawn or the data becomes obsolete.
Once data is no longer needed, it is securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar tracking technologies to enhance user experience and analyze Website traffic. Cookies fall into the following categories:
– Essential Cookies: Necessary for core Website operations (e.g., access control, session handling).
– Functional Cookies: Enable enhanced functionalities, such as remembering preferences.
– Analytics Cookies: Help us understand how users interact with the site (e.g., Google Analytics).
– Performance Cookies: Monitor and improve Website performance by tracking error rates and response times.
10. Cookie Management and Compliance with GDPR & CCPA
Upon visiting craig-olsen.com, users are presented with a clear cookie consent banner. You may:
– Accept or reject non-essential cookies.
– Set specific preferences through a dedicated cookie management interface.
– Use browser settings to delete or block cookies at any time.
We comply with all applicable cookie consent rules under the GDPR and provide consumers with the right to opt out of the sale of their personal information consistent with the scope and definitions of the CCPA.
11. Special Protections for Children
Our Website is not directed to or intended for individuals under the age of 13. We do not knowingly collect personal data from children. If we learn that such data has been inadvertently collected, we will promptly delete it. Parents or legal guardians who believe we may have collected information about their child may contact us at [email protected] to request its removal.
12. Policy Updates & User Notifications
We reserve the right to revise this Privacy Policy to reflect regulatory changes, business practices, or internal procedures. Any substantial modifications will be communicated through an update notice on craig-olsen.com or via direct communication methods, where applicable. We encourage you to periodically review this Policy to stay informed of our practices.
13. Contact
If you have questions, concerns, or requests regarding this Privacy Policy or the way your personal information is handled, please contact:
Email: [email protected]
Website: https://craig-olsen.com
We are committed to full compliance with all applicable privacy regulations and to responding promptly and transparently to any inquiries or concerns regarding the use of your personal data.