Privacy Policy
1. Introduction
At gordonlorenz.com (“we,” “us,” or “our”), we are committed to protecting and respecting your privacy. We recognize the importance of safeguarding personal data and are dedicated to processing it transparently, securely, and in compliance with applicable privacy and data protection laws, including the European Union General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”). This Privacy Policy outlines how your information is collected, used, stored, and shared when you use our website and associated services.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to personal data collected by gordonlorenz.com through our website and related communications. For the purposes of applicable data protection legislation, we act as the “Data Controller” with respect to your personal data. This means we determine the purposes and manner in which your personal information is processed.
3. Categories of Data We Process
We collect and process various categories of personal data to provide and improve our services. The types of data we may collect include:
a) Usage Data
Information such as your browser type, Internet Protocol (IP) address, access times, pages viewed, referring website addresses, and session duration.
b) Account Data
Personal identifiers such as your full name, postal address, email address, phone number, username, and account login credentials.
c) Profile Data
Includes user settings, interests, past purchases, browsing history while logged in, and behavioral preferences.
d) Communication Data
Records of correspondence when you contact us, including support requests, inquiries, and messages sent via forms or email.
e) Technical Data
Details about the device and technology you use to access our website, including operating system, screen resolution, device model, and system configuration.
f) Transaction Data
Details about transactions you conduct with us, including order information, payment details (processed via secure third-party payment gateways), billing and shipping addresses, and fulfillment status.
g) Preference Data
Information recorded related to your communication preferences, including opt-in or opt-out status for marketing communications and product or service interests.
4. Legal Bases for Processing
We process your personal data only when there is a lawful basis to do so, which includes:
– Consent: Where you have actively provided your consent, such as by submitting a form or subscribing to marketing emails.
– Contractual Necessity: Where data is required to fulfill our contractual obligations, such as processing orders or providing requested services.
– Legal Obligation: When processing is necessary for compliance with legal or regulatory obligations.
– Legitimate Interests: For business-related purposes, such as improving the functionality of our website, enhancing user experience, fraud detection, or ensuring network and information security, provided those interests are not overridden by your rights and interests.
5. Your Rights
We respect your rights as a data subject and ensure you can exercise them under applicable data protection laws:
– Right of Access: You may request access to the personal data we hold about you.
– Right to Rectification: You may request corrections to any inaccurate or incomplete data.
– Right to Erasure: Also known as the “right to be forgotten,” you may request deletion of your data in certain circumstances.
– Right to Restrict Processing: You may request to temporarily or permanently stop processing all or some of your personal data.
– Right to Data Portability: You may receive your personal data in a structured, commonly used, machine-readable format and have the right to transmit that data to another controller.
– Right to Object: You have the right to object to data processing in specific situations, including automated profiling or direct marketing.
– Right to Withdraw Consent: Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of processing prior to such withdrawal.
To exercise any of your rights, contact us at [email protected].
6. Security Measures
We employ robust technical, administrative, and organizational measures to ensure the security and confidentiality of your personal data. These include:
– Encryption of data in transit and at rest.
– Controlled access based on roles and need-to-know principles.
– Firewalls and intrusion detection systems.
– Regular data backups and disaster recovery plans.
– Staff training and awareness programs on data privacy and security protocols.
While we strive to protect your personal data, no security system is impenetrable. We encourage users to maintain strong account passwords and exercise caution when transmitting information online.
7. International Transfers
Where data is transferred outside of the country or region of its origin, we implement appropriate safeguards to ensure lawful transfer and adequate protection. These safeguards may include:
– Standard Contractual Clauses (SCCs) approved by the European Commission.
– Measures under the UK GDPR.
– Verification of adequacy decisions for countries deemed to provide an adequate level of data protection.
You may request further information regarding international data transfers by contacting [email protected].
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:
– Usage, Technical, and Analytical Data: up to 24 months from the date of collection.
– Account and Profile Data: retained for as long as your account remains active.
– Transaction and Financial Data: retained for up to 7 years to comply with tax and accounting obligations.
– Communication and Support Data: retained for a maximum of 3 years after the last contact.
– Preference and Opt-In/Out Data: retained until updated or revoked by you.
We may retain anonymized or aggregated data indefinitely for analytical purposes.
9. Cookie Policy
We use cookies and similar technologies on our website to enhance functionality, gather analytics, and improve user experience. Cookies are small text files stored on your device. The types we use include:
– Essential Cookies: Necessary for the proper functioning of the site, including login, navigation, and access to secure areas.
– Functional Cookies: Remember user preferences and settings to provide a more personalized experience.
– Analytical Cookies: Track how visitors interact with our site, such as pages viewed and time spent, to help improve performance.
– Performance Cookies: Monitor and enhance system performance and responsiveness.
10. Cookie Management and Compliance
Upon visiting gordonlorenz.com, you will be presented with a cookie banner enabling you to manage consent in accordance with GDPR and CCPA requirements. You can:
– Accept or reject non-essential cookies through the cookie preferences tool.
– Adjust browser settings to block or delete cookies. Doing so, however, may impact the usability of some site features.
California residents have the right to opt out of the “sale” of their personal data as defined under the CCPA. Although we do not sell your data in the traditional sense, any sharing for personalized advertising can be opted out of via the preference manager or by activating a “Do Not Sell My Personal Information” setting.
11. Children’s Privacy
We do not knowingly collect or solicit personal data from children under the age of 13. If you are a parent or guardian and believe your child has provided us personal data without your consent, please contact us at [email protected], and we will take steps to promptly delete such data.
12. Policy Updates
We may revise this Privacy Policy from time to time to reflect changes in legal obligations, technological improvements, or our data practices. Material updates will be posted on this page, and where appropriate, you will be notified via email or on-site notification. Continued use of gordonlorenz.com constitutes acceptance of the revised Privacy Policy.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please reach out to:
Email: [email protected]
Website: gordonlorenz.com
We are committed to full compliance with GDPR, CCPA, and other applicable regulations. Should you have any privacy-related inquiries, do not hesitate to contact us.