Privacy Policy for RotherwasRibbon.com
1. Introduction
At Rotherwas Ribbon (“we”, “us” or “our”), accessible through rotherwasribbon.com, we are committed to safeguarding the privacy and personal data of our users. We understand the importance of respecting your privacy and protecting the information you entrust to us. This Privacy Policy describes how we collect, use, disclose, and protect your personal information in compliance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable laws and regulations. We aim to provide transparency so you can make informed decisions about your data when using our website.
2. Scope and Role of the Data Controller
This Privacy Policy applies to all users of rotherwasribbon.com, regardless of location, and explains our practices across our digital services. As the entity that determines the purposes and means of processing personal data, Rotherwas Ribbon acts as the “Data Controller” for purposes of the GDPR and similar laws. By interacting with rotherwasribbon.com, you acknowledge that your personal data will be processed in accordance with this Privacy Policy.
3. Categories of Data We Process
We may collect and process the following categories of personal data:
a. Usage Data
Information about how you use our website, including your IP address, browser type and version, operating system, referral source, length of visit, and pages viewed. This data helps us monitor, maintain, and enhance the performance and security of rotherwasribbon.com.
b. Account Data
Information provided when registering for an account, including full name, postal and billing address, email address, telephone number, username, and password.
c. Profile Data
Data associated with purchases and usage behavior, preferences, and interests related to our products and services.
d. Communication Data
Records of communications that you send to us via email, forms, or other channels, including support inquiries, chat messages, service feedback, and correspondence history.
e. Technical Data
Device-specific data such as IP address, device type, screen resolution, operating system, browser type and version, language settings, and system diagnostics.
f. Transaction Data
Details of financial transactions conducted through rotherwasribbon.com, including payment method, billing details, shipping address, and order history. We do not store full card numbers; payment data is processed through secure, PCI-compliant third-party providers.
g. Preference Data
Data relating to your marketing preferences, communication consents, and product interest information, which help tailor your experience and the content you receive.
4. Lawful Bases for Processing Your Data
We process personal data lawfully in accordance with the GDPR, relying on the following legal bases:
– Consent: Where you have given clear, affirmative consent for a specific purpose (e.g., subscribing to newsletters or receiving marketing communications).
– Performance of a Contract: Where data processing is necessary to fulfil our contractual obligations to you, such as delivering purchased products or maintaining your account.
– Legal Obligation: Where processing is required to comply with our legal obligations, including financial or tax-related regulations.
– Legitimate Interests: Where processing is necessary for our legitimate business interests, including analyzing user behavior, improving services, securing our systems, and managing communications—provided that such interests are not overridden by your rights and freedoms.
5. Your Data Protection Rights
As a data subject, you have the following rights under the GDPR and CCPA, which you may exercise at any time:
– Right to Access: Obtain confirmation of whether we process your personal data and receive a copy of such data.
– Right to Rectification: Request corrections or updates to inaccurate or incomplete personal data.
– Right to Erasure (Right to be Forgotten): Request deletion of your personal data, subject to legal obligations that may require us to retain it.
– Right to Restriction: Request that we limit the use of your personal data under certain conditions.
– Right to Data Portability: Request a copy of your data in a portable format and, where feasible, have it transferred to another provider.
– Right to Object: Object to certain processing activities, including direct marketing.
– Right to Non-Discrimination: Under the CCPA, you will not receive discriminatory treatment for exercising your data rights.
To exercise your rights, please contact us at [email protected].
6. Security Measures
We have implemented commercially reasonable administrative, organizational, physical, and technical safeguards to protect your personal data from unauthorized access, alteration, disclosure, or destruction. These measures include, but are not limited to:
– End-to-end encryption of sensitive data
– Role-based access controls for employee accounts
– Regular data backups and secure data storage
– Staff training in data security and privacy best practices
While we strive to protect your information, no transmission method over the internet or electronic storage is 100% secure.
7. International Data Transfers
We may transfer personal data to countries outside your jurisdiction, including to entities in non-EEA countries. In such cases, we ensure that a comparable level of data protection applies, including through the use of European Commission-approved Standard Contractual Clauses or reliance on countries deemed by the European Commission to provide adequate protection.
8. Data Retention
We will retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, or reporting requirements. Retention periods vary by data category:
– Usage and Technical Data: Up to 14 months
– Account and Profile Data: Active account duration + 7 years
– Communication Data: 3 years from last contact
– Transaction Data: 7 years (for statutory obligations)
– Preference Data: Until you withdraw consent
Upon expiration of these periods, data is securely deleted, anonymized, or archived in compliance with applicable law.
9. Cookie Policy
We use cookies and similar technologies on rotherwasribbon.com to enhance your online experience. Cookies are small text files stored on your device that help us provide, improve, and personalize our services.
Our use of cookies includes:
– Essential Cookies: Necessary for website functionality (e.g., login, shopping cart).
– Functional Cookies: Enable stored preferences and improved usability.
– Analytics Cookies: Collect anonymized statistics on site usage (e.g., Google Analytics).
– Performance Cookies: Monitor system performance and detect issues.
These cookies may be session-based (expire when browser is closed) or persistent (remain until expiry or deletion).
10. Managing Your Cookie Preferences
Upon your first visit to rotherwasribbon.com, you will be presented with a cookie notice allowing you to accept or manage your preferences in compliance with GDPR and CCPA requirements. You may change or withdraw your consent at any time by adjusting settings in your browser or via our cookie management portal. Disabling certain cookies may impact website functionality.
11. Children’s Privacy
RotherwasRibbon.com is not intended for children under the age of 13, and we do not knowingly collect personal data from minors without verified parental consent. If we become aware of such data collection, we will delete the information promptly. If you believe a child has submitted data through our website, please contact [email protected].
12. Policy Updates and Notifications
We reserve the right to modify this Privacy Policy in response to legal, technical, or business developments. In the event of substantial changes, we will notify users through prominent notices on rotherwasribbon.com or other appropriate communication channels. Continued use of the site following those changes constitutes your acceptance of the revised policy.
13. Contact Us
If you have any questions about this Privacy Policy, our data practices, or your personal data, please contact:
Rotherwas Ribbon
Email: [email protected]
We are committed to resolving privacy-related concerns in a timely and transparent manner, fully aligned with our obligations under the GDPR, CCPA, and other data protection laws.