PRIVACY POLICY
1. Introduction
OfficialGarethThomas.com (“we”, “us”, or “our”) is committed to safeguarding your personal data. This Privacy Policy outlines our strong commitment to protecting the privacy and rights of users and visitors of our website, officialgareththomas.com (the “Site”), in accordance with applicable privacy laws, including the European Union General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”). We aim to uphold the highest standards of transparency, confidentiality, and security in processing your personal information.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data collected through your use of officialgareththomas.com, including when you access the Site, subscribe to our services, participate in promotional activities, or communicate with us. For the purposes of applicable data protection laws, we are the “data controller” of your personal data, meaning we determine the purposes and means of processing such information.
If you have any questions regarding this policy or our privacy practices, please contact us at [email protected].
3. Categories of Data Processed
We collect and process the following categories of personal data:
a. Usage Data
Information regarding your interactions with the Site, including your IP address, browser type, operating system, pages visited, time and date of access, referring URLs, and session data. This data helps us analyze site performance and user behavior.
b. Account Data
Personal identifiers you voluntarily provide when creating an account or signing up for updates, such as your full name, physical address, email address, and contact number.
c. Profile Data
Information related to your preferences, purchase history, browsing behavior on the Site, and any feedback or responses to surveys or promotions.
d. Communication Data
Records of any correspondence between you and our support or administrative teams, including emails, customer service interactions, and contact form submissions.
e. Technical Data
Device-specific information, including hardware model, unique device identifiers, system configuration data, browser plug-in types, and network data.
f. Transaction Data
Details related to purchases or orders made through the Site, including payment method, order history, delivery preferences, billing and shipping address.
g. Preference Data
Your indicated preferences in relation to receiving marketing communications, interest in particular products or content, and cookie consent choices.
4. Legal Bases for Processing
We rely on the following lawful bases to process your personal data:
– Performance of a Contract: Where the processing is necessary for delivering services or fulfilling your requests.
– Consent: Where you have given clear consent for us to process your data for specific purposes (e.g., marketing emails).
– Legitimate Interests: For purposes such as improving the Site, marketing our services (in a non-intrusive way), detecting fraud, and ensuring network security, provided these interests are not overridden by your rights.
– Legal Obligation: Where required to comply with legal or regulatory obligations.
5. Your Rights
Subject to applicable data protection laws, you have the following rights regarding your personal data:
– Right of Access: To obtain confirmation as to whether personal data is being processed and access a copy of such data.
– Right to Rectification: To request correction of inaccurate or incomplete data.
– Right to Erasure: To request deletion of data where it is no longer necessary or has been unlawfully processed.
– Right to Restrict Processing: To limit the processing of your data under certain conditions.
– Right to Data Portability: To receive a copy of your data in a structured, machine-readable format and transmit it to another controller.
– Right to Object: To object to certain types of processing, including direct marketing.
– Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.
– California Consumer Rights: California residents may request information on categories and specific pieces of personal data we have collected, request deletion, and opt out of certain sharing practices. Please see sections 10 and 13 for how to exercise these rights.
To exercise any of your rights, please contact us at [email protected].
6. Security Measures
We implement appropriate technical and organizational safeguards to protect your data against unauthorized access, disclosure, alteration, or destruction. Our measures include, but are not limited to:
– Encryption of data in transit and at rest
– Access controls and authentication protocols
– Regular data backups and disaster recovery systems
– Employee training on privacy and security best practices
– Regular monitoring and auditing of security infrastructure
7. International Transfers
Your personal data may be transferred to and processed in jurisdictions outside of your country of residence, including jurisdictions that may not provide the same level of data protection. When such transfers are required, we adopt appropriate safeguards such as the Standard Contractual Clauses approved by the European Commission or rely on adequacy decisions, to ensure lawful and secure transfer compliant with GDPR and other applicable laws.
8. Data Retention
We retain personal data only for as long as is necessary for the purposes for which it was collected, or as required by applicable laws. Retention periods by category are as follows:
– Usage and Technical Data: Up to 24 months
– Account and Profile Data: Retained for the duration of your relationship with us plus 12 months
– Transaction Data: Retained for 6 years for legal and accounting purposes
– Communication and Preference Data: Retained until the request is fulfilled or revoked
– Data subject to legal retention obligations may be stored for longer periods in accordance with such laws
After the applicable retention period, personal data is securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar technologies on officialgareththomas.com to enhance your browsing experience. Cookies help us remember user preferences, improve website performance, and deliver targeted content.
Types of cookies used include:
– Essential Cookies: Required for core functionality such as account login and secure browsing.
– Functional Cookies: Enable enhanced features like remembering preferences.
– Performance and Analytics Cookies: Collect anonymous performance data to understand user behavior and improve functionality (e.g., Google Analytics).
– Marketing Cookies: Used only with your consent, these allow us to provide relevant advertising and measure campaign effectiveness.
10. Cookie Management and Compliance
In compliance with GDPR and CCPA, you can manage your cookie preferences at any time by accessing your browser settings or using our on-site cookie consent banner. You have the right to opt in or out of non-essential cookies. California residents may also use the “Do Not Sell or Share My Personal Information” link provided on our Site, as required under CCPA.
To learn more or change your preferences, please refer to the cookie settings available on officialgareththomas.com.
11. Children’s Privacy
officialgareththomas.com does not knowingly collect or solicit personal data from individuals under the age of 13. If you are a parent or legal guardian and believe that a child under your supervision has provided personal information without your consent, please contact us immediately at [email protected], and we will take all necessary steps to remove the data from our systems.
12. Policy Updates and User Notifications
We may update this Privacy Policy to reflect changes in legislation, technology, or our business practices. Any modifications will be posted on this page. Where significant changes occur, we will take appropriate steps to notify you, which may include email notifications or notice banners on the Site. We encourage you to review our Privacy Policy regularly to stay informed of our practices.
13. Contact
For any questions, concerns, or requests related to this Privacy Policy or your personal data, you may contact us via email:
Alternatively, you may communicate with us through the contact form provided on the Site.
We are committed to maintaining the privacy and protection of your information in full compliance with GDPR, CCPA, and all relevant data protection laws. Should you have any issues or require assistance asserting your privacy rights, please reach out to us without hesitation.