PRIVACY POLICY
Old Port House (“we,” “our,” or “us”) is committed to protecting your privacy and ensuring the highest level of transparency and control over the use of your personal data. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal data when you visit and interact with our website, https://oldporthouse.com (the “Site”). We process your personal information in compliance with applicable data privacy laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant data protection regulations.
1. Commitment to Privacy and Data Protection
At Old Port House, your privacy is a priority. We are dedicated to maintaining the confidentiality, integrity, and security of personal data entrusted to us. All personal data is handled with the utmost care, and we have implemented robust internal policies and systems to protect it.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to personal data collected through oldporthouse.com and any related services we provide. Old Port House acts as the “data controller” responsible for how and why your personal data is processed in accordance with the GDPR and other applicable laws. If you have any concerns or inquiries regarding your data, you may contact us at [email protected].
3. Categories of Data Processed
We may collect and process the following categories of personal data, depending on your interaction with our Site:
– Usage Data: Includes information such as your IP address, browser type, operating system, referral URLs, time zone setting, pages visited, and duration of visits.
– Account Data: Includes your name, billing and shipping addresses, email address, and telephone number when you create an account or place an order on the Site.
– Profile Data: Includes your preferences, browsing behavior, wishlist items, purchase history, and product interests.
– Communication Data: Includes the content of messages you send to customer service, support requests, chat history, and emails exchanged with us.
– Technical Data: Includes unique device identifiers, mobile network information, login timestamps, browser plug-ins, and system configuration data.
– Transaction Data: Includes details about payments made for products or services, payment method, billing address, order confirmations, and delivery confirmations.
– Preference Data: Includes your choices regarding email communications, direct marketing, preferred methods of contact, and product category interests.
4. Legal Bases for Processing Personal Data
Our lawful bases for collecting and processing your information under the GDPR include:
– Consent: When you have given your clear permission for us to process your data for a specific purpose (e.g., subscribing to newsletters).
– Performance of a Contract: When the processing is necessary for fulfilling our contract with you (e.g., processing your orders).
– Legitimate Interests: When processing is necessary for our legitimate business interests and these interests do not override your rights and freedoms (e.g., improving site functionality, fraud prevention).
– Legal Obligation: When processing is required to comply with applicable laws or regulations.
5. Your Rights
Subject to applicable laws, you have the following rights:
– Right of Access: You have the right to request access to the personal data we hold about you.
– Right to Rectification: You have the right to request correction of inaccurate or incomplete data.
– Right to Erasure: You may request deletion of your personal data where there is no legal or contractual obligation to retain it.
– Right to Restrict Processing: You may restrict how your personal data is processed under certain conditions.
– Right to Data Portability: You may request to receive your personal data in a structured, commonly used, machine-readable format, and have it transferred to another controller.
To exercise any of the above rights, please contact us at [email protected].
6. Security Measures
To protect your personal data, Old Port House employs a variety of security measures including:
– End-to-end encryption for data in transit and at rest.
– Controlled access to personal data, with permissions restricted to personnel requiring access to perform their duties.
– Periodic data backups to prevent loss of critical information.
– Mandatory security and privacy training for all employees and contractors.
Despite our efforts, no online transmission can be guaranteed to be 100% secure. We encourage users to take appropriate precautions in protecting their personal information.
7. International Transfers
Where applicable, we may transfer your personal data to countries outside the European Economic Area (EEA) or California. In such cases, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission or other recognised transfer mechanisms. Your personal data will only be transferred when there is a lawful basis for doing so, and we ensure compliance with all jurisdictions involved.
8. Data Retention
We retain your personal information for as long as necessary to fulfill the purposes for which it was collected. Specific retention periods include:
– Usage Data: Retained for up to 12 months for analytical and performance purposes.
– Account and Profile Data: Retained for as long as your account remains active and for 6 years thereafter for tax and legal compliance.
– Transaction Data: Retained for 7 years post-purchase in accordance with financial and legal obligations.
– Communication Data: Retained for 3 years for internal support and recordkeeping purposes.
– Preference Data: Retained until you update your preferences or withdraw your consent.
9. Cookie Policy
This Site uses cookies and similar tracking technologies to enhance your experience. Categories include:
– Essential Cookies: Required for website operation (e.g., session cookies).
– Functional Cookies: Enable personalized content and site preferences.
– Analytics Cookies: Collect aggregated data on website usage and performance.
– Performance Cookies: Track load times and security diagnostics.
10. Cookie Management and Compliance
You can manage your cookie preferences at any time through your browser settings or through cookie consent banners displayed when first accessing the Site. Under GDPR and CCPA, you have the right to opt out of non-essential cookies. We honor Do Not Sell My Personal Information requests and provide mechanisms to control data-sharing preferences.
11. Children’s Privacy
Old Port House does not knowingly collect personal data from children under the age of 13. If a parent or guardian suspects that a child has submitted personal data through the Site, please contact us immediately at [email protected] and we will take appropriate steps to delete the data.
12. Policy Updates
We reserve the right to modify or update this Privacy Policy without further notice. Any material changes to how we process personal data will be communicated through appropriate channels. Continued use of oldporthouse.com constitutes acceptance of any changes to this Policy.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or the way we handle your personal information, please contact us at:
Email: [email protected]
Postal Correspondence:
Privacy Officer
Old Port House
[Mailing Address – Not Provided]
We are committed to compliance with all applicable privacy laws including GDPR and CCPA. Please feel free to reach out to us with any concerns regarding your personal data.