Privacy Policy
1. Introduction
Swansea Valley History (“we,” “us,” or “our”) values your privacy and is committed to protecting your personal data. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when you visit or interact with our website located at swanseavalleyhistory.com (the “Website”). We endeavor to ensure transparency in our practices and compliance with applicable data privacy laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all users of swanseavalleyhistory.com and governs the processing of personal data collected through our Website and services. Swansea Valley History acts as the data controller in relation to the personal data provided by users, meaning we determine the purposes and means of data processing in accordance with lawful bases.
3. Categories of Data We Process
We may process the following categories of personal information:
a. Usage Data
Information about how you use our Website, including your browser type, operating system, internet protocol (IP) address, access times, referring website URLs, page interactions, and session metadata.
b. Account Data
Information you provide when registering for services, newsletters, or making inquiries, including your full name, email address, physical address, and phone number.
c. Profile Data
Information relating to your preferences, interests, historical purchases, and behavioral patterns when browsing our Website or engaging with content.
d. Communication Data
Records of your interactions with us, including customer support communications, email correspondence, contact form submissions, and other messaging.
e. Technical Data
Data obtained from your device, such as device type, unique device identifiers, operating system version, system and application settings, and diagnostics.
f. Transaction Data
Details of products or services you purchase from us, including billing details, delivery addresses, transaction history, and payment methods. Please note financial data is processed by secure third-party payment processors.
g. Preference Data
Information about your marketing preferences, communication opt-ins, and product interests, used to tailor your experience and communications.
4. Legal Bases for Processing Personal Data
We collect and process your personal data under the following lawful bases, as applicable under the GDPR and CCPA:
– Consent: When you affirmatively provide consent for processing (e.g., subscribing to newsletters or accepting cookies).
– Contractual Necessity: When processing is necessary to perform a contract with you (e.g., fulfilling orders).
– Legitimate Interests: When processing serves our legitimate business interests in a way that does not override your rights and freedoms (e.g., Website analytics, fraud prevention, improving services).
– Legal Obligation: Where we are required to comply with a legal or regulatory obligation.
5. Your Rights
Under applicable data protection laws, including the GDPR and CCPA, you have the following rights regarding your personal data:
– Right of Access: Request access to your data and information about how it is used.
– Right to Rectification: Request the correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your personal data under certain conditions (“right to be forgotten”).
– Right to Restriction of Processing: Request limitation of processing for specific purposes.
– Right to Data Portability: Receive your data in a commonly used, machine-readable format and transmit it to another controller.
– Right to Object: Object to processing based on legitimate interests or direct marketing.
– Right Not to Be Subject to Automated Decision Making: Object to decisions made solely based on automated processing that affect you significantly.
To exercise any of these rights, please contact us by emailing [email protected].
6. Security Measures
We implement administrative, technical, and organizational measures to ensure the confidentiality, integrity, and availability of your personal data. These include:
– End-to-end data encryption
– Secure socket layer (SSL) protocols
– Access controls and role-based permissions
– Regular data backups and disaster recovery planning
– Staff data protection training and confidentiality agreements
Although we strive to protect your personal data, no internet-based service can be absolutely secure. Users provide data at their own risk and are responsible for maintaining the security of their devices and passwords.
7. International Data Transfers
Your personal data may be processed or stored outside your country of residence, including in countries that may not provide the same level of data protection. In such cases, we use standard contractual clauses or rely on other legally recognized mechanisms to ensure your rights are protected in accordance with the GDPR and CCPA.
8. Data Retention
We retain your personal data only for as long as necessary for the purposes for which it was collected, including to comply with legal, regulatory, tax, and reporting obligations. Retention periods vary by data category:
– Usage Data: 12–24 months
– Account and Profile Data: Retained as long as account is active or as required by applicable laws
– Communication Data: 3 years from the date of last contact
– Transaction Data: 7 years for tax and accounting purposes
– Preference Data: Until you unsubscribe or revoke consent
Upon expiry of the applicable retention period, data will be securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar technologies to improve user experience and analyze Website usage. Cookies used on swanseavalleyhistory.com include:
– Essential Cookies: Required for the operation of the Website and to enable core functionalities.
– Functional Cookies: Enhance your experience by remembering preferences and settings.
– Analytics Cookies: Help us measure and understand how visitors interact with our site using tools like Google Analytics.
– Performance Cookies: Track Website performance to improve responsiveness and content delivery.
10. Cookie Management and Compliance
You have the right to accept or decline non-essential cookies at any time. On your first visit to swanseavalleyhistory.com, a cookie consent banner will appear allowing you to manage your preferences.
You may also adjust cookie settings in your browser or opt-out of certain third-party tracking mechanisms. Under the CCPA, California users may exercise the “Do Not Sell or Share My Personal Information” right by contacting us at [email protected] or via relevant cookie control links on our Website.
11. Children’s Privacy
Our Website is not directed to or intended for children under the age of 13. We do not knowingly collect personal data from children. If we learn that we have inadvertently collected data from a child under 13 years of age, we will promptly delete it from our records. If you are a parent or guardian and believe your child has provided us with information, please contact us at [email protected].
12. Changes to This Policy
We reserve the right to update or modify this Privacy Policy to reflect changes in our practices or legal obligations. When changes are made, we will revise the content accordingly and communicate any significant changes to our users via the Website or email notifications as appropriate.
13. Contact Us
If you have questions, concerns, or requests relating to this Privacy Policy or the handling of your personal data, please contact us at:
Email: [email protected]
Website: swanseavalleyhistory.com
We are committed to ensuring your privacy and upholding your rights under applicable privacy laws. Please reach out at any time with privacy-related inquiries or concerns.