Privacy Policy
At swanseavalleyhistory.com (“we,” “us,” or “our”), the protection, privacy, and integrity of your personal data are of paramount importance. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when you visit our website, interact with our content, make purchases, or engage with us via any supported channel. We are committed to handling your personal data responsibly and in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
1. Scope and Data Controller
This Privacy Policy applies to all personal data processed through our website (swanseavalleyhistory.com), associated services, and communications. For the purposes of data protection legislation, swanseavalleyhistory.com acts as the data “controller,” meaning that we determine the purposes and methods of processing your personal data.
If you are located in the United Kingdom, European Economic Area (EEA), California, or any other jurisdiction with specific data protection regulations, we process your personal information in compliance with relevant legal obligations.
2. Categories of Personal Data We Collect
We may collect and process the following categories of personal data depending on your interaction with the website:
• Usage Data – Includes data about how you use our website, such as IP address, browser type and version, pages viewed, timestamps, referring URLs, and session duration.
• Account Data – Includes name, billing and shipping address, email address, phone number, login credentials, and other identifiers you provide when registering or placing an order.
• Profile Data – Includes your interests, preferences, purchase history, browsing behavior, and any saved settings or personalization features within your user profile.
• Communication Data – Includes the contents of any communications you send us, such as customer support interactions, enquiries submitted via the website contact form, or email correspondence.
• Technical Data – Includes information about the device you use to access the website, such as operating system, device type, screen resolution, system language, and related technical parameters.
• Transaction Data – Includes information related to purchases or donations made through the website, including billing details, payment method (note: we do not store full credit card numbers), and delivery information.
• Preference Data – Includes your consents for marketing communications, opt-in/opt-out settings, notification preferences, and records of your interaction with promotional materials.
3. Lawful Bases for Processing
Under GDPR, we rely on the following lawful bases to process your personal data:
• Consent – Where you have explicitly permitted us to process your data (e.g., subscribing to newsletters or accepting non-essential cookies).
• Contract – Where processing is necessary to perform a contract with you or to take steps at your request before entering into a contract (e.g., completing a transaction or managing your account).
• Legal Obligation – Where processing is required for compliance with a legal obligation (e.g., recordkeeping for tax purposes).
• Legitimate Interests – Where processing supports our legitimate business interests and is not overridden by your fundamental rights and freedoms (e.g., website analytics, fraud prevention, customer support).
If required under applicable law, we will request your consent before processing certain categories of personal data.
4. Your Data Protection Rights
You have specific rights under GDPR and CCPA, depending on your jurisdiction. These include:
• Right of Access – You can request access to your personal data and obtain information on how it is processed.
• Right to Rectification – You may correct inaccurate or incomplete personal data we hold about you.
• Right to Erasure – You may request deletion of your personal data, subject to certain legal or operational exceptions.
• Right to Restriction – You may request that we limit the way we process certain personal data under specific conditions.
• Right to Data Portability – You may request a copy of your data, in a structured, machine-readable format, and have it transferred to another data controller.
• Right to Object – You may object to our processing of your data based on legitimate interests or for direct marketing purposes.
• Right to Withdraw Consent – You can withdraw your consent at any time where processing is based on consent.
To exercise any of these rights, please email us at: [email protected].
5. Information Security
We implement robust security measures to protect your personal data from unauthorized access, loss, misuse, disclosure, or alteration. These measures include:
• Encryption of sensitive data in transit using HTTPS/TLS protocols
• Secure password hashing and access control for administrative accounts
• Frequent data backups with restricted access
• Physical and technical access controls for systems and devices
• Ongoing staff training on data protection principles
Despite our efforts, no system can be fully secured against all threats. We cannot guarantee absolute security.
6. International Data Transfers
If you reside outside of the United Kingdom or the EEA, please be aware that your personal data may be transferred to, processed, and stored in jurisdictions that may not provide the same data protection standards as your home country.
In such cases, we enforce appropriate safeguards such as Standard Contractual Clauses approved by the European Commission, or rely on other legally recognized mechanisms to ensure adequate protection of your data.
7. Data Retention
We retain personal data for only as long as necessary to fulfill the purposes for which it was collected, including:
• Account Data: Retained while account is active and for up to 6 years thereafter to comply with legal obligations.
• Transaction Records: Retained for up to 7 years for financial recordkeeping.
• Communication Data: Retained for up to 3 years to manage service relationships and for dispute resolution.
• Technical and Usage Data: Typically retained for 12–24 months for security and analytics purposes.
• Preferences and Consents: Maintained until updated or withdrawn by the user.
When retention periods expire, data is securely deleted or anonymized unless a longer retention period is required by law.
8. Cookies and Tracking Technologies
We use cookies and similar technologies to collect certain data automatically when you visit swanseavalleyhistory.com. Cookies are small data files stored on your device that help us recognize you, remember your preferences, and improve website functionality.
Types of cookies we use:
• Essential Cookies – Necessary for basic site functionality and access to secure areas.
• Functional Cookies – Help remember user settings and enhance personal experience.
• Analytics Cookies – Collect information about visitor behavior and traffic sources (e.g., Google Analytics).
• Performance Cookies – Monitor site performance, crash reports, and browser compatibility.
9. Cookie Management and Compliance
Upon first visit, the website presents a cookie consent banner in compliance with GDPR. You have the option to accept or reject non-essential cookies. You may also manage cookie settings in your browser or revisit our cookie preferences center to adjust consents at any time.
Users covered under the CCPA can opt out of the “sale” or “sharing” of personal information where applicable by utilizing our cookie management tools or contacting us directly.
Please note that disabling cookies may affect website functionality.
10. Children’s Privacy
Our services are not directed to, or intended for, children under the age of 13. We do not knowingly collect personal data from minors. If we become aware that personal data from a child under 13 has been collected, we will take steps to delete the information promptly.
Parents or legal guardians who believe their child may have provided us with personal data are encouraged to contact us at [email protected].
11. Policy Updates
We may revise or update this Privacy Policy from time to time to reflect operational, legal, or regulatory changes. Updates will be posted on this page. Where appropriate, we may notify you of substantial changes via email or a website banner.
You are advised to periodically review this Privacy Policy to remain informed about how we protect your personal data.
12. Contact
If you have any questions, concerns, or requests related to this Privacy Policy or your personal data, you may contact us at:
Email: [email protected]
We are committed to full compliance with GDPR, CCPA, and all applicable privacy regulations. Please do not hesitate to reach out to us regarding your data privacy rights or related concerns.