Privacy Policy for nigeldodd.com
1. Introduction
At nigeldodd.com (“we,” “us,” or “our”), your privacy and the security of your personal data are of paramount importance. We are committed to upholding the highest standards of data protection and transparency. This Privacy Policy outlines how we collect, use, store, and protect your personal information when you interact with our website. Our practices are firmly grounded in applicable privacy laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”) where applicable.
2. Scope of the Policy and Data Controller Role
This Privacy Policy applies to all users who access or use nigeldodd.com. We act as the Data Controller in respect of any personal data that you provide directly to us or that we collect through your use of our website. If you have any questions or concerns regarding our privacy practices, you can reach us at [email protected].
3. Categories of Data Processed
We may collect and process the following categories of personal data:
a. Usage Data
Includes information about how users interact with nigeldodd.com, such as IP addresses, browser types, language preferences, pages visited, session times, and referral sources.
b. Account Data
Includes personal information you provide when creating an account, such as your full name, email address, phone number, and postal address.
c. Profile Data
Encompasses user preferences, purchase history, saved content, interests, and behaviors associated with your use of the website.
d. Communication Data
Comprises information from your interactions with us, including support queries, messages sent via contact forms or email, and issue resolution history.
e. Technical Data
Includes information about your device and system, such as device model, operating system, IP configurations, browser settings, and platform identifiers.
f. Transaction Data
Includes payment information, billing and delivery addresses, order history, and other financial data processed in the course of completing a transaction.
g. Preference Data
Includes your consents, opt-ins, marketing preferences, and indications of interest in specific topics, services, or products.
4. Legal Bases for Processing
We process your personal data under at least one lawful basis as defined by the GDPR:
– Performance of a contract: To fulfill contractual obligations or to take steps at your request prior to entering into a contract.
– Legitimate interest: For purposes including website operation, analytics, fraud detection, and security, provided such interests are not overridden by your data protection rights.
– Legal compliance: Where processing is necessary to comply with a legal obligation.
– Consent: Where required, we will obtain your explicit consent before processing your data, such as for marketing or cookie storage.
5. Your Rights
As a data subject under GDPR and a consumer under CCPA, you have the following rights:
– Right of Access: Obtain confirmation as to whether your personal data is being processed, and access that information.
– Right to Rectification: Request to update or correct any inaccurate or incomplete data we hold about you.
– Right to Erasure (“Right to be Forgotten”): Ask us to delete your personal data under certain circumstances.
– Right to Restrict Processing: Limit how we use your data in specified cases.
– Right to Data Portability: Receive your data in a structured, machine-readable format and transmit it to another controller.
– Right to Object: Object to our processing where it is based on our legitimate interests or for direct marketing.
– Right not to be subject to automated decision-making: You will not be subject to decisions based solely on automated processing without your consent.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We apply robust technical and organizational measures to protect your personal data:
– Encryption of data in transit and at rest
– Role-based access controls and two-factor authentication
– Regular backups and system monitoring
– Staff training on data security and privacy best practices
– Use of firewalls and threat detection systems to prevent intrusion
7. International Data Transfers
Where data is transferred from the European Economic Area (EEA) or the United Kingdom to a country outside of those jurisdictions, we implement standard contractual clauses or rely on other legally recognized transfer mechanisms to ensure adequate protection.
8. Data Retention
Data retention is based on the purpose of processing and legal requirements:
– Usage Data: Retained for up to 12 months for analytics and operational purposes.
– Account Data: Retained as long as the account remains active and up to 6 years afterward to comply with financial and legal obligations.
– Profile Data and Preference Data: Retained for up to 2 years following last activity or until user requests deletion.
– Communication Data: Retained for 3 years for customer service tracking and fraud prevention.
– Technical Data: Retained for up to 6 months.
– Transaction Data: Retained for 7 years in accordance with accounting standards and anti-fraud laws.
9. Cookie Policy
nigeldodd.com uses cookies and similar technologies to enhance user experience and collect data. Types of cookies include:
– Essential Cookies: Required for core site functionality, such as login and navigation.
– Functional Cookies: Enable personalized features and user preferences.
– Analytics Cookies: Help us understand how visitors interact with the site, so we can improve usability and performance.
– Performance Cookies: Monitor loading speeds, responsiveness, and overall operational health.
10. Cookie Management and Compliance with GDPR & CCPA
We provide controls for you to manage your cookie preferences upon your first visit and any time thereafter. Under GDPR and CCPA, you have the right to:
– Refuse or accept non-essential cookies
– Withdraw your consent to cookies at any time
– Access and delete collected cookie data
You can manage your settings through our cookie banner or by configuring browser preferences.
11. Children’s Privacy
nigeldodd.com is not directed to, nor does it knowingly collect personal data from, children under the age of 13. If we learn that we have inadvertently collected personal data from a child under 13 without verifiable parental consent, such information will be promptly deleted.
12. Policy Updates and Notifications
We may update this Privacy Policy periodically to reflect changes in our legal obligations or processing activities. Where materially significant changes are made, we will inform you through email or conspicuous notice on nigeldodd.com. Continued use of the site after any amendments confirms your acknowledgment and acceptance of the revised policy.
13. Contact Us
If you have any questions about this Privacy Policy or wish to exercise your rights as described herein, please contact us at:
Email: [email protected]
We are committed to ensuring your data is handled lawfully, fairly, and transparently. If you have privacy concerns, we encourage you to contact us directly. We are fully committed to compliance with GDPR, CCPA, and relevant data protection standards.