Privacy Policy
1. Introduction
Rose & Crown Co. (“we”, “us”, or “our”) is committed to safeguarding your privacy and the security of your personal data. This Privacy Policy explains how we collect, use, disclose, and protect your information when you visit rosecrownco.com (the “Site”), in accordance with our obligations under the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable privacy laws. We are committed to ensuring your information is handled with the highest respect for privacy, data integrity, and security.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of the Site and related services offered through rosecrownco.com. Rose & Crown Co. is the data controller of the personal data collected via this Site. As the data controller, we determine the purposes and means of processing your personal data in compliance with applicable data protection laws.
3. Categories of Data Processed
We process the following categories of personal data collected directly from you or automatically through your use of our services:
a. Usage Data
Includes information about how you use our Site, such as IP address, browser type, browser version, device identifiers, time and date of visit, referring URLs, and browsing sessions.
b. Account Data
Includes first and last name, billing and shipping addresses, phone number, email address, and any other data provided when creating or managing an account on rosecrownco.com.
c. Profile Data
Includes your shopping preferences, product interests, purchase history, and behavioral information gathered through your interactions with our Site.
d. Communication Data
Includes records of your communication with us, including customer service inquiries, support requests, and contact history submitted via email or customer forms, particularly through [email protected].
e. Technical Data
Includes information about the devices you use to access our Site, such as operating system, device type, screen resolution, browser plugins, and system configuration data.
f. Transaction Data
Includes payment information (excluding full credit card numbers, which are handled through our secure payment processor), order details, shipping and delivery data, and billing preferences.
g. Preference Data
Includes your communication preferences, marketing subscription choices, consent to updates, and any user-indicated product or content interests.
4. Legal Bases for Processing
We rely on the following lawful bases under the GDPR and similar principles under the CCPA to process your personal data:
– Performance of a Contract: To fulfill your orders and provide customer support.
– Legitimate Interest: To improve our services, detect fraud, and ensure network and information security.
– Consent: For marketing communications and cookie deployment where required.
– Legal Obligation: To comply with applicable laws or lawful requests from authorities.
5. Your Rights
Depending on your location and the applicable privacy laws, you may have the following rights in relation to your personal data:
– Right of Access: To request access to your personal data that we hold.
– Right to Rectification: To request correction of inaccurate or incomplete personal data.
– Right to Erasure: To request deletion of your personal data, subject to certain exceptions.
– Right to Restriction: To request suspension of the processing of your personal data under certain conditions.
– Right to Data Portability: To obtain a copy of your data in a structured, machine-readable format.
– Right to Object: To object to certain types of data processing, including direct marketing.
– Right to Withdraw Consent: To withdraw your previously given consent at any time.
To exercise your rights, you may contact us at [email protected].
California residents may also request:
– Information about categories of personal information collected or sold.
– Access to specific pieces of personal information collected.
– Deletion of personal information.
– Opt-out of sale of personal information (Note: We do not sell personal data).
6. Security Measures
We implement appropriate technical and organizational measures to protect your personal data. These include:
– End-to-end encryption of sensitive transactional data.
– Access control systems to ensure only authorized personnel access data.
– Regular data backups and disaster recovery protocols.
– Employee privacy training and internal audits to foster a culture of data protection.
7. International Transfers
If your data is transferred outside the European Economic Area or your local jurisdiction, we ensure adequate protection through:
– Standard Contractual Clauses (approved by the European Commission).
– Transfers to countries recognized by the EU as providing adequate data protection.
– Binding corporate rules and similar safeguards where applicable.
8. Data Retention
We retain different categories of data for varying periods in accordance with the purpose of collection and applicable legal requirements:
– Usage and Technical Data: Retained for up to 12 months to improve services and ensure Site integrity.
– Account and Profile Data: Retained while your account remains active and for up to 6 years thereafter to comply with tax and legal obligations.
– Transaction Data: Retained for 7 years from the date of transaction to comply with financial regulations.
– Communication Data: Retained for 3 years following the last interaction.
– Marketing Preferences: Retained for the duration of your subscription and two years thereafter unless consent is withdrawn.
9. Cookie Policy
We use cookies and similar tracking technologies to enhance your experience on rosecrownco.com. These include:
– Essential Cookies: Necessary for the operation of the Site (e.g., login, secure checkout).
– Functional Cookies: Enable Site personalization and remember preferences.
– Analytics Cookies: Help us understand user behavior and Site performance.
– Performance Cookies: Improve responsiveness and load times.
10. Cookie Management and Compliance
In accordance with GDPR and CCPA, rosecrownco.com provides clear options for managing cookie preferences. Upon your first visit, a cookie consent banner allows you to:
– Accept all cookies
– Manage specific cookie preferences
– Refuse non-essential cookies
You may also configure your browser settings to decline cookies or remove them after session termination. Note that disabling cookies may affect Site functionality.
11. Special Protections for Children
Our services are not directed to individuals under the age of 13. We do not knowingly collect personal information from children. If we learn that a child under 13 has provided us with data, we will promptly delete such information. Parents or legal guardians who believe a minor has provided us with personal data may contact us at [email protected].
12. Policy Updates and User Notifications
We reserve the right to amend this Privacy Policy at our discretion and in response to changes in legal, technical, or business developments. All updates will be posted on rosecrownco.com, and where legally required, prominent notice or individual communication will be provided.
Your continued use of our Site or services following such updates constitutes your acceptance of the revised Privacy Policy.
13. Contact
If you have questions, concerns, or complaints about this Privacy Policy, your personal data, or wish to exercise your rights, please contact us:
Rose & Crown Co.
Email: [email protected]
Website: rosecrownco.com
We are committed to full compliance with applicable privacy regulations, and we encourage you to reach out with any data protection inquiries or concerns.