Privacy Policy
At Herefordshire Computing (“we”, “us”, or “our”), accessible via herefordshirecomputing.com (the “Website”), we are deeply committed to safeguarding the privacy and personal data of our users. This Privacy Policy outlines how we collect, use, store, and protect your personal data in accordance with applicable data protection legislation, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
1. Commitment to Privacy and Data Protection
Your privacy is our priority. We are committed to protecting all personal data you provide while interacting with our services through this Website. We collect and process your personal data with transparency, responsibility, and respect for your rights.
2. Scope of Policy and Role as Data Controller
This Privacy Policy applies to all personal data collected through herefordshirecomputing.com and related digital platforms. Herefordshire Computing is the data controller for purposes of the GDPR and similar legislation, responsible for determining the purposes and means of processing your personal data. For any queries related to privacy, you may contact us at [email protected].
3. Categories of Personal Data Processed
We collect and process various categories of personal data based on your interaction with our Website and services:
– Usage Data:
Includes IP addresses, browser type and version, operating system, referral source, device type, pages viewed, session duration, and website navigation patterns.
– Account Data:
Includes your name, physical address, email address, and phone number when you register for an account or make a purchase.
– Profile Data:
Includes your preferences, purchase history, behavior on our Website, and preferences submitted in your user profile.
– Communication Data:
Includes content of customer support communications, inquiries submitted via forms, and correspondence through [email protected].
– Technical Data:
Includes device information, system configuration, and other technical metadata related to the platform and browser you use.
– Transaction Data:
Includes payment methods used, billing and shipping address, payment gateway information (processed securely by third-party providers), and delivery tracking data.
– Preference Data:
Includes your marketing preferences, newsletter signups, product interest indications, and consent to receive communications.
4. Legal Bases for Processing
We process your personal data on the following legal grounds:
– Contractual Necessity:
Processing necessary for the performance of a contract, such as fulfilling purchase orders or providing services.
– Legitimate Interests:
Processing for website functionality, fraud prevention, or improving services where such interests do not override your fundamental rights.
– Consent:
When you expressly consent to specific processing activities, such as subscribing to newsletters or consenting to cookies.
– Legal Obligations:
Where processing is necessary for compliance with legal obligations, including recordkeeping and accounting duties.
5. Your Rights Under Data Protection Laws
As a data subject, you have the following rights:
– Right of Access:
You may request access to and copies of your personal data.
– Right to Rectification:
You may request that we correct inaccurate or incomplete data.
– Right to Erasure:
You may request the deletion of your personal data under certain conditions (the “right to be forgotten”).
– Right to Restriction:
You may request the restriction of processing your data under specific circumstances.
– Right to Data Portability:
You may request your personal data in a structured, machine-readable format to be transferred to another controller, where applicable.
To exercise your rights, please contact [email protected].
6. Security Measures
We employ appropriate technical and organizational measures to ensure the confidentiality, integrity, and availability of your data, including:
– End-to-end encryption for transaction data
– Role-based access control for internal systems
– Regular system back-ups
– Continuous security training for our staff
– Monitoring and logging for data access and unauthorized activities
7. International Transfers
Your data may be transferred and stored outside of the European Economic Area (EEA) or your country of residence. When such transfers occur, we implement robust safeguards, including EU Standard Contractual Clauses, to ensure the level of protection is consistent with applicable regulations.
8. Data Retention
We retain personal data only for as long as necessary for the purposes for which it was collected. Specific retention periods are as follows:
– Usage Data: Up to 12 months for analytics purposes
– Account Data: Retained for the duration of account existence and up to 36 months post-deletion for legal compliance
– Transaction Data: Retained for 7 years to comply with accounting regulations
– Communication Data: Retained for 24 months for service quality and dispute resolution
Data will be securely disposed of or anonymized after the applicable retention period.
9. Cookie Policy
Our Website uses cookies to enhance user experiences, enable functionality, and improve website analytics. Cookies are categorized as follows:
– Essential Cookies:
Necessary for core website operation such as user authentication and security.
– Functional Cookies:
Support website customization and enhanced features, like remembering language or layout preferences.
– Analytics Cookies:
Help us understand user interactions and measure performance using anonymized statistical data.
– Performance Cookies:
Monitor website load times, responsiveness, and technical effectiveness.
10. Cookie Management and Compliance
Upon your first visit to herefordshirecomputing.com, a cookie banner will request your consent for non-essential cookies. You may change your preferences at any time by accessing the cookie preference center available on our Website. Your choices comply with GDPR Article 7 and CCPA opt-out protections. CCPA-regulated users may additionally submit “Do Not Sell My Personal Information” requests.
11. Children’s Privacy
Our services are not directed to individuals under the age of 13. We do not knowingly collect personal data from children under 13. If you are a parent or guardian and believe your child has provided us with personal data, please contact [email protected], and we will take appropriate steps to delete such information.
12. Policy Updates
This Privacy Policy may be updated periodically to reflect changes to our practices or legal obligations. Material updates will be prominently communicated via notices on herefordshirecomputing.com and/or via email when appropriate.
13. Contacting Us
If you have any questions or concerns regarding this Privacy Policy or wish to exercise your data rights, you may contact us at:
Email: [email protected]
Website: https://herefordshirecomputing.com
We are committed to full compliance with applicable data protection regulations and will act promptly and transparently to address any inquiries related to personal privacy.