Privacy Policy
twentyfourwine.com
1. Introduction
At twentyfourwine.com (“we,” “us,” or “our”), we are fully committed to respecting and protecting your privacy. We recognize the importance of safeguarding personal data and maintaining transparency about how we use the data you provide to us. This Privacy Policy outlines how we collect, use, store, and safeguard your personal information, as well as your rights under applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope of the Policy and Data Controller Role
This Privacy Policy applies to all users of twentyfourwine.com and governs the collection, usage, and protection of personal data obtained through the website. For the purposes of the GDPR, twentyfourwine.com is the data controller of the data users provide through this site. If you have any questions regarding this policy or your data, please contact us at [email protected].
3. Categories of Data Processed
We may collect and process the following categories of personal data when you use our website or interact with our services:
a) Usage Data
Information about how you use twentyfourwine.com, including your IP address, browser type, device identifiers, access times, referring URLs, pages visited, and navigation paths.
b) Account Data
Personal details you provide when registering an account with us, such as your name, residential address, email address, telephone number, and login information.
c) Profile Data
Information relating to your purchase history, preferences, interests, wishlists, and behavioral data relevant to your personalized experience on twentyfourwine.com.
d) Communication Data
Records of your communications with us including emails, live support chats, inquiry forms, and logs of customer support interactions.
e) Technical Data
Data about your device and software, such as device type, operating system, browser settings, and other system configurations required for the proper functioning of the website.
f) Transaction Data
Details related to any purchases made through twentyfourwine.com, including billing addresses, delivery information, order history, payment verification, and transaction timestamps.
g) Preference Data
Data concerning your marketing and communication preferences, newsletter opt-ins, consent history, and interest categories you have selected.
4. Legal Bases for Processing
We process your personal data only where a lawful basis applies. The legal grounds on which we rely include:
– Consent: For sending marketing communications and placing certain cookies after obtaining your express consent.
– Contractual Obligation: To fulfill our obligations under a contract with you, such as fulfilling orders or managing your account.
– Legitimate Interest: To improve our website, analyze user behaviors, secure user accounts, and promote efficient service delivery.
– Legal Compliance: To comply with legal obligations including tax, accounting, and regulatory requirements.
5. Your Rights
Under applicable privacy laws, you may exercise the following rights in relation to your personal data:
– Right of Access: Request a copy of your personal data that we hold.
– Right to Rectification: Request correction of any inaccurate or incomplete data.
– Right to Erasure: Request deletion of your data where appropriate.
– Right to Restrict Processing: Request a restriction of how we process your data in certain circumstances.
– Right to Data Portability: Request to receive your data in a structured, commonly used format, or have it transferred to another controller.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement appropriate technical and organizational measures to safeguard your personal information. These include but are not limited to:
– Encryption of personal data in transit and at rest where appropriate;
– Firewalls and anti-malware protections;
– Role-based access control and authentication protocols;
– Secure backups and disaster recovery systems;
– Regular data protection and privacy training for relevant personnel.
7. International Data Transfers
Where we transfer your personal data outside of the European Economic Area (EEA) or California, such transfers are conducted in compliance with applicable data protection laws. We utilize Standard Contractual Clauses, binding corporate rules, and other lawful mechanisms to ensure adequate protection of your data.
8. Data Retention
We retain personal data only as long as necessary to achieve the purposes for which it was collected and to fulfill our legal obligations. Retention periods vary by data category:
– Usage Data and Technical Data: up to 13 months
– Account and Profile Data: as long as the account is active and up to 6 years thereafter
– Transaction Data: 7 years in accordance with accounting regulations
– Communication Data: 3 years from last contact
– Cookie and Preference Data: up to 2 years, subject to user control
9. Cookie Policy
Our website uses cookies and similar tracking technologies to enhance user experience. The cookies we use fall into the following categories:
– Essential Cookies: Required for website functionality, such as account login and order processing.
– Functional Cookies: Remember your preferences and settings to provide personalized features.
– Analytical Cookies: Collect aggregated browsing data for statistical and performance analysis.
– Performance Cookies: Monitor website performance and troubleshoot issues.
10. Cookie Management and Compliance
Users can manage cookie preferences directly through our Cookie Consent Manager or via browser settings. In accordance with GDPR and CCPA, you have the right to opt in or out of non-essential cookies at any time and to withdraw previously given consent. California residents may also exercise their right to opt out of the sale or sharing of personal information by contacting us as outlined below.
11. Protection of Children
We do not knowingly collect or solicit personal information from individuals under the age of thirteen (13). If we become aware that a child under 13 has provided us with personal information, we will take immediate steps to delete such information. Parents or guardians who believe their child has submitted personal data may contact us at [email protected].
12. Policy Updates and Notifications
We may update this Privacy Policy from time to time to reflect changes in legal regulations, business practices, or technology. Changes will be posted on this page, and where legally required, we will notify you of any significant changes to your rights or the way your personal data is processed.
13. Contact Information
For any inquiries regarding this Privacy Policy or your personal data, you may contact us at:
Email: [email protected]
Website: https://twentyfourwine.com
We are committed to ensuring full compliance with applicable privacy laws and providing transparency and control over your personal data. If you have any concerns or wish to report a data protection issue, we welcome your correspondence at the contact email above.