Privacy Policy
1. Introduction
At johngriffithsam.com, we are firmly committed to protecting your personal data and upholding your privacy rights. We respect your privacy and are dedicated to processing your personal information transparently, securely, and in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we collect, use, share, and safeguard your personal information when you visit or interact with our website.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all visitors, users, and others who access johngriffithsam.com. For purposes of applicable data protection legislation, including the GDPR and CCPA, the data controller of your personal data is Johngriffithsam.com. If you have questions about this policy or how we handle your information, you may contact us at [email protected].
3. Categories of Data Processed
We may collect, use, store, and transfer the following categories of personal data:
a. Usage Data
Information automatically collected when you interact with our website, including IP address, device identifiers, browser type, referral URLs, access times, pages visited, interactions, and session metadata.
b. Account Data
Details you provide when creating or updating an account, including your full name, email address, mailing address, phone number, and login credentials.
c. Profile Data
Preferences, interests, purchase history, behavior patterns, and other data related to your use of our services and content.
d. Communication Data
Records of any communications with us, such as inquiries, support requests, and chat or email correspondences.
e. Technical Data
Technical and diagnostic information about your device and internet connection, including your operating system, screen resolution, system configurations, and browser configurations.
f. Transaction Data
Details relating to your payment submissions, purchase orders, billing and shipping information, and transaction history.
g. Preference Data
Your opt-in consents for marketing communications, subscription settings, language preferences, and product interest data.
4. Legal Bases for Processing
We rely on the following legal grounds, as applicable, for processing your personal data:
– Legitimate Interests: To improve our website, secure our services, understand user behavior, and respond to customer inquiries.
– Contractual Necessity: To fulfill our contractual obligations when you register an account, make a purchase, or enter into agreements with us.
– Consent: For sending marketing communications, placing non-essential cookies, or when processing sensitive categories of personal data, subject to explicit consent.
– Legal Obligation: To comply with applicable legal or regulatory requirements and enforcement requests.
5. Your Rights
Subject to applicable laws, you may have the right to:
– Access: Request access to the information we hold about you.
– Rectification: Correct inaccurate or incomplete personal data.
– Erasure: Request deletion of your personal information.
– Restriction: Request limitation of processing under certain conditions.
– Portability: Obtain a copy of your data in a structured, commonly used, machine-readable format.
To exercise any of these rights, please contact us at [email protected]. We will respond in accordance with applicable legal timeframes.
6. Security Measures
We implement appropriate technical and organizational security measures to protect your personal data, including:
– Encryption of data in transit and at rest
– Role-based access control and authentication protocols
– Regular vulnerability assessments and security audits
– Secure data backups and disaster recovery procedures
– Employee training in secure data handling
While no system can guarantee absolute security, we strive to apply best practices to protect your data.
7. International Transfers
Your personal data may be transferred to, and maintained on, servers and databases located outside of your country of residence, including countries that may not offer the same level of personal data protection as your jurisdiction. Where such transfers occur, they are safeguarded by standard contractual clauses or similar mechanisms to ensure adequate protection in line with GDPR and other regulatory standards.
8. Data Retention
We retain personal data for no longer than is necessary for the purposes for which it was collected. Retention periods vary by data type:
– Usage and Technical Data: Retained for up to 24 months.
– Account and Profile Data: Retained while account is active and for 6 years following deactivation.
– Communication Data: Retained for 3 years following resolution.
– Transaction Data: Retained for 7 years to comply with legal and tax obligations.
– Preference Data: Retained until user opts out or revokes consent.
All personal data is deleted or anonymized once it is no longer required.
9. Cookie Policy
We use cookies to enhance your browsing experience. Cookies are small text files stored on your device. Our website uses the following types of cookies:
– Essential Cookies: Required for website functionality and cannot be disabled.
– Functional Cookies: Enable personalization and remembering user preferences.
– Analytics Cookies: Help us understand traffic patterns and usage behavior.
– Performance Cookies: Improve site speed and responsiveness.
10. Cookie Management and GDPR/CCPA Compliance
In accordance with GDPR and CCPA provisions, we enable you to manage your cookie settings through our cookie consent manager. Users are provided a clear, affirmative choice to accept or reject different cookie categories upon first visit, and may modify preferences at any time through the cookie settings link on our website. California residents may also opt-out of the sale or sharing of personal data via the “Do Not Sell or Share My Personal Information” link, where applicable.
11. Special Protections for Children Under 13
johngriffithsam.com does not knowingly collect, solicit, or process personal information from children under the age of 13. If we become aware that such data has been unlawfully collected, we will take prompt measures to delete it. Parents or legal guardians who believe that their child has provided us with personal information may contact us at [email protected] to request removal.
12. Policy Updates and User Notifications
We reserve the right to amend this Privacy Policy as necessary to reflect changes in our operations, data processing activities, or legal obligations. All changes will be posted on this page with revised documentation. Where legally required, we will notify registered users of material changes to this policy through email or prominent website notices.
13. Contact
If you have any questions or concerns about this Privacy Policy or the way your data is handled, you may contact us at:
Email: [email protected]
Website: https://johngriffithsam.com
We are committed to full compliance with all data protection legislation and welcome all inquiries or concerns regarding your privacy.