Privacy Policy
1. Introduction
At Medway Renaissance, accessible via medwayrenaissance.com (“Website”, “we”, “us”, or “our”), we are committed to safeguarding the privacy and personal data of our users, visitors, and customers. Protecting your information is foundational to our operations and a core aspect of our compliance with international data protection laws, including the General Data Protection Regulation (EU) 2016/679 (GDPR) and the California Consumer Privacy Act (CCPA). We adopt a privacy-first philosophy, committed to transparency, control, and trust.
This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you engage with our Website or services.
2. Scope and Data Controller
This Privacy Policy applies to all users who visit or interact with medwayrenaissance.com and our affiliated online platforms. For GDPR purposes, Medway Renaissance is the “Data Controller” responsible for processing your personal data. If you reside in California, we act as a “Business” under CCPA definitions.
Our contact information for privacy inquiries is:
Email: [email protected]
3. Categories of Data We Process
We collect the following categories of personal data, either directly from you or through automated technologies:
a. Usage Data
Information on how users interact with our Website, including browser type, IP address, language preferences, device identifiers, pages visited, date and time of visits, referring URLs, and session durations.
b. Account Data
Personal data provided when registering an account with us, such as your full name, mailing address, email address, and contact number.
c. Profile Data
Includes your interests, preferences, account settings, behavioral data, and purchase history connected to your use or interaction with our services.
d. Communication Data
Records of your communications with us, including support inquiries, contact forms, email correspondence, and other interactions.
e. Technical Data
Details related to your hardware and software, including device model, operating system, browser type and version, screen size, time zone settings, and diagnostics.
f. Transaction Data
Information involving purchases or transactions made via our Website, including billing addresses, payment method details (e.g., encrypted card details), order history, and delivery information.
g. Preference Data
Marketing and communications preferences, including your consent to receive promotional content, subscriptions, and personalized product interests.
4. Legal Bases for Processing Personal Data
We process your personal data under the following legal grounds established by GDPR:
– Consent: Where you have actively provided consent, such as for receiving marketing emails.
– Performance of a Contract: Where data processing is necessary for fulfilling a contract with you or providing requested services.
– Legal Obligation: When processing is required to meet regulatory or legal responsibilities.
– Legitimate Interests: Where processing is necessary for our legitimate business interests, provided such processing is not overridden by your fundamental rights and freedoms.
If you are a California resident, we process your personal information as per the permitted “business purposes” under CCPA.
5. Your Rights
Under applicable laws, you are entitled to the following rights over your personal data:
– Right of Access: You may request access to the personal data we hold about you.
– Right to Rectification: You have the right to request corrections to incomplete or inaccurate data.
– Right to Erasure (“Right to be Forgotten”): You may request deletion of your personal data in certain circumstances.
– Right to Restriction: You may request to restrict the processing of your data.
– Right to Data Portability: You may request your data in a structured, commonly-used, machine-readable format to transfer it to another provider.
– Right to Object: You may object to processing carried out based on legitimate interests or direct marketing.
To exercise your rights, please contact us at [email protected]. We will respond to verified requests in compliance with applicable laws.
California residents may also designate an authorized agent to act on their behalf for privacy requests under the CCPA.
6. Security Measures
We implement appropriate technical and organizational measures designed to ensure a level of security appropriate to the risks, including:
– Data encryption during transit and at rest.
– Access controls with role-based permissions.
– Regular vulnerability assessments and intrusion prevention mechanisms.
– Secure data backups and recovery protocols.
– Employee confidentiality agreements and ongoing privacy/security training.
7. International Data Transfers
If and when we transfer your personal data outside the European Economic Area (EEA) or other jurisdictions, we do so only under lawful transfer mechanisms that provide adequate safeguards. This may include the use of Standard Contractual Clauses (SCCs) approved by the European Commission or other recognized frameworks.
For users in jurisdictions with specific data protection laws, we comply with those applicable regulations to guarantee adequate protection and lawful transfer of your information.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including satisfying legal, accounting, or reporting obligations. Specific retention periods vary by data type:
– Usage and Technical Data: up to 12 months.
– Account and Profile Data: retained for the duration of your active account and up to 24 months after termination.
– Transaction and Communication Data: retained for 5 years for compliance with financial and legal obligations.
– Preference Data: retained until consent is withdrawn or 24 months from the last interaction.
9. Cookie Policy
Our Website uses cookies and similar tracking technologies to enhance user experience, analyze site usage, and support marketing activities. Categories of cookies include:
– Essential Cookies: Necessary for the website to function, including secure login and navigation.
– Functional Cookies: Remember preferences and choices to personalize your experience.
– Analytics Cookies: Collect aggregate data to help improve site performance and functionality.
– Performance Cookies: Measure the performance of our content and user experience.
10. Cookie Management and Compliance
Upon visiting medwayrenaissance.com, users are given the option to manage cookie preferences through a cookie consent banner. Users may accept, reject, or customize their selections in accordance with GDPR consent requirements. Additionally, you may adjust cookie settings through your browser’s privacy controls.
CCPA-relevant tracking (“selling” or “sharing” of personal information) is either not conducted or is disabled by default unless explicit, opt-in consent is provided. California residents may access their cookie and Do Not Sell/Share My Information preferences at any time via our Website footer.
11. Children’s Privacy
We do not knowingly collect, solicit, or process data from children under the age of 13. If we become aware that we have inadvertently collected personal data from a child without verified parental consent, we will delete such information immediately. If you believe a child under 13 has provided us with personal data, please contact us at [email protected] promptly.
12. Changes to This Policy
This Privacy Policy may be amended from time to time according to changes in law or our operational activities. All modifications will be reflected on this page, and where appropriate, we will notify users of material changes via email or through notifications on medwayrenaissance.com. Continued use of our Website after policy changes signifies your acceptance of the updated terms.
13. Contact Us
For questions, concerns, or the exercise of your privacy rights, you may contact our Data Protection team via:
Email: [email protected]
We are committed to ensuring lawful, transparent, and fair handling of your personal data. If you have privacy concerns or believe your rights have been violated, we encourage you to reach out, and we will address the matter promptly.
Medway Renaissance is dedicated to full compliance with applicable data protection laws, including GDPR and CCPA. For any privacy-related queries, please contact us at [email protected].