Privacy Policy
1. Introduction
Reel Maet Shetland (“we”, “us”, “our”) is committed to respecting and protecting the privacy of all users of our website, reelmaetshetland.com (the “Website”). This Privacy Policy outlines how we collect, process, store, and protect your personal data in accordance with all applicable privacy laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act (“CCPA”). We believe your privacy is a fundamental right, and we are dedicated to maintaining transparency about how we handle your data.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all personal data collected or processed by us through your use of the Website and associated services. Reel Maet Shetland acts as the data controller for all personal data collected on the Website. This means we determine the purposes and means of processing your personal data. For any inquiries about your personal data or this policy, please contact us at [email protected].
3. Categories of Data Processed
We process the following categories of personal data:
a. Usage Data
Information about how you use the Website, including your IP address, browser type, operating system, device identifiers, pages visited, session timestamps, and interactions with page elements.
b. Account Data
Details provided when creating an account or engaging with our services, including your full name, email address, postal address, and phone number.
c. Profile Data
Preferences, interests, and behavioral information you provide or generate through using our site (e.g., preferred products, purchase history, and navigation behavior).
d. Communication Data
Records of correspondence with us, including inquiries, feedback, support requests, and communication history.
e. Technical Data
Device information such as hardware model, IP address, operating system version, browser software, and technical diagnostics.
f. Transaction Data
Information related to purchases or transactions conducted on the Website, including billing information, payment method details (processed securely through third-party providers), and delivery address.
g. Preference Data
Marketing communication preferences, product subscriptions, and consent records for receiving promotional content.
4. Legal Bases for Processing
We process your personal data on the following legal bases under the GDPR:
– Consent: Where you have given clear, affirmative consent to process your personal data for a specific purpose (e.g., signing up for newsletters).
– Contractual Necessity: When processing is required to fulfill a contract with you – such as providing purchased goods or customer service.
– Legal Obligation: If processing is necessary for compliance with a legal obligation.
– Legitimate Interest: Where processing is necessary for our legitimate interests or that of a third party, provided these interests are not overridden by your rights and freedoms (e.g., fraud prevention, analytics, service improvement).
5. Your Rights
Under applicable law, including the GDPR and CCPA, you have the following rights with respect to your personal data:
– Right of Access: You may request a copy of personal data we hold about you.
– Right to Rectification: You have the right to correct inaccurate or incomplete information.
– Right to Erasure: You can request deletion of your data, subject to legal and contractual obligations.
– Right to Restriction: You may request us to limit how we use your data under certain conditions.
– Right to Data Portability: You can request your data in a format that allows transfer to another service provider.
– Right to Object: You may object to processing conducted based on legitimate interests or for direct marketing purposes.
– Right to Non-Discrimination (CCPA): We will not discriminate against you for exercising any of your privacy rights.
To exercise any of your rights, please send your request to [email protected]. We may require verification of your identity before fulfilling your request.
6. Security Measures
We implement appropriate technical and organizational security measures to protect your data against unauthorized access, alteration, disclosure, or destruction. These measures include:
– Encryption of data in transit and at rest
– Access controls and role-based permissions
– Secure storage through reputable hosting providers
– Regular security audits and vulnerability assessments
– Staff training and confidentiality obligations
7. International Transfers
Your personal data may be transferred and maintained on servers located outside your jurisdiction, including to countries that may not provide the same level of data protection. Where such transfers occur, we implement safeguards under standard contractual clauses approved by the European Commission or the UK Data Protection Authority and ensure compliance with regional data protection laws.
8. Data Retention
We retain your personal data for as long as is necessary to fulfill the purposes for which it was collected. Retention periods are determined based on the category of data and applicable legal requirements:
– Usage, Technical, and Preference Data: up to 2 years
– Communication Data: up to 3 years after the last contact
– Account and Transaction Data: up to 6 years for regulatory compliance
– Profile Data: retained while your account is active and for up to 2 years after closure
– Cookie Data: subject to cookie expiration durations (see Section 9)
Where legally or contractually required, we may retain certain data beyond these periods.
9. Cookie Policy
The Website uses cookies and other tracking technologies to enhance user experience and provide analytical insight. Cookies may be categorized as follows:
– Essential Cookies: Required for website functionality, such as login, navigation, and security.
– Functional Cookies: Assist with personalization and remembering user preferences.
– Analytics Cookies: Help us understand user interaction on the Website to improve functionality, via aggregated data (e.g., Google Analytics).
– Performance Cookies: Collect data on system performance and error messages to optimize service reliability.
10. Cookie Management and Compliance with GDPR & CCPA
Visitors from the European Economic Area and California are presented with a cookie consent banner. You may manage cookie preferences at any time through your browser settings or by accessing our Cookie Settings on the Website. Upon opting out of non-essential cookies, we will immediately cease data collection related to your preferences. Opt-out mechanisms for third-party analytics – such as Google Analytics – are integrated in accordance with GDPR and CCPA.
11. Protection of Children’s Privacy
We do not knowingly collect or solicit personal data from children under the age of 13. If you are under 13, do not use our Website or provide any information through it. Parents and legal guardians should contact us immediately at [email protected] if they believe a child under their supervision has submitted personal data to us, and we will delete such data promptly.
12. Policy Updates and Notifications
We reserve the right to update or amend this Privacy Policy at any time in response to legislative changes or operational requirements. Where the changes are material, we will notify users through the Website or by direct communication where applicable. Continued use of the Website after an update signifies your acceptance of the changes.
13. Contact Us
If you have any questions, concerns, or complaints regarding this Privacy Policy or your personal data, please contact us at:
Email: [email protected]
Website: https://reelmaetshetland.com
We are committed to complying with all applicable data protection laws, including GDPR and CCPA, and ensuring that your privacy rights are upheld. Please feel free to reach out if you have any privacy-related inquiries or concerns.