Privacy Policy
1. Introduction
At Lleaeth Pawb (accessible via lleaethpawb.com), we are committed to maintaining the highest standards of data privacy and protection. Your trust is important to us, and we are dedicated to safeguarding the personal information you share with us. This Privacy Policy details how we collect, use, disclose, and safeguard your personal data when you interact with us through our website or services. We process your data in compliance with applicable data protection laws including but not limited to the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all visitors, users, and customers accessing or using services made available through lleaethpawb.com. For the purposes of the GDPR, Lleaeth Pawb is the data controller responsible for your personal data. As a data controller, we determine the purposes and means of processing your personal data.
3. Categories of Data Processed
We may collect and process the following categories of personal data depending on your interaction with our website:
a. Usage Data
Includes data about how you use our website, such as browser type and version, IP address, time zone settings, device identifiers, page views, and session information.
b. Account Data
Collected when you register for an account or submit information voluntarily. This includes your name, email address, mailing address, phone number, and login credentials.
c. Profile Data
Includes your preferences, purchase history, feedback, reviews, and patterns of browsing and interaction with our website.
d. Communication Data
Encompasses any correspondence or communication with our customer service team, including emails, support tickets, and any messages sent through website forms.
e. Technical Data
Comprises detailed device information such as operating system, hardware model, device language settings, and system configuration details used to access lleaethpawb.com.
f. Transaction Data
Includes billing address, order details, payment processing information (handled securely through third-party processors), and delivery information necessary to fulfill orders.
g. Preference Data
Information regarding your marketing preferences, subscription settings, interests in products or services, and consent to receive promotional communications.
4. Legal Bases for Processing
We rely on the following legal bases for processing your personal data:
– Performance of Contract: To provide services and fulfill transactions you request.
– Consent: Where you have given clear and informed consent (e.g., opting in to receive newsletters).
– Legitimate Interests: To understand usage patterns, improve our services, secure our systems, or develop offerings while ensuring such processing does not override your fundamental rights.
– Legal Obligation: When processing is necessary to comply with legal or regulatory requirements.
5. Your Rights Under Data Protection Law
You have rights under GDPR and CCPA which include:
– Right to Access: You may request details of the personal data we hold about you.
– Right to Rectification: You may request corrections to inaccurate or incomplete data.
– Right to Erasure: You have the right to request deletion of your personal data under certain conditions.
– Right to Restriction: You can ask us to limit how we process your data in specific circumstances.
– Right to Data Portability: You can request your data be provided to you or another data controller in a structured, commonly readable format.
– Right to Object: If we process data based on legitimate interest, you can object to such processing.
– Right to Opt-out of Sale (CCPA): California residents may request that their personal data not be sold.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We apply comprehensive technical and organizational safeguards to secure your data, including but not limited to:
– End-to-end encryption of data transfers
– Secure server environments and firewalls
– Role-based access controls for personnel
– Enforced password policies and authentication protocols
– Regular backups with restricted access
– Ongoing staff training on data privacy and security
7. International Transfers
Where personal data is transferred outside the UK, European Economic Area (EEA), or other jurisdictions with robust privacy laws, such transfers are conducted under standard contractual clauses or equivalent protective mechanisms that ensure your data receives adequate protection in line with applicable laws.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes we collected it for, including legal, accounting, and reporting obligations:
– Usage and Technical Data: Up to 12 months from collection
– Account and Profile Data: While your account is active and up to 2 years thereafter
– Communication Data: Up to 3 years after resolution
– Transaction Data: Up to 7 years for compliance with tax and financial regulations
– Preference and Marketing Consent Data: Until consent is withdrawn or no longer valid
9. Cookie Policy
We use cookies and similar technologies to enhance functionality and improve your browsing experience. These include:
– Essential Cookies: Required for site operation and navigation
– Functional Cookies: Remember preferences and settings
– Analytics Cookies: Measure performance and usage patterns
– Performance Cookies: Optimize load speed and system efficiency
These cookies may be first-party or third-party, depending on their origin.
10. Cookie Management and Compliance
Users can manage their cookie preferences via on-site pop-ups or by adjusting the settings within their browser. In compliance with GDPR and CCPA, we will not set non-essential cookies without your explicit consent. California residents may also use the “Do Not Sell or Share My Personal Information” setting when available to manage cookie-based data sharing.
11. Protection of Children
Our website and services are not intended for use by children under the age of 13. We do not knowingly collect personal data from minors without verified parental consent. If we become aware of unauthorized collection, we will take immediate steps to delete such data from our records.
12. Changes to This Policy
We may update this Privacy Policy from time to time as legal, operational, or technical needs arise. Substantive changes will be communicated to users via on-site notices or direct correspondence when necessary. Continued use of lleaethpawb.com after any modifications constitutes acceptance of the updated Privacy Policy.
13. Contacting Us
If you have any questions regarding this Privacy Policy, your rights under applicable privacy laws, or how your data is processed, you may contact our Data Protection Officer at:
Email: [email protected]
Website: https://lleaethpawb.com
We are committed to full compliance with GDPR, CCPA, and other relevant data protection frameworks. For any privacy concerns, do not hesitate to reach out.