Privacy Policy
1. Introduction
At Hardys Gunsmiths, accessible via hardysgunsmiths.com, we are committed to safeguarding the privacy and personal data of our users. We understand the importance of your information and are dedicated to ensuring its confidentiality, integrity, and availability. This Privacy Policy outlines how we collect, use, store, and share your data in full compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA). Our approach is one of transparency and accountability, and we strive to employ best-in-class practices to protect the data you entrust to us.
2. Scope of this Policy and Data Controller Role
This Privacy Policy applies to all personal data processed by hardysgunsmiths.com in relation to the operation of our website, services, accounts, and communications with users, customers, and visitors. Hardys Gunsmiths is the data controller for the personal data collected through this website. As the data controller, we determine the purposes for which and the means by which your personal information is processed.
3. Categories of Personal Data We Process
We collect and process the following categories of personal data, depending on your interaction with our website and services:
a. Usage Data
This includes information about how you use hardysgunsmiths.com, such as your IP address, browser type, referring/exit pages, time zone setting, geolocation data, clickstream data, and information about your interactions with the site.
b. Account Data
If you create an account or place an order with us, we collect your name, postal address, email address, and contact telephone number.
c. Profile Data
This includes your preferences, transaction history, purchase behaviors, and any optional information you provide within your account settings.
d. Communication Data
This refers to records of inquiries, support tickets, email correspondence, live chat transcripts, and any customer service interactions with our team.
e. Technical Data
We collect information about the devices you use to access our services, including device model, operating systems, internet service provider, IP addresses, system configurations, and browser settings.
f. Transaction Data
When you make purchases through the site, we collect order details, payment confirmations, delivery addresses, and purchase timestamps. Note that payment card details are processed securely through our third-party payment processor and are not stored directly on our servers.
g. Preference Data
We collect marketing preferences, such as your communication consents, product interest selections, and opt-in/opt-out status for newsletters and special offers.
4. Legal Bases for Processing Personal Data
We process your personal data using the following lawful bases as defined under the GDPR:
– Consent: When you provide clear permission for us to process your data for a specific purpose (e.g., marketing communications).
– Contractual Necessity: When processing is essential to fulfilling a contract to which you are a party (e.g., delivering products or managing your account).
– Legal Obligation: When we are legally required to retain or disclose certain data (e.g., for tax or regulatory purposes).
– Legitimate Interests: When the processing is necessary for our legitimate business interests, such as improving the website, preventing fraud, or enhancing user experience—provided that your fundamental rights are not overridden.
Under the CCPA, we do not “sell” personal information as defined under the Act. We only share your data with trusted partners under contractual obligations that limit usage to specific, disclosed purposes.
5. Your Rights
As a user, you are afforded extensive rights under applicable privacy laws. These include:
– Right of Access: You may request a copy of the personal data we hold about you.
– Right to Rectification: You have the right to correct inaccurate or incomplete data.
– Right to Erasure: Also known as the “right to be forgotten,” this allows you to request deletion of your data in specific circumstances.
– Right to Restrict Processing: You can ask us to pause the processing of your data under certain conditions.
– Right to Data Portability: You can request your personal data in a commonly used, machine-readable format for transfer to another provider.
– Right to Object: You may object to data processing where it is based on our legitimate interests or for direct marketing purposes.
– Right Not to Be Discriminated Against: Under the CCPA, you have the right to receive equal service even if you exercise your privacy rights.
Requests may be submitted via email to [email protected]. We may require verification of your identity before proceeding.
6. Security Measures
We take the security of your personal data seriously. To that end, we implement a range of organizational and technical measures, including:
– End-to-end encryption of sensitive data during transmission
– Role-based access controls and multi-factor authentication
– Regular security audits and vulnerability assessments
– Secure data storage using hardened infrastructure
– Staff training programs and confidentiality agreements
– Regular backups and disaster recovery protocols
7. International Transfers
As part of our operations, your personal data may be transferred to and processed in countries outside the European Economic Area (EEA) or the United States. Where such transfers occur, we employ appropriate safeguards including Standard Contractual Clauses (SCCs) approved by the European Commission or rely on service providers who are certified under recognized privacy frameworks. These measures ensure your data receives equivalent protection wherever it is processed.
8. Data Retention
We retain personal data only for as long as is necessary for the purposes outlined in this Privacy Policy. Specific retention periods include:
– Account Data: Retained for the duration of your active account and for up to 7 years following closure or inactivity, in accordance with tax or legal obligations.
– Transaction Data: Retained for 7 years to comply with accounting and regulatory requirements.
– Communication Data: Retained for 2 years to support customer service and dispute resolution.
– Usage, Technical, and Profile Data: Retained for up to 3 years for analytics and service improvement purposes.
– Preference Data: Retained until you update your preferences or withdraw consent.
Upon expiration of these periods or a valid deletion request, your data is securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar technologies to enhance your experience on hardysgunsmiths.com. Our website employs the following categories of cookies:
– Essential Cookies: Required for core site functionality, such as navigation and account authentication.
– Functional Cookies: Enable personalization features, such as saving your preferences or remembering log-in sessions.
– Analytics Cookies: Help us understand how visitors interact with the site to improve performance (e.g., Google Analytics).
– Performance Cookies: Monitor site speed and operational metrics for continual service enhancement.
10. Cookie Management and Compliance
You have control over cookies and similar technologies via:
– Browser settings: Most browsers allow you to reject or delete cookies.
– Cookie banner: When you first visit hardysgunsmiths.com, you are prompted to set your cookie preferences.
– Consent Management Tool: You can update your cookie choices at any time through our on-site preferences center.
These protocols are designed to ensure full alignment with GDPR and CCPA requirements regarding user consent and rights to opt-out.
11. Protection of Children’s Data
Our website is not directed to individuals under the age of 13. We do not knowingly collect or solicit personal data from children. If we become aware that a minor under 13 has provided us with personal information, we will take immediate steps to remove such data from our systems. If you are a parent or guardian and believe your child has provided personal data to us, please contact us at [email protected].
12. Policy Updates
We may update this Privacy Policy from time to time to reflect changes in legal, technical, or operational developments. Where appropriate, and where required by applicable law, we will provide you with prior notification or obtain your consent to material changes. Continued use of the website following such changes indicates your acceptance of the updated policy.
13. Contact Us
If you have questions, concerns, or wish to exercise any of your rights outlined above, please contact us at:
Email: [email protected]
We are committed to full compliance with applicable data protection laws and welcome all inquiries regarding your privacy. Thank you for trusting Hardys Gunsmiths with your personal data.