Privacy Policy for hemlocktavernsf.com
1. Introduction
Hemlocktavernsf.com (“we,” “us,” or “our”) is committed to safeguarding the privacy and personal data of visitors (“you,” “your,” or “users”) who interact with our website. We deeply respect your rights to privacy and data protection, and in compliance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws, we are wholly dedicated to ensuring transparency and lawful handling of your personal information.
This Privacy Policy outlines our practices regarding the collection, use, storage, sharing, and protection of your personal data when you visit, interact with, or otherwise engage with hemlocktavernsf.com.
2. Scope and Role of Data Controller
This Privacy Policy applies to all personal data processed via the website hemlocktavernsf.com. For the purposes of data protection legislation, Hemlock Tavern (operating hemlocktavernsf.com) is the Data Controller responsible for determining the purposes and manner in which your personal data are processed.
If you have any questions or concerns regarding the handling of your data, you may contact us at [email protected].
3. Categories of Personal Data Processed
We may collect and process the following categories of personal data when you interact with hemlocktavernsf.com:
– Usage Data: Includes information about your interactions with our website, such as IP address, browser type, referral URLs, accessed pages, session duration, and time stamps.
– Account Data: Includes personal identifiers that you provide while creating an account, including your name, postal address, email address, and phone number.
– Profile Data: Includes details about your preferences, event bookings, behavioral interaction history, and purchase records.
– Communication Data: Includes correspondence you send to us—whether via contact forms, emails, support requests, or similar channels—along with associated metadata.
– Technical Data: Includes device-specific information such as operating system, device type, screen resolution, system configurations, and network identifiers.
– Transaction Data: Includes payment-related information (excluding full card or bank details, as these are handled by third-party processors), transaction history, and delivery information.
– Preference Data: Includes your choices regarding marketing communications, event reminders, promotional offers, and your interests in particular product/service categories.
4. Legal Bases for Processing Personal Data
We process your personal data in accordance with the following lawful bases, where required under applicable laws:
– Consent: Where you have given us explicit consent for specific purposes, such as marketing.
– Contractual Necessity: Where processing is necessary for the performance of a contract with you, including the provision of services you have requested.
– Legal Obligation: Where processing is required to comply with legal obligations.
– Legitimate Interests: Where processing is necessary for our legitimate business interests, providing such interests do not override your fundamental rights and freedoms (e.g., securing our website, preventing fraud, or improving services).
5. Your Rights Over Your Personal Data
Pursuant to GDPR, CCPA, and other applicable data privacy laws, you have the following rights:
– Right to Access – Request access to the personal information we hold about you.
– Right to Rectification – Request correction of inaccurate or incomplete personal data.
– Right to Erasure – Request deletion of your data where there is no lawful reason for us to continue processing it.
– Right to Restrict Processing – Request we limit how we use your personal data in certain circumstances.
– Right to Data Portability – Obtain and reuse your data for your own purposes across different services.
– Right to Object – Object to our processing of your personal data under certain conditions, including direct marketing.
To exercise any of these rights, please send a request to [email protected]. We may require verification of your identity before responding to such requests.
6. Security Measures
We implement robust technical and organizational security measures to ensure the protection of your personal data. These include:
– Encryption of data during transmission using SSL/TLS protocols.
– Role-based access controls and user authentication mechanisms.
– Regular data backups and disaster recovery procedures.
– Secure physical and digital storage environments.
– Staff awareness and training programs regarding data protection responsibilities.
While we strive to use commercially acceptable means to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure.
7. International Transfers of Data
Where personal data is transferred outside the jurisdiction in which it was collected—including transfers to our service providers located in non-EEA (European Economic Area) or non-US countries—we ensure such transfers are safeguarded using appropriate legal mechanisms, including:
– Standard Contractual Clauses approved by the European Commission.
– Binding Corporate Rules or other applicable data protection safeguards as recognized by relevant supervisory authorities.
We take all reasonable steps to ensure your data is treated securely and in accordance with this Privacy Policy.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which the data was collected, including satisfying any legal, contractual, accounting, or reporting obligations.
Retention periods vary by category:
– Account Information: Retained for as long as your account remains active and for up to 3 years thereafter.
– Transaction Data: Stored for a minimum of 7 years, as required by financial regulations.
– Marketing Preferences: Maintained until you withdraw consent or opt out.
– Communication Logs: Retained for up to 24 months for audit and support purposes.
Personal data may be anonymized and retained in aggregate form for analytical purposes beyond standard retention periods.
9. Cookie Policy
Hemlocktavernsf.com uses cookies and similar tracking technologies to enhance user experience and analyze website traffic:
– Essential Cookies: Necessary for website functionality, such as navigation and account sessions.
– Functional Cookies: Enable personalization features, such as language settings and remembered preferences.
– Analytics Cookies: Collect aggregated data on how visitors use the site to help us improve content and functionality.
– Performance Cookies: Allow us to monitor system performance and resolve technical issues efficiently.
10. Cookie Management and Compliance
You can manage or withdraw your consent to cookies at any time through your browser settings or via designated consent banners on our website. Where legally required by GDPR and CCPA, we obtain your express consent for the use of non-essential cookies.
For California residents, note that some cookies may be considered “sales” under CCPA. You may opt out of the sale of personal data by adjusting cookie preferences or contacting us directly.
11. Children’s Privacy
Hemlocktavernsf.com does not knowingly collect or solicit personal data from children under the age of 13. Should we discover that we have inadvertently collected data from a child under this age threshold, we will immediately take steps to delete such information. If you believe we have collected personal data from a child, please contact us at [email protected].
12. Policy Updates
We reserve the right to modify or update this Privacy Policy at any time to reflect legal, regulatory, or operational changes. When updates are made, we will notify users via appropriate means, such as website banners, direct email communication, or a notice on the homepage of hemlocktavernsf.com. Continued use of the website after such updates constitutes acceptance of the revised policy.
13. Contact Information
For questions, concerns, or inquiries regarding this Privacy Policy or the manner in which we handle personal data, please contact:
Hemlock Tavern
Email: [email protected]
We are committed to full compliance with applicable privacy laws and regulations and welcome your questions and feedback.