Privacy Policy for Shaw Brothers

1. Introduction

At Shaw Brothers, accessible via shaw-brothers.com, we are firmly committed to protecting the privacy and personal data of our users, customers, and website visitors. We uphold the highest standards of data protection and recognize our responsibilities under applicable privacy laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”). This Privacy Policy outlines our data practices and your rights regarding your personal information.

2. Scope of Policy and Data Controller Role

This Privacy Policy governs the collection, use, storage, sharing, and protection of personal information collected through shaw-brothers.com and associated services. Shaw Brothers acts as the data controller for any personal data provided by users located in the European Economic Area (EEA), the United Kingdom, or those protected under California law. By accessing or using our website or services, you acknowledge your understanding of this policy.

3. Categories of Data Processed

We collect and process the following categories of personal data:

a. Usage Data
Includes information about your interactions with our website, such as IP address, browser type, time zone settings, operating system and platform, access times, referring URLs, and website navigation paths.

b. Account Data
Comprises personal identifiers used to create and maintain your account, including full name, billing and shipping address, email address, and telephone number.

c. Profile Data
Information related to your transactions and interactions with us, such as purchase history, saved items, preferences, and behavioral data tied to your account.

d. Communication Data
Includes the content and metadata associated with communications submitted via contact forms, support requests, email correspondence, and customer service interactions.

e. Technical Data
Refers to device identifiers, hardware configurations, system diagnostics, and application performance data.

f. Transaction Data
Covers the details of any transactions you carry out on our website, including billing details, payment method information (processed securely via third-party providers), and delivery addresses.

g. Preference Data
Includes your preferences in receiving marketing from us and your communication choices, including consent for promotional communications and product interest data.

4. Legal Bases for Processing

We collect and process your personal data according to the following lawful bases under GDPR and CCPA:

– Consent: When you have given clear permission for us to process your personal data for a specific purpose (e.g., email subscription).
– Contract: Where processing is necessary for the performance of a contract with you (e.g., fulfilling product orders).
– Legal Obligation: Where it is necessary to comply with a legal requirement.
– Legitimate Interests: For purposes such as improving our services, securing the platform, enforcing our rights, and marketing products or services where such interests are not overridden by your rights and freedoms.

5. Your Rights

As a data subject under GDPR or a consumer under CCPA, you are entitled to various rights in relation to your personal data, including:

– Right of Access: Obtain confirmation of whether we process your personal data and access to such data.
– Right to Rectification: Request corrections to any inaccurate or incomplete personal data.
– Right to Erasure (“Right to be Forgotten”): Request deletion of your personal data under certain conditions.
– Right to Restriction of Processing: Request a temporary or permanent halt to the processing of your personal data.
– Right to Data Portability: Receive a copy of your data in a structured, commonly used, and machine-readable format.
– Right to Withdraw Consent: Revoke consent at any time where processing is based on consent.
– Right to Object: Object to processing for direct marketing or profiling purposes.

California residents may also request:

– Disclosure of categories and specific pieces of personal information we collect.
– Information about personal data disclosed or sold in the preceding 12 months.
– An opt-out of the sale of personal data, where applicable.
– Non-discrimination for exercising privacy rights.

To exercise any of these rights, please contact us at [email protected].

6. Security Measures

We implement a robust set of technical and organizational measures to safeguard your personal data, including:

– Encryption of data during transmission and at rest.
– Role-based access controls to restrict internal access.
– Regular security audits and vulnerability testing.
– Secure data backups and disaster recovery planning.
– Continuous security training of staff handling personal data.

7. International Transfers

Where necessary, personal data may be transferred outside your jurisdiction, including to locations outside the EEA or California. We ensure such transfers are lawful by implementing appropriate safeguards such as Standard Contractual Clauses approved by the European Commission or by ensuring that an adequate level of protection is provided by the receiving party in accordance with applicable laws.

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy, in accordance with data minimization principles:

– Usage and Technical Data: retained for no more than 14 months.
– Account and Profile Data: retained while the account remains active and for 6 years beyond for auditing and legal compliance.
– Transaction Data: retained for a minimum of 7 years for financial recordkeeping.
– Communication Data: retained for 2 years following the last meaningful interaction.
– Marketing Consent Data: retained for 3 years from the date of last update or interaction.

9. Cookie Policy

Cookies are small text files stored on your device to enhance functionality, analyze usage, and support marketing efforts. shaw-brothers.com uses the following types of cookies:

– Essential Cookies: enable core functionality such as security and network management.
– Functional Cookies: allow the website to remember user preferences and settings.
– Analytics Cookies: collect aggregated data about usage behavior to improve performance.
– Performance Cookies: help measure the effectiveness of our content and services.

10. Cookie Management and Compliance

Users are provided with a cookie consent mechanism upon accessing shaw-brothers.com that allows for granular control of cookie preferences. You may also adjust your cookie settings manually through your browser or device. For EU users, we comply with GDPR requirements by obtaining explicit consent for non-essential cookies. California users may opt-out of cross-site tracking technologies consistent with CCPA standards.

11. Children’s Privacy

We do not knowingly collect or solicit data from children under the age of 13. If you believe that a child has provided us with personal information, please contact us immediately at [email protected], and we will take swift steps to delete such data.

12. Policy Updates and Notifications

We reserve the right to modify this Privacy Policy at any time to reflect changes to our data practices, legal obligations, or website features. Users are encouraged to review this policy periodically. Where changes are substantial, we will notify you by email (where consented) or by prominent notice on shaw-brothers.com.

13. Contact

If you have any questions, concerns, or requests in relation to this Privacy Policy or our data processing practices, please contact us via:

Email: [email protected]

We are committed to upholding your privacy rights and ensuring compliance with GDPR, CCPA, and all other applicable data protection frameworks. Please contact us if you believe your data has been handled in a manner inconsistent with this policy.