PRIVACY POLICY
Shaw Brothers (“we”, “us”, or “our”) is fully committed to respecting and protecting your privacy. This Privacy Policy explains how we collect, use, store, and safeguard your personal data when you visit our website at shaw-brothers.com (“Site”), engage with our services, or otherwise interact with us. We adhere to applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), and we implement stringent measures to ensure your information remains secure and confidential at all times.
1. Commitment to Privacy and Data Protection
We consider privacy a fundamental right. At shaw-brothers.com, protection of personal data is a priority. We only collect and process information that is necessary for the performance of our services, legal compliance, or upon your explicit consent. We do not sell your data and strive to ensure transparency in our data handling procedures.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of our Site and services. Shaw Brothers is the “data controller” for the purposes of the GDPR and determines how and why your personal information is processed. For inquiries regarding data responsibilities, you may contact us at [email protected].
3. Categories of Data Processed
We process the following categories of personal data depending on your interactions with shaw-brothers.com:
a. Usage Data:
Includes information such as your IP address, browser type and version, time zone settings, page interactions, referring URLs, and session duration.
b. Account Data:
Includes your full name, billing and shipping address, email address, and telephone number submitted when registering or placing an order.
c. Profile Data:
Includes purchase history, product preferences, saved items, and behavioral patterns on our Site to enhance user experience.
d. Communication Data:
Includes information from customer service requests, inquiries, and correspondence via email or our Site’s contact mechanisms.
e. Technical Data:
Includes device-specific information such as operating system, hardware specifications, mobile platform, and browser plugins.
f. Transaction Data:
Includes payment card details (processed via secure third-party providers), purchase records, delivery tracking, and invoice records.
g. Preference Data:
Includes your communication preferences, consent to receive promotional materials, and indications of interest based on your activity.
4. Legal Bases for Processing
We process your personal information based on specific legal bases as permitted under data protection laws:
– Consent: Where you have provided explicit permission for specific uses of your data.
– Contractual Necessity: Where processing is necessary to perform a contract, including the provision of our services.
– Legal Obligation: Where processing is needed to comply with legal obligations to which we are subject.
– Legitimate Interest: Where processing is necessary for our legitimate business interests and those interests do not override your privacy rights (e.g., fraud prevention, service improvement).
5. Your Rights
You have the following rights with respect to your personal information under applicable privacy legislation:
– Right of Access – You may request confirmation as to whether we process your data and obtain a copy of such data.
– Right to Rectification – You may request the correction of inaccurate or incomplete data.
– Right to Erasure – You may request deletion of your data under certain conditions.
– Right to Restriction – You may request limited processing of your data in specific situations.
– Right to Data Portability – You may request transmission of your personal data to another controller in a structured, commonly used, machine-readable format.
– Right to Object – You may object to processing based on public interest or legitimate interests.
– Right to Withdraw Consent – Where processing is based on consent, you may withdraw it at any time.
To exercise your rights, please contact us at [email protected].
6. Security Measures
To ensure confidentiality and integrity of your data, we implement appropriate technical and organizational security measures, including but not limited to:
– Advanced encryption protocols for data storage and transmission
– Strict access controls and authentication procedures
– Regular data backups and monitoring
– Employee training on cybersecurity and personal data handling
We continuously evaluate our systems to ensure compliance and safeguard against unauthorized access, loss, misuse, or disclosure.
7. International Data Transfers
Where personal data is transferred outside of the European Economic Area (EEA), for example to partners or service providers, we ensure adequate protection by using Standard Contractual Clauses or relying on adequacy decisions issued by the European Commission. These transfers comply fully with applicable data protection laws.
8. Data Retention
We retain personal information for only as long as reasonably necessary to achieve the purposes for which it was collected. Specific retention periods are as follows:
– Usage Data: 12 months
– Account Data: Retained for duration of account and up to 3 years after closure
– Profile Data: Retained for analytical purposes, up to 2 years of inactivity
– Communication Data: Retained for up to 5 years for audit and dispute resolution
– Technical and Transaction Data: Retained for tax and legal compliance for 7 years
– Preference Data: Retained until consent is withdrawn or account termination
Data may be anonymized and retained longer for statistical or research purposes.
9. Cookie Policy
Cookies are small data files placed on your device when visiting shaw-brothers.com. We use various types of cookies:
– Essential Cookies: Required for website functionality and secure navigation
– Functional Cookies: Enable customized settings and remember preferences
– Analytics Cookies: Collect insights into traffic sources and website performance
– Performance Cookies: Help us improve speed and usability based on user interaction
10. Cookie Management and Compliance with GDPR & CCPA
When you first visit shaw-brothers.com, you are presented with a cookie consent banner allowing you to accept or manage your preferences. You may revisit cookie settings at any time and adjust permissions via your browser settings or our Cookie Management Tool. Our systems comply with GDPR and CCPA requirements for consent and data transparency.
Under the CCPA, California residents also have the right to:
– Request disclosure of personal information collected and the purposes of collection
– Request deletion of collected personal information
– Opt-out of the sale or sharing of personal data (we do not sell personal information)
To exercise your CCPA rights, email [email protected] with the subject line “California Privacy Request”.
11. Children’s Privacy
Our services are not directed to individuals under the age of 13. We do not knowingly collect data from children. Should we become aware that personal information of a child has been collected without verifiable parental consent, we will promptly delete such data. If you believe a child has provided us with personal information, please contact us at [email protected].
12. Policy Updates & User Notifications
We reserve the right to update or revise this Privacy Policy at any time to reflect changes in law, technologies, or our practices. Substantive changes will be posted on shaw-brothers.com with a notice clearly highlighting modifications. We encourage users to review this page periodically to remain informed.
13. Contact Us
If you have any questions, concerns, requests, or complaints regarding this Privacy Policy or the manner in which we handle your personal data, please contact our Data Protection team at:
Email: [email protected]
We are committed to addressing any privacy-related concerns in a thorough and timely manner.
This Privacy Policy outlines how Shaw Brothers ensures confidentiality, transparency, and full compliance with all applicable data protection laws. If you have any questions regarding your personal data or wish to exercise your data rights, please do not hesitate to contact us at [email protected].