Privacy Policy for patatgonia.com
1. Introduction
At patatgonia.com, we are committed to safeguarding your personal privacy and protecting your personal data. We take your privacy seriously and process your personal information with the highest standards of security and transparency. This Privacy Policy outlines how we collect, use, store, and protect your information in accordance with applicable privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Our commitment is rooted in respect for your rights and our responsibility as data custodians.
2. Scope of This Policy and Our Role as Data Controller
This Privacy Policy applies to all users of our website, patatgonia.com, and any associated services offered through it. As the data controller, Patatgonia (“we”, “us”, or “our”) determines the purposes and means of processing your personal data. This policy governs all data collected from users residing in the European Union, the United States, or elsewhere, and outlines our practices wherever we process personal data.
3. Categories of Personal Data We Process
We may process the following categories of personal data, either directly from you or through the automated use of cookies and tracking technologies:
a. Usage Data
Includes information about your interaction with patatgonia.com, such as IP address, browser type and version, device identifiers, server logs, pages visited, visit duration, and referral sources.
b. Account Data
Includes identifiers provided during account creation or service registration, including your full name, billing and shipping addresses, email address, and telephone number.
c. Profile Data
Includes demographic information, product preferences, feedback, shopping behavior, wishlists, submitted reviews, and interactive site activities.
d. Communication Data
Includes content and metadata of all communication between you and us, such as customer support requests, contact forms, chat logs, and email correspondence.
e. Technical Data
Includes device details such as operating system, system settings, screen resolution, browser plug-in types, internet service provider, and system configuration data.
f. Transaction Data
Includes purchase history, payment methods (excluding full card details), transaction timestamps, delivery details, and fulfillment status.
g. Preference Data
Includes your marketing and communication preferences, interest areas, participation in surveys, and product or service affinities.
4. Legal Bases for Processing
We rely upon the following legal bases to process personal data in compliance with GDPR and similar frameworks:
– Consent: When you opt-in to receive newsletters, marketing messages, or accept non-essential cookies.
– Contractual Necessity: To fulfill obligations when you purchase products or register for services.
– Legitimate Interests: To improve services, protect the integrity of our website, or prevent fraud, provided such interests are not overridden by your rights.
– Legal Obligations: To comply with laws, regulations, or court orders applicable to us.
5. Your Rights
Under GDPR (for EU residents) and CCPA (for California residents), you have the right to:
– Access: Request a copy of your personal data held by us.
– Rectification: Request correction of inaccurate or incomplete personal data.
– Erasure: Request deletion of your personal data, subject to legal or operational retention requirements.
– Restriction: Request restriction of data processing in certain circumstances.
– Portability: Request transmission of your personal data to another data controller in a structured, machine-readable format.
– Objection: Object to processing carried out based on legitimate interest.
– Withdrawal of Consent: Withdraw consent at any time without affecting the legality of prior processing.
– Non-Discrimination: Exercise rights under CCPA without receiving discriminatory treatment.
Please contact us at [email protected] to exercise these rights.
6. Security Measures
We implement robust technical and organizational security controls to ensure your data is processed securely and protected against unauthorized access, alteration, disclosure, or destruction. Our measures include:
– Industry-standard encryption protocols (HTTPS, TLS)
– Network firewalls and intrusion detection systems
– Secure user authentication and restricted system access
– Regular data backups
– Employee training in data security best practices
– Continuous monitoring and vulnerability remediation
7. International Data Transfers
We may process or transfer your personal data to entities located outside your country of residence, including jurisdictions not deemed to provide an adequate level of data protection by the European Commission or other authorities. Where transfers occur, we implement one or more of the following safeguards:
– Standard Contractual Clauses approved by the European Commission
– Participation in approved certification mechanisms
– Binding corporate rules, where applicable
– Additional technical and contractual safeguards as required by local regulations
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable laws and regulations. Specific retention timeframes include:
– Account Data: Retained for as long as your account remains active, and for up to 7 years thereafter for audit and legal compliance.
– Usage and Technical Data: Retained for up to 12 months for security and analytics.
– Communication Data: Retained for 3 years after the last interaction for support verification and dispute resolution.
– Transaction Data: Retained for at least 7 years to comply with accounting and taxation regulations.
– Preference and Marketing Data: Retained until withdrawal of consent or up to 2 years after the last interaction.
9. Cookie Policy
Our website uses cookies and similar technologies to enhance user experience and site performance. Cookies fall into the following categories:
– Essential Cookies: Necessary for site functionality, such as authentication and cart management.
– Functional Cookies: Enable enhanced personalization and site preferences.
– Analytics Cookies: Help us understand user behavior and improve services, often processed using tools such as Google Analytics.
– Performance Cookies: Monitor website performance metrics and usage trends.
We do not use cookies to gather personally identifiable information without your consent.
10. Cookie Management and Compliance
Upon visiting patatgonia.com, you will have the opportunity to set your cookie preferences through our Cookie Consent Banner. Under the GDPR and CCPA, you have the right to:
– Accept or reject non-essential cookies
– Update cookie preferences at any time via our Cookie Settings tool
– Request disclosure of data collected via cookies
– Opt-out of the sale of personal data where applicable under CCPA
Browser settings can also be adjusted to refuse cookies, which may impact certain website functionalities.
11. Children’s Data
We do not knowingly collect or solicit personal data from children under the age of 13. If we become aware that data was collected from a minor without verified parental consent, we will promptly delete such information. Parents or guardians who believe their child has provided personal data without consent should contact us immediately at [email protected].
12. Policy Updates
We reserve the right to amend this Privacy Policy to reflect changes in legal obligations or business practices. Substantive changes will be communicated to users via prominent site notices, email, or updated banners. Continuing to use our services after such updates constitutes acceptance of the revised terms.
13. Contact Us
For any inquiries, requests, or concerns regarding your personal data or this Privacy Policy, you may contact:
Email: [email protected]
Website: https://www.patatgonia.com
We are fully committed to upholding your privacy rights and complying with the applicable data protection laws including GDPR and CCPA. Please do not hesitate to reach out if you have questions regarding how your information is handled.