Privacy Policy – Cliftons at Night

1. Introduction

Cliftons at Night (“we,” “our,” or “us”) is committed to protecting the privacy and personal data of all visitors, customers, and users of our website, cliftonsatnight.com. We take data protection seriously and handle your information in accordance with applicable data protection and privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we collect, use, share, protect, and respect your personal data.

2. Scope and Data Controller

This Privacy Policy applies to the collection and processing of personal data from users of the website cliftonsatnight.com. For the purposes of applicable data protection laws, the data controller responsible for your personal information is Cliftons at Night. You may contact us at [email protected] regarding any questions or concerns about your personal data or this Privacy Policy.

3. Categories of Data Processed

We may collect and process the following categories of personal data:

a. Usage Data
Includes information about how you use our website, such as browser type, IP address, access times, pages viewed, referring URLs, session data, and other diagnostic data.

b. Account Data
Includes registration details such as your full name, billing and shipping address, email address, telephone number, and login credentials.

c. Profile Data
Includes data derived from your use of the website and services, such as your preferences, feedback, interests, browsing behavior, and purchase history.

d. Communication Data
Includes records of correspondence or support interactions between you and our support team, including emails, contact form messages, and chat transcripts.

e. Technical Data
Includes information about the devices you use to access cliftonsatnight.com, including device type, operating system, system settings, language preferences, and screen resolution.

f. Transaction Data
Includes order details, billing information, payment method details (note: we do not retain full payment card information), order history, and delivery addresses.

g. Preference Data
Includes your communication preferences, such as consent to receive marketing materials, and stated interests in specific products or content.

4. Legal Bases for Processing

We process your personal data in accordance with the following lawful bases, depending on the nature of the interaction:

– Consent: Where you have provided explicit consent, particularly for marketing and use of non-essential cookies.
– Contract: When processing is necessary to fulfill a contractual obligation with you, such as providing products or services.
– Legal Obligation: When required to comply with a legal or regulatory requirement.
– Legitimate Interests: When processing is necessary for our legitimate interests (such as analytics, improving our website and services, or detecting fraud), provided such interests are not overridden by your rights and interests.

5. Your Rights

In accordance with the GDPR and CCPA, and subject to applicable limitations, you have the following rights with respect to your personal data:

– Right of Access: Know what personal data we hold about you and how we process it.
– Right of Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your data, subject to legal retention requirements.
– Right to Restrict Processing: Request a temporary halt to processing in certain instances.
– Right to Data Portability: Obtain and reuse your personal data across different services.
– Right to Object: Object to processing based on legitimate interests or direct marketing.
– Right Not to Be Subject to Automated Decision-Making: You will not be subject to decisions based solely on automated processing without your explicit consent.
– Right to Nondiscrimination: CCPA grants you the right not to be discriminated against for exercising any of your privacy rights.

To exercise any of these rights, please email us at [email protected].

6. Security Measures

We implement robust technical and organizational measures to ensure the confidentiality, integrity, and availability of your personal data, including but not limited to:

– SSL/TLS encryption for data in transit
– Encrypted storage for sensitive data
– Strict access controls based on role and necessity
– Regular data backups and continuity planning
– Security and data protection training for staff and contractors

While no system is entirely immune to risk, we are committed to maintaining a high standard of data security and responding promptly to any data breach.

7. International Data Transfers

Where we transfer personal data outside the European Economic Area (EEA), such transfers are made:

– To countries recognized as providing an adequate level of protection by the European Commission; or
– Subject to legally approved safeguards, such as the use of Standard Contractual Clauses or Binding Corporate Rules.

Users outside the United States accessing cliftonsatnight.com should be aware that their information may be transferred to and processed in the United States, where laws regarding data protection may differ.

8. Data Retention

We retain personal data only as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. The retention schedule varies by data category:

– Account Data: retained for the life of the account and up to 6 years post-closure
– Transaction Data: retained for 7 years for accounting and tax compliance
– Communication Data: retained for 3 years from date of the communication
– Technical and Usage Data: retained for up to 24 months
– Marketing and Preference Data: retained until the withdrawal of consent or 24 months following last interaction, whichever comes first

9. Cookie Policy

Cliftons at Night uses cookies and similar tracking technologies to operate and enhance the website. We classify cookies as:

– Essential Cookies: Required for the proper operation of the website (e.g., session ID, authentication).
– Functional Cookies: Enable personalization and enhanced functionalities.
– Analytics Cookies: Help us understand user interaction to improve performance and user experience.
– Performance Cookies: Track performance metrics and application speed.

See our full Cookie Notice on cliftonsatnight.com for detailed descriptions.

10. Cookie Management and Compliance

In compliance with GDPR and CCPA, we require your consent before placing non-essential cookies on your browser. Upon your first visit, a cookie consent prompt will allow you to accept or reject various categories of cookies. You can modify your cookie preferences through the website’s footer or settings panel at any time.

You may also control cookies through your browser settings; however, disabling essential cookies may impact the website’s functionality.

11. Children’s Data Protection

Cliftons at Night does not knowingly collect or solicit personal information from children under the age of 13. If we become aware that a child under 13 has provided us with personal data, we will promptly delete such information. If you believe we might have data from a child, please contact us immediately at [email protected].

12. Policy Updates

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or technologies. Any significant changes will be communicated clearly on cliftonsatnight.com or via direct notice where applicable. You are encouraged to review this policy regularly to stay informed about how we protect your data.

13. Contact Us

If you have any questions about this Privacy Policy, your rights under applicable data protection laws, or the handling of your personal data, please contact us:

Email: [email protected]
Website: cliftonsatnight.com

We are committed to full compliance with applicable data protection laws and welcome any inquiries regarding the safeguarding of your information.