Privacy Policy for tonyscott.org
1. Introduction
At tonyscott.org, we are fully committed to safeguarding your personal data and respecting your privacy. We recognize the importance of protecting the confidential information entrusted to us and process your data in accordance with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act of 2018 (“CCPA”), as amended. This Privacy Policy outlines how we collect, use, disclose, and protect your personal information when you engage with our website and services.
2. Scope and Role of Data Controller
This Privacy Policy applies to your use of the website tonyscott.org and any related communications or services provided through the site. The responsible data controller for all personal data collected on or through this website is tonyscott.org. For purposes of European data protection law, tonyscott.org determines the purposes and means of processing your personal information.
If you have any queries or concerns regarding how we manage your data, you may contact us at: [email protected].
3. Categories of Data We Process
We may collect and process the following categories of personal data:
a) Usage Data: Includes information such as IP address, browser type and version, operating system, referral source, pages visited, time and date of visits, user-agent, session duration, and interactions with website elements.
b) Account Data: Information you provide to register or manage an account, including your full name, mailing address, email address, and phone number.
c) Profile Data: Information about your interactions with our services, including your communication preferences, product or content interests, behavioral patterns, and purchase history (if applicable).
d) Communication Data: Includes records of correspondence when you submit support tickets, general inquiries, or other forms of communication through our contact channels.
e) Technical Data: Refers to device-specific information such as your device type, platform, hardware model, internet connection and network identifiers, and system configuration details.
f) Transaction Data: Where applicable, this includes payment details, billing address, delivery information, and transaction history related to purchases or service use.
g) Preference Data: Includes your consent to receive marketing communications, event invitations, newsletter subscriptions, and stated interests in products or services.
4. Legal Bases for Data Processing
We process your personal data under the following legal bases, as permitted under the GDPR and CCPA:
– Consent: Where you have provided explicit, informed consent (e.g., for email marketing).
– Contractual Necessity: When processing is necessary to provide a service or fulfill a contract with you.
– Legal Obligation: When processing is required for us to comply with applicable laws or regulations.
– Legitimate Interest: For purposes such as ensuring website security, improving services, or fraud prevention—where these interests are not overridden by your rights.
5. Your Rights
Subject to applicable law, and under the GDPR and CCPA, you are entitled to the following rights:
– Right of Access: You may request confirmation of whether and how we process your personal data, and obtain a copy of it.
– Right to Rectification: You may request corrections to inaccurate or incomplete data about you.
– Right to Erasure (“Right to be Forgotten”): You may request deletion of your data, subject to legal retention obligations.
– Right to Restriction: You may request limited use of your data under specific conditions.
– Right to Data Portability: You may request a structured, commonly used, machine-readable copy of your data that you provided to us, and have it transmitted to another controller.
– Right to Object: You may object to processing based on our legitimate interest, including for direct marketing purposes.
– Non-Discrimination: Under the CCPA, you have the right not to receive discriminatory treatment for exercising any of your rights.
To exercise any of your rights, please contact us at [email protected].
6. Security Measures
We implement robust technical and organizational measures to secure your personal information, including but not limited to:
– Encryption of data in transit and at rest.
– Access restriction policies governing staff, contractors, and third parties.
– Regular data backups and incident response protocols.
– Ongoing privacy and security training for personnel.
7. International Data Transfers
Where personal data is transferred outside the European Economic Area (EEA), we ensure adequate protection, including the use of Standard Contractual Clauses adopted by the European Commission and compliance with relevant data transfer mechanisms under applicable privacy frameworks.
8. Data Retention
We retain personal data for no longer than necessary in relation to the purposes for which it was collected. Retention periods vary depending on the data type and legal obligations:
– Usage and Technical Data: Up to 12 months for analytics and diagnostic purposes.
– Account and Communication Data: While your account is active and for up to 3 years thereafter.
– Transaction Data: Retained for up to 7 years in accordance with accounting standards and tax law.
– Consent and Preference Data: Retained until consent is withdrawn or the data is no longer relevant for the declared purpose.
We continually review our retention policies to ensure compliance and necessity.
9. Cookie Policy
Our website uses cookies and similar technologies to enhance user experience, analyze traffic, and deliver tailored content. The categories of cookies used include:
– Essential Cookies: Necessary for core functionalities such as security and accessibility.
– Functional Cookies: Enable enhanced features such as remembering your preferences.
– Analytics Cookies: Help us understand user behavior and improve performance.
– Performance Cookies: Monitor system load, identify performance issues, and improve infrastructure.
10. Cookie Management and Regulatory Compliance
Upon your first visit, and periodically thereafter, you are presented with a cookie banner that allows you to manage your cookie preferences. You may withdraw consent or adjust preferences at any time via the Cookie Settings link found on our website.
In compliance with the GDPR and CCPA, we honor user choices, opt-out signals, and Do Not Track settings where applicable. Specific consent is requested before setting any non-essential cookies.
11. Children’s Privacy
We do not knowingly collect or solicit personal data from individuals under the age of 13. If you are a parent or guardian and believe that a child under 13 has provided us with data, please contact us at [email protected] so we may take appropriate action, including deletion of such records.
12. Policy Updates
We reserve the right to update this Privacy Policy to reflect changes in our practices, relevant legal or regulatory frameworks, or improvements to our website and services. Significant changes will be notified to users through the website or via email where appropriate. You are encouraged to review this page periodically to stay informed about how we protect your data.
13. Contact
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact:
Email: [email protected]
Website: https://tonyscott.org
We are committed to protecting your privacy and complying with data protection regulations. Please do not hesitate to reach out to us with any concerns or inquiries related to your data rights and protective measures.
