Privacy Policy for johnbrocheler.com
1. Introduction – Commitment to Privacy and Data Protection
At johnbrocheler.com (“we,” “our,” “us”), we are dedicated to safeguarding the privacy and personal data of every visitor, user, and individual who engages with our website and services. We uphold the highest standards of data protection and process personal information with full transparency, fairness, and in accordance with applicable international privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
This Privacy Policy outlines how we collect, use, disclose, and protect your personal information and your rights in relation to your data.
2. Scope of this Policy and Data Controller Role
This Policy applies to personal data we collect through our website (johnbrocheler.com), including all related domains, platforms, and services offered. In relation to the processing of your personal data, johnbrocheler.com acts as the “data controller,” as defined under relevant data protection legislation. We determine the purposes and means of processing your information.
By accessing johnbrocheler.com or providing us with your data, you acknowledge and accept this Privacy Policy.
3. Categories of Data Processed
We may collect and process the following categories of personal data:
a) Usage Data
Information collected automatically when you use our website, including:
– Browser type and version
– IP address
– Device identifiers
– Pages visited, referring/exit URLs
– Session timestamps
– Interaction data with site elements
b) Account Data
Information you provide when creating an account or placing an order:
– Full name
– Mailing address
– Email address
– Telephone number
c) Profile Data
Details related to your interaction with our services:
– Purchase history
– Saved preferences
– User behavior on the website
– Feedback and reviews
d) Communication Data
Data generated from communications between you and us:
– Support or helpdesk queries
– Email correspondence
– Message content and follow-ups
e) Technical Data
Device-related information gathered during use:
– Operating system and platform
– Time zone settings
– Browser plug-in types
– Network identifiers and system configurations
f) Transaction Data
Details associated with transactions or orders:
– Products purchased
– Billing address
– Shipping address
– Payment method (processed securely via third-party providers)
g) Preference Data
Information relating to your marketing and communication choices:
– Subscription and opt-in/opt-out preferences
– Declared interests or preferences for products/services
4. Legal Bases for Processing
We process your personal data in accordance with the following legal bases:
– Consent: When you voluntarily provide information (e.g., newsletter subscription, account creation).
– Contractual Necessity: To fulfill an agreement (e.g., processing transactions).
– Legal Obligation: To comply with applicable laws and regulations.
– Legitimate Interests: To improve and secure our services, including fraud detection, analytics, and direct communications, provided these do not override your fundamental rights.
5. Your Rights
Under applicable data protection legislation, you have the following rights:
– Right of Access: Request a copy of the data we hold about you.
– Right to Rectification: Request corrections to inaccurate or incomplete data.
– Right to Erasure: Request deletion of personal data, subject to legal retention obligations.
– Right to Restriction: Restrict the use of your data under certain circumstances.
– Right to Data Portability: Request your data in a structured, commonly used machine-readable format.
– Right to Object: Object to our use of your data based on legitimate interest or direct marketing.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We apply strict technical and organizational measures to safeguard your data:
– End-to-end encryption of sensitive information
– Secure storage and hosting infrastructure
– Role-based access controls and authentication requirements
– Regular security training for staff handling data
– Scheduled backups and recovery procedures
7. International Data Transfers
Where personal data is transferred outside of the European Economic Area (EEA) or your local jurisdiction, we implement standard contractual clauses, recognized adequacy mechanisms, or other appropriate safeguards in compliance with GDPR and CCPA requirements to ensure the continued protection of your information.
8. Data Retention
We retain personal data only for as long as necessary for the purposes for which it was collected, as outlined below:
– Usage Data: up to 12 months
– Account and Profile Data: as long as the account is active, plus 6 years thereafter for legal compliance
– Communication Data: 3 years following last contact
– Transaction Data: 7 years, in compliance with tax and accounting standards
– Preference Data: until consent is withdrawn or the data becomes obsolete
Upon expiration of the applicable retention period, personal data is securely deleted or anonymized.
9. Cookie Policy
johnbrocheler.com uses cookies and similar technologies to enhance your experience and analyze website traffic. These include:
– Essential Cookies: Required for website functionality and accessibility.
– Functional Cookies: Remember user preferences and settings.
– Analytics Cookies: Provide insights into site usage to improve performance.
– Performance Cookies: Monitor page load speeds and usability metrics.
A complete breakdown of cookies in use can be viewed on our Cookie Management page.
10. Cookie Management and Compliance
You have full control over cookie preferences and can manage or revoke consent at any time via our cookie banner or browser settings. We comply with the transparency and consent obligations under both GDPR and CCPA, including:
– Providing opt-in consent mechanisms for non-essential cookies.
– Offering do-not-sell-my-data options for California residents.
– Enabling withdrawal of cookie consent without penalty.
11. Special Protections for Children Under 13
johnbrocheler.com does not knowingly collect or solicit personal data from children under the age of 13. If we become aware that we have collected data from a child without appropriate parental consent, we will promptly delete such information. If you believe a child under 13 has submitted data, contact us immediately at [email protected].
12. Policy Updates and User Notifications
We reserve the right to update this Privacy Policy to reflect changes in legal, regulatory, or operational requirements. Where changes are material, we will provide clear notice via the website or directly to affected users, wherever necessary. Continued use of the website after such updates constitutes your acceptance of the revised policy.
13. Contact Information
If you have questions, concerns, or wish to exercise any of your privacy rights, please contact us at:
Email: [email protected]
We are committed to addressing all inquiries in a timely and transparent manner.
—
This Privacy Policy demonstrates our compliance with applicable privacy laws, including GDPR and CCPA. For any data protection or privacy-related concern, please reach out to us—we are here to support and protect your rights.