Privacy Policy - Spam a Lot London

At Spamalot London, accessible via spamalotlondon.com, we value and respect your right to privacy. We are committed to safeguarding the personal data you share with us and ensuring transparency in how we collect, use, and protect it. This Privacy Policy explains our practices regarding your personal information under applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act (“CCPA”).

1. COMMITMENT TO PRIVACY AND DATA PROTECTION

We are dedicated to protecting the privacy and confidentiality of individuals who interact with our products and services, whether via our website, email communication, or any other means. All data collected is processed with care, transparency, and in line with our privacy-first standards.

2. SCOPE OF THIS POLICY & DATA CONTROLLER ROLE

This Privacy Policy applies to personal data processed through our website at spamalotlondon.com and related services. Spamalot London operates as the data controller concerning your personal data. This means we determine the purposes and means of processing your data.

This policy covers data collected from users, customers, newsletter subscribers, and other individuals who access our website or engage with us.

3. CATEGORIES OF PERSONAL DATA PROCESSED

We process various categories of personal data depending on your interaction with our website and services:

a) Usage Data
Data related to your interaction with the website, such as:
– IP address
– Browser type and version
– Operating system and platform
– Device identifiers
– Date/time and pages visited
– Referral sources
– Session duration and exit pages

b) Account Data
Information provided when creating or managing an account:
– Full name
– Mailing address
– Email address
– Phone number
– Login credentials

c) Profile Data
Information reflecting your website preferences and engagement:
– Purchase history
– Wishlist or saved products
– Browsing behavior
– Interests and demographic information

d) Communication Data
Details shared in correspondence via our support channels or contact forms:
– Customer service inquiries
– Email history
– Feedback or testimonials

e) Technical Data
Device and system-related information used to optimize functionality:
– Device operating system and version
– Browser plug-in types
– Network information
– System configurations

f) Transaction Data
Payment-related and order fulfillment data:
– Payment method details (processed securely through third-party payment processors)
– Billing information
– Delivery addresses
– Purchase timestamps

g) Preference Data
Marketing and notification choices:
– Opt-in consents for marketing communications
– Preferred communication channels
– Product category interests

4. LEGAL BASES FOR PROCESSING

We process your personal data using one or more of the following lawful grounds under GDPR and relevant CCPA provisions:

– Consent: When you expressly agree to our processing (e.g., subscribing to marketing emails).
– Contract: To fulfill a contract with you or take steps before entering into one (e.g., order processing).
– Legal Obligation: To comply with legal or regulatory responsibilities (e.g., tax, fraud prevention).
– Legitimate Interest: When processing is necessary for our legitimate interests, provided these are not overridden by your rights (e.g., website analytics, improving user experience).

Under the CCPA, you have the right to know, access, delete, and opt out of the sale of your personal data, as detailed below.

5. YOUR RIGHTS

As a data subject, you have the following rights in accordance with data protection law:

– Right of Access: You may request confirmation of whether we hold personal data concerning you and obtain a copy.
– Right to Rectification: You may request correction of inaccurate or incomplete personal data.
– Right to Erasure: You have the right to request deletion of your personal data, subject to statutory exceptions.
– Right to Restriction: You may request limitation of data processing under certain circumstances.
– Right to Data Portability: You may receive your data in a structured, commonly used format and request its transfer to another data controller.
– Right to Object: You may object to the processing of personal data based on our legitimate interest.
– Right to Withdraw Consent: Where we rely on consent, you may withdraw it at any time.
– CCPA Rights (for California residents): The right to request disclosure, deletion, and opt out of the sale of your personal information. We do not sell personal data.

To exercise any of these rights, please contact us at [email protected].

6. SECURITY MEASURES

We implement technical and organizational measures to ensure a high level of security for your personal data, including:

– TLS encryption of data in transit
– Secure firewalls and intrusion prevention
– Role-based access control and password policies
– Regular data backups and integrity checks
– Security training for staff and internal access audits

Nevertheless, no platform is entirely immune to risk. While we strive to protect your data, you acknowledge that transmission over the internet may never be fully secure.

7. INTERNATIONAL DATA TRANSFERS

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA) or California. Where such transfers occur, we ensure they are conducted in compliance with applicable laws, implementing mechanisms such as:

– Standard Contractual Clauses approved by the European Commission
– Adequacy Decisions (where applicable)
– Contractual safeguards and data processing agreements with external vendors and cloud services

8. DATA RETENTION

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, as well as to comply with legal obligations and enforce our agreements. Standard retention periods vary by data type:

– Usage Data: up to 24 months for analytics purposes
– Account Data: for the duration of the account and a maximum of 6 years after closure
– Transaction Data: retained for 7 years for tax/audit compliance
– Communication Data: retained for up to 36 months post-interaction
– Preference and Consent Data: retained until you update your preferences or withdraw consent

We regularly assess our retention schedule and securely delete data no longer required.

9. COOKIE POLICY

Our website uses cookies and similar technologies to enhance your browsing experience, provide personalized features, and collect analytical insights. Cookies used include:

– Essential Cookies: Needed for core site functionality (e.g., login, checkout)
– Functional Cookies: Enable enhanced features such as saved preferences
– Analytics Cookies: Help us understand visitor interaction with the website (e.g., Google Analytics)
– Performance Cookies: Monitor site performance and ensure optimal operation

10. COOKIE MANAGEMENT & USER CONTROL

In compliance with GDPR and CCPA requirements, we provide transparent options to manage your cookie preferences. Upon first visit, you will be prompted with a cookie banner where you may:

– Accept all cookies
– Customize your preferences
– Reject non-essential cookies

You may also modify your cookie settings through your browser at any time. Do note that disabling certain cookies may impact your experience on spamalotlondon.com.

11. CHILDREN’S PRIVACY

Our services are not directed at children under the age of 13. We do not knowingly collect personal data from children without verified parental consent. If we become aware that a child under 13 has provided us with personal data, we will take prompt steps to delete such data.

12. POLICY UPDATES & USER NOTIFICATIONS

We may modify or update this Privacy Policy from time to time to reflect legal, operational, or procedural changes. While we will endeavor to notify users of material updates, we encourage you to periodically review the latest version, which will always be available on spamalotlondon.com.

Continued use of our website signifies acceptance of the current policy.

13. CONTACT US

For any questions, concerns, or requests regarding your personal data or this Privacy Policy, please reach out to us at:

Spamalot London
Email: [email protected]
Website: spamalotlondon.com

We are committed to resolving privacy concerns in a timely and transparent manner.

This Privacy Policy is designed to meet the requirements of the GDPR and CCPA. For any privacy-related inquiries, please don’t hesitate to contact us.