Privacy Policy
1. Introduction
At RPW Southampton (“we”, “us”, or “our”), accessible via rpwsouthampton.com, we value your privacy and are committed to safeguarding the personal data you entrust to us. This Privacy Policy outlines how we collect, use, disclose, and protect your information in accordance with the General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”), the UK GDPR, the California Consumer Privacy Act (“CCPA”), and other applicable data protection laws. We are dedicated to maintaining the confidentiality, integrity, and availability of your personal data through transparent practices.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of rpwsouthampton.com, including individuals who browse our website, submit inquiries, or engage with our services. RPW Southampton is the data controller with respect to personal data collected through rpwsouthampton.com and related communications. As a data controller, we determine the purposes and means by which personal data is processed.
3. Categories of Personal Data Processed
We process the following categories of personal data:
a) Usage Data
Information automatically collected when you interact with our website, including browser type, IP address, referring URL, time zone, page interactions, and session timestamps.
b) Account Data
Information provided voluntarily when creating an account or placing an order, such as full name, billing and shipping address, email address, and telephone number.
c) Profile Data
Information pertaining to your activity and preferences on our platform, including purchase history, saved items, product reviews, and other behavioral data.
d) Communication Data
Information related to inquiries or communications with us, including email correspondence, support tickets, and any other contact history.
e) Technical Data
Device and system-related data including device type, operating system, screen resolution, language settings, and system configurations used to access our services.
f) Transaction Data
Details pertaining to transactions on rpwsouthampton.com, including payment information, billing details, order contents, and delivery tracking.
g) Preference Data
Marketing and communication preferences, opt-in/opt-out choices, and interest indicators you may provide regarding product categories or promotional content.
4. Legal Bases for Processing Personal Data
We process your data under one or more of the following lawful bases:
a) Consent – When you have provided express consent to process your data for a specific purpose, such as receiving marketing material.
b) Contract – Where processing is necessary to perform a contract or to take steps at your request before entering into a contract.
c) Legal Obligation – Where processing is required for compliance with a legal obligation imposed by applicable law.
d) Legitimate Interest – Where processing is necessary for our legitimate business interests, such as improving the quality of our services, provided that such interests are not overridden by your fundamental data rights.
5. Your Rights Under Data Protection Laws
Where applicable under the GDPR, UK GDPR, or CCPA, you have the following rights regarding your personal data:
a) Right of Access – To obtain confirmation as to whether your data is being processed and access to such data.
b) Right to Rectification – To request correction of inaccurate or incomplete personal data.
c) Right to Erasure (“Right to be Forgotten”) – To request deletion of your data where processing is no longer necessary, or you have withdrawn consent.
d) Right to Restriction – To limit the ways in which we process your data under certain conditions.
e) Right to Data Portability – To receive your personal data in a structured, commonly-used, machine-readable format and transmit it to another controller.
f) Right to Object – To object to processing based on legitimate interests or direct marketing.
g) Right to Non-Discrimination (CCPA) – You will not receive any discriminatory treatment for exercising your CPRA/CCPA rights.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We take the security of your data seriously and implement appropriate technical and organizational safeguards. These include but are not limited to:
– End-to-end encryption during transmission and storage of sensitive information;
– Role-based access controls to ensure only authorized personnel access your data;
– Regular data backups to ensure continuity;
– Staff training on data protection and information security protocols;
– Use of secure socket layer (SSL) technology when transmitting data via rpwsouthampton.com.
7. International Data Transfers
Where personal data is transferred outside the UK or European Economic Area (EEA), such transfers are subject to appropriate safeguards including, where applicable, the use of the European Commission’s Standard Contractual Clauses or equivalent mechanisms under UK law. We ensure that all third parties outside your jurisdiction receiving your data provide a level of protection that is consistent with applicable privacy regulations.
8. Data Retention
We retain your personal data only as long as necessary for the purposes it was collected. Specific retention periods include:
– Usage and Technical Data: Retained up to 24 months for analytics and security functions.
– Account and Profile Data: Retained for up to 6 years following account inactivity or closure for audit and legal compliance.
– Transaction and Communication Data: Maintained for a minimum of 7 years for accounting, legal, and fraud prevention obligations.
– Preference Data: Retained until consent is withdrawn or otherwise updated by the user.
Once data is no longer required, it is securely destroyed or anonymized.
9. Cookie Policy
rpwsouthampton.com uses cookies to enhance your browsing experience. These include:
a) Essential Cookies – Necessary for website functionality, such as navigation and order processing.
b) Functional Cookies – Used to remember user selections (e.g., language preferences).
c) Analytics Cookies – Help us understand visitor interactions for performance improvements via services such as Google Analytics.
d) Performance Cookies – Collect data on load times, interaction flows, and technical errors to improve site performance.
Cookies may be controlled using your browser settings. Third-party cookies are subject to their respective policies.
10. Cookie Management and Compliance
Upon your first visit to rpwsouthampton.com, we request your consent to use non-essential cookies in compliance with the GDPR and CCPA. You may adjust your cookie preferences at any time through the cookie settings banner or by configuring your browser settings to refuse some or all cookies. Note that disabling certain cookies may affect website performance or functionality.
In accordance with the CCPA, we honor browser-based “Do Not Track” and Global Privacy Control signals to the extent required under California law.
11. Children’s Data Protection
rpwsouthampton.com is not intended for use by individuals under the age of 13. We do not knowingly collect personal data from children under this age. If we become aware that a child has submitted personal data without appropriate parental consent, we will promptly delete such data. Parents or guardians who believe their child has provided us with personal information should contact us at [email protected].
12. Policy Updates and Notifications
We reserve the right to update this Privacy Policy to reflect changes in legal, technical, or business developments. Any material changes will be communicated through appropriate channels, including notices on rpwsouthampton.com. Continued use of the site following such updates signifies your acceptance of the revised policy.
13. Contact
If you have questions or concerns about this Privacy Policy or your data rights, please contact us at:
Email: [email protected]
We are committed to investigating all privacy-related inquiries in a timely and respectful manner.
—
We affirm our commitment to full compliance with all applicable data protection laws, including the GDPR and the CCPA. For any questions or requests regarding the handling of your personal data, please reach out to us directly using the contact information provided above.