Privacy Policy
At RPW Southampton (www.rpwsouthampton.com), your privacy is of paramount importance to us. This Privacy Policy outlines our firm commitment to protecting your personal data and maintaining transparency in how we collect, use, disclose, and safeguard any information we gather. We are dedicated to complying with all applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
1. Scope of the Policy and Role as Data Controller
This Privacy Policy applies to visitors, customers, and users of the website rpwsouthampton.com (the “Site”). Unless otherwise stated, RPW Southampton acts as the Data Controller for the processing of your personal information as described herein. This means that we are responsible for deciding how personal data is collected, used, and protected in accordance with relevant regulations.
2. Categories of Data We Process
Depending on how you interact with our Site, we may collect the following types of personal data:
a. Usage Data
We collect data automatically when you visit the Site, including your IP address, browser type and version, time zone setting, pages visited, duration of visits, referral URLs, and session identifiers.
b. Account Data
If you create an account or make a purchase, we may collect your full name, billing and shipping addresses, email address, telephone number, and other relevant identifying information.
c. Profile Data
Profile information includes your preferences, purchase history, behavioral patterns on the Site, wish lists, saved items, and other profile settings.
d. Communication Data
We may collect information related to your communications with us, such as emails, messages submitted via forms, support requests, and records of contact history.
e. Technical Data
Our systems automatically collect device-specific information, including operating system, screen resolution, device type, browser plug-in types and versions, and diagnostic logs.
f. Transaction Data
When a transaction occurs, we may process payment-related information (e.g., masked credit card numbers, billing information), order confirmation details, delivery tracking data, and receipts.
g. Preference Data
We may process your marketing preferences, opt-in/opt-out indicators, indicated product interests, interaction with promotional emails, and other user-configurable settings.
3. Legal Bases for Processing Personal Data
We primarily process personal data under the following lawful bases, pursuant to GDPR Article 6 and regulatory equivalents:
– Contractual Necessity: Processing necessary to perform a contract with you (e.g., fulfilling an order or providing services).
– Legitimate Interest: For business operations, fraud prevention, network security, customer support, and product improvement, provided your interests and rights do not override ours.
– Consent: Where you have provided explicit consent, particularly for receiving marketing communications or enabling non-essential cookies.
– Legal Obligation: Where processing is required to fulfill legal, tax, or regulatory obligations.
4. Your Rights Under Data Protection Law
In compliance with GDPR, CCPA, and other applicable regulations, you have the following rights regarding your personal data:
– Right of Access: You may request confirmation whether we process your personal data and request a copy.
– Right of Rectification: You may request correction of incorrect, incomplete, or outdated information.
– Right to Erasure: You may request that we delete your data, subject to certain legal and contractual limitations.
– Right to Restrict Processing: You may request the limited processing of your data under specific circumstances.
– Right to Data Portability: You may request to receive your personal data in a structured, commonly used, and machine-readable format.
– Right to Object: You may object to processing based on legitimate interests or direct marketing.
– Right to Withdraw Consent: Where consent forms the legal basis, you can withdraw it at any time without affecting prior processing.
To exercise any of these rights, you may contact us at: [email protected].
5. Security Measures
We implement appropriate technical and organizational safeguards to protect your personal data, including but not limited to:
– Encryption of data in transit and at rest
– Role-based access controls and multifactor authentication
– Regular system audits and vulnerability assessments
– Secure data backups and redundancy systems
– Ongoing employee compliance training on data privacy and security
While we strive to protect your data, please be aware that no system is entirely infallible. We encourage users to also take personal precautions to protect their data.
6. International Data Transfers
Your data may be processed or stored on servers located outside your jurisdiction, including in countries that may not offer the same level of data protection. In such instances, we employ appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission or reliance on legally recognized adequacy decisions, to ensure your data remains protected.
7. Data Retention
We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including for legal, accounting, and reporting obligations. Retention periods vary:
– Usage Data: Typically retained for 12–24 months
– Account Data: Retained during active use and up to 5 years after account closure
– Profile Data: Retained while your account is active
– Communication Data: Typically stored for 3 years
– Technical and Transaction Data: Retained for 7 years for legal compliance
– Preference Data: Retained until an opt-out or deletion request is received
Following expiration of the relevant retention period, data is securely deleted or anonymized.
8. Cookie Policy
RPW Southampton uses cookies and similar technologies for various purposes:
– Essential Cookies: Required for proper functionality of the Site (e.g., authentication, session maintenance)
– Functional Cookies: Used to remember choices you make (e.g., language, region)
– Analytics Cookies: Help us understand site usage and improve functionality (e.g., Google Analytics)
– Performance Cookies: Used to monitor and enhance performance metrics of the Site
By using the Site, you consent to the placement of cookies as described in this Privacy Policy, unless you have adjusted your browser settings to decline cookies.
9. Cookie Management and Legal Compliance
You may manage your cookie preferences by using your browser’s cookie preferences or utilizing available opt-out mechanisms and consent tools inserted into the website UI.
To comply with GDPR and CCPA:
– Users within the EU receive a cookie consent banner explaining types of cookies used with clear opt-in options.
– Under CCPA, California residents may opt out of the “sale” of personal information, if applicable, including through cookie-based tracking.
We honor all applicable user rights and preferences.
10. Children’s Privacy and Protections
Our services and Site are not directed toward children under the age of 13. We do not knowingly collect or solicit personal data from individuals under 13 years old. If we learn that personal data of a child under 13 has been collected without verified parental consent, we will promptly delete it. If you believe we have collected such data in error, please contact us at [email protected].
11. Changes to This Privacy Policy
We reserve the right to update this Privacy Policy at any time to reflect changes in legal, regulatory, or operational requirements. Where material changes are made, we will take appropriate measures to inform you, such as notification banners, updated consent prompts, or email correspondence, as required by applicable law.
You are encouraged to review this Privacy Policy periodically to stay informed of how we protect your personal data.
12. Contacting Us
If you have questions or concerns related to this Privacy Policy or your personal data, please contact our privacy team:
Email: [email protected]
Website: https://www.rpwsouthampton.com
We are committed to working with you to resolve any complaint or issue regarding your privacy in full compliance with applicable data protection laws.
—
We take privacy seriously and continuously work toward ensuring strict compliance with GDPR, CCPA, and other relevant legal frameworks. For any concerns or privacy-related inquiries, please contact us directly at [email protected].