Privacy Policy for Hole in 1 Bagels
Hole in 1 Bagels (“we,” “our,” “us”) values your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, share, and protect your information when you interact with our website, holein1bagels.com, and describes the rights and choices you have with respect to your personal data.
1. Commitment to Privacy and Data Protection
We are dedicated to ensuring the confidentiality, integrity, and lawful processing of personal data. Your privacy is a top priority, and we take extensive measures to comply with all applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This policy reflects our dedication to responsible data stewardship and transparency in how we handle your information.
2. Scope of the Policy and Role as Data Controller
This Privacy Policy applies to the personal data collected through holein1bagels.com and associated communication channels. For the purposes of applicable privacy laws, Hole in 1 Bagels is the “data controller,” meaning we determine the purposes and methods for processing your personal data.
3. Categories of Data Processed
We may collect and process the following categories of personal data:
– Usage Data: Includes information about how you interact with holein1bagels.com, such as your IP address, browser type, device identifiers, access times, pages viewed, referring websites, and session durations.
– Account Data: Includes your name, email address, phone number, physical address, and any other information you provide when creating an account or placing an order.
– Profile Data: Includes details about your product preferences, order history, contact preferences, marketing responses, and user behavior on our website.
– Communication Data: Includes correspondence through customer support inquiries, chat logs, submitted forms, and records of conversations or interactions.
– Technical Data: Includes technical details about the device you use to access our site, such as operating system, operating platform, hardware version, browser plug-ins, screen resolution, and system settings.
– Transaction Data: Includes order details, billing information, shipping address, payment method, and delivery status.
– Preference Data: Includes your consent preferences for receiving promotions, brand notifications, and interest in specific products or services.
4. Legal Bases for Processing
We process your personal data only where we have a valid legal basis, including:
– Consent: When you have given us explicit permission to use your data for specified purposes (e.g., subscribing to a newsletter or receiving promotional emails).
– Contractual Necessity: To fulfill our contractual obligations to you, such as processing orders and managing your account.
– Legitimate Interests: When the processing is necessary for our legitimate business interests, such as improving our website performance or preventing fraud, and these interests do not override your rights.
– Legal Obligation: Where processing is required to comply with legal obligations, such as accounting or tax regulations.
5. Your Data Protection Rights
Depending on your location, you may have the following rights under data protection laws:
– Right of Access: Receive confirmation and access to your personal data held by us.
– Right to Rectification: Request corrections to any inaccurate or incomplete data.
– Right to Erasure: Request deletion of your personal data under certain circumstances (“right to be forgotten”).
– Right to Restriction: Request limitation of the processing of your personal data.
– Right to Portability: Request that we transfer your data to another data controller in a structured, commonly used, and machine-readable format.
– Right to Object: Object to the processing of your personal data for direct marketing or other purposes based on legitimate interest.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement appropriate technical and organizational safeguards to protect your personal data against unauthorized access, disclosure, alteration, or destruction. These include:
– Secure Socket Layer (SSL) encryption for data transmission.
– Access control policies restricting access to personal data.
– Regular backups and business continuity planning.
– Staff training on data protection principles and secure handling of personal data.
7. International Transfers
We may transfer and process your personal data outside your country of residence, including to countries that may not provide the same level of protection. In such cases, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission, to ensure lawful data transfers and protection.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for legal, regulatory, accounting, or reporting requirements. Retention periods vary by data category:
– Usage Data: Up to 12 months from the date of collection.
– Account and Transaction Data: Retained for at least 7 years to comply with tax and financial obligations.
– Communication Data: Up to 3 years after the last contact.
– Marketing Preference Data: Until you withdraw consent or opt out.
– Technical and Profile Data: Retained consistent with usage data policies.
9. Cookie Policy
Holein1bagels.com uses cookies and similar tracking technologies to enhance your browsing experience. These may include:
– Essential Cookies: Necessary for website functionality and user authentication.
– Functional Cookies: Enable personalization and remembered settings.
– Analytics Cookies: Used to understand website traffic, user behavior, and performance.
– Performance Cookies: Help improve response times, media rendering, and site efficiency.
10. Cookie Management and Compliance
You can manage your cookie preferences directly in your browser settings or through the cookie banner offered on holein1bagels.com. Where required by GDPR and CCPA, non-essential cookies will only be activated with your explicit consent. You may opt in or out at any time without affecting your ability to use the website.
11. Children’s Data Protection
We do not intentionally collect or process personal data from individuals under the age of 13. If we learn that a child under 13 has provided personal data without verified parental consent, we will delete such information as quickly as practicable. Parents or legal guardians with concerns may contact us directly at [email protected].
12. Policy Updates and User Notification
We reserve the right to amend this Privacy Policy to reflect changes in legal, regulatory, operational, or technological circumstances. Any material changes will be communicated via our website or by direct communication where feasible. Continued use of holein1bagels.com following an update constitutes acceptance of the revised policy.
13. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or the way we handle your data, you may contact us at:
Hole in 1 Bagels
Email: [email protected]
We are committed to full compliance with applicable privacy laws and to responding promptly and effectively to any data privacy concerns or inquiries.
