PRIVACY POLICY
Lucinda Lambton (“we,” “our,” or “us”) is committed to protecting and respecting your privacy. This Privacy Policy outlines how we handle personal data collected through our website www.lucindalambton.com (“Website”), and how we ensure compliance with applicable privacy laws including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant data protection legislation.
By visiting or using the Website, you accept and consent to the data practices described in this Privacy Policy.
1. COMMITMENT TO PRIVACY AND DATA PROTECTION
At lucindalambton.com, we place a high priority on the confidentiality and integrity of your personal information. We take all reasonable and proportionate steps to ensure that your data is used responsibly, kept secure at all times, and processed lawfully and transparently.
2. SCOPE OF THIS POLICY AND DATA CONTROLLER ROLE
This Privacy Policy applies to all visitors, users, and others who access or use the Website. The data controller for the purposes of GDPR and similar legislation is Lucinda Lambton. If you have any questions about this policy or your personal data, you may contact us at [email protected].
3. CATEGORIES OF PERSONAL DATA WE PROCESS
We may collect and process the following categories of personal data, either directly from you or through your interaction with our Website:
a) Usage Data: Information such as IP address, browser type, browser version, pages visited, visit times and durations, referral sources, and Internet service provider.
b) Account Data: Information you provide when registering for any account with us (if applicable), including your name, postal address, email address, and telephone number.
c) Profile Data: User preferences, purchase history, browsing behavior, and profile activities made while interacting with our services (if such features are offered via the Website).
d) Communication Data: Data derived from communications that you send to us, including messages submitted via contact forms or email correspondence, and records of customer service interactions.
e) Technical Data: Information collected from your device (desktop, tablet, or mobile) such as operating systems, device identifiers, hardware versions, language settings, and system configurations.
f) Transaction Data: Payment details and order history, including billing and shipping addresses, processed securely via trusted third-party providers.
g) Preference Data: Marketing consent choices, newsletter subscriptions, and stated interests regarding our products, services, or updates.
4. LEGAL BASES FOR PROCESSING
We rely on several lawful bases for processing personal data as permitted under GDPR and as applicable under other international privacy laws:
– Consent: Where you have given express permission (e.g., opting in to receive newsletters).
– Contract: When processing is necessary to fulfill our obligations under a contract with you.
– Legal obligation: To comply with statutory or legal requirements.
– Legitimate interests: Where the use of your data is essential for our legitimate business purposes and is balanced against your data protection rights and freedoms.
5. YOUR DATA PROTECTION RIGHTS
You have specific rights under applicable data protection laws, which include the right to:
– Access: Request a copy of your personal data held by us.
– Rectification: Request corrections to inaccurate or incomplete personal data.
– Erasure: Request the deletion of your personal data where it is no longer necessary.
– Restriction: Limit how your personal data is processed in certain circumstances.
– Portability: Obtain a copy of your data in a structured, machine-readable format and transmit it to another controller.
– Objection: Object to processing based on our legitimate interests or for direct marketing.
To exercise your rights, please contact us at [email protected]. We may need to verify your identity before responding.
6. SECURITY MEASURES
We implement robust technical and organizational safeguards to ensure the protection of your personal data, including:
– SSL/TLS encryption for secure data transmission
– Role-based access control systems
– Encrypted data storage and periodic security audits
– Regular backups and endpoint protection
– Staff training in data privacy and cybersecurity awareness
While we strive to employ the highest security standards, no online transmission or storage method is infallible. Accordingly, we cannot guarantee absolute security.
7. INTERNATIONAL TRANSFERS
Your personal data may be processed or stored in jurisdictions outside your country of residence, including servers located in the European Economic Area (EEA) or the United States. Where data is transferred internationally, we ensure appropriate safeguards such as Standard Contractual Clauses approved by regulatory authorities or compliance with relevant adequacy decisions.
8. DATA RETENTION
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or to comply with legal, regulatory, or accounting obligations. Retention periods by category include:
– Usage Data: Retained for up to 12 months for analytical and security purposes.
– Account and Profile Data: Retained for the duration of your relationship with us plus 6 years thereafter for legal recordkeeping.
– Communication Data: Retained for 2 years following the last interaction.
– Transaction Data: Retained for 6 years for tax and audit purposes.
– Preference Data: Retained until you withdraw your consent or your data is deleted.
9. COOKIE POLICY
Our Website uses cookies and similar tracking technologies to enhance your browsing experience. Cookies are small data files stored on your device. The types of cookies we use include:
– Essential Cookies: Required for core functionality, such as navigation and access to secure areas.
– Functional Cookies: Enable enhanced features and personalization.
– Analytics Cookies: Collect data on usage, traffic patterns, and user behavior to help us improve our services.
– Performance Cookies: Track performance of the Website or user interactions, enabling optimization.
You may review our full Cookie Policy on www.lucindalambton.com for additional detail.
10. COOKIE MANAGEMENT AND COMPLIANCE
Upon accessing our Website, a cookie banner prompts you to provide or deny consent for non-essential cookies, in accordance with GDPR and CCPA regulations.
You may manage cookie settings at any time via:
– Browser settings, where you can block, delete, or restrict cookie use.
– Our cookie consent tool, accessible at the footer of the Website.
CCPA rights include the right to opt out of the sale of personal information. We do not sell personal information to third parties. Nonetheless, Californian users may submit an opt-out request via [email protected] if needed.
11. CHILDREN’S PRIVACY
We do not knowingly collect, use, or disclose personal data from children under the age of 13. If we become aware that personal data has been knowingly collected from a child under 13, we will take appropriate measures to delete such information. Parents or legal guardians who believe we may have collected information from their child may contact us at [email protected].
12. POLICY UPDATES AND NOTIFICATIONS
We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or Website functionality. Updates will be posted on this page, and material changes may be communicated via email or Website notification. We encourage you to consult this policy periodically to stay informed.
13. CONTACT DETAILS
If you have any questions, concerns, or requests regarding this Privacy Policy or how your personal data is handled, you may reach out to us at:
Email: [email protected]
Website: www.lucindalambton.com
We are fully committed to data privacy and protection. If you have any complaints or concerns, please contact us—your data is important to us and we will respond promptly.