Privacy Policy
At The Club That (theclubthat.com), we value and respect your privacy. This Privacy Policy explains how we collect, use, disclose, and protect your personal data in compliance with applicable privacy regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We are committed to safeguarding the personal data you provide to us, ensuring transparency and accountability throughout our data processing activities.
1. Introduction: Our Commitment to Your Privacy
We are dedicated to protecting the integrity, confidentiality, and security of your personal information. When you interact with our services through theclubthat.com, we collect certain data to provide a seamless, secure, and personalized experience. Our processing practices are designed with your privacy in mind and comply with the highest standards of data protection.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of theclubthat.com and any associated services, regardless of location. For the purposes of data protection legislation, The Club That acts as the Data Controller for the personal data you provide or that we collect through this website.
If you have any concerns regarding how your data is processed, you may contact us directly at [email protected].
3. Categories of Data Processed
We may collect and process a range of personal data, including but not limited to the following categories:
a) Usage Data
Information collected automatically when you browse our site, such as your IP address, browser type, language preferences, access dates and times, referring/exit pages, and session duration.
b) Account Data
Details you voluntarily provide when creating or managing your account, including your full name, residential or billing address, email address, and phone number.
c) Profile Data
Preferences, purchase history, interests, behavioral data related to your interactions with our services, and settings within your account profile.
d) Communication Data
Records of correspondence with us, such as inquiries, support requests, complaints, and related communication metadata.
e) Technical Data
Device information including hardware model, operating system version, unique identifiers, mobile network information, and system configuration data used to access theclubthat.com.
f) Transaction Data
Information relating to payments or purchases, including order history and delivery details. Payment information is securely processed through third-party providers and is not stored on our servers.
g) Preference Data
Data regarding your permission for marketing communications, product interests, and newsletter subscriptions.
4. Legal Bases for Processing
We rely on the following legal bases under the GDPR for processing your personal data:
– Consent: Where you have explicitly granted us permission for specific uses of your data, such as receiving marketing communications.
– Contract: Where processing is necessary to perform a contract with you, such as providing purchased services or products.
– Legal obligation: Where we are required by law to retain or disclose personal data.
– Legitimate interest: Where processing is necessary for our legitimate interests, such as improving user experience, preventing fraud, or securing our platform, and these do not override your data protection rights.
5. Your Rights Under Data Privacy Laws
Subject to applicable laws, you may exercise the following rights:
– Right of Access: You may request a copy of the personal data we hold about you.
– Right to Rectification: You may request correction of inaccurate or incomplete data we have about you.
– Right to Erasure: You may request deletion of your personal data, subject to certain exceptions.
– Right to Restrict Processing: You may ask us to limit processing where the accuracy or lawful basis is contested.
– Right to Data Portability: You may request to receive your data in a structured, machine-readable format and have it transmitted to another controller.
To exercise any of these rights, please contact us at [email protected]. We will respond in accordance with applicable legal timelines.
6. Security Measures
We implement robust technical and organizational safeguards designed to protect your personal data from unauthorized access, loss, or misuse. These include:
– Encryption of sensitive data in transit and at rest
– Secure server environments and firewalls
– Access controls restricting data to authorized personnel
– Regular data backups
– Ongoing staff privacy and security training
While we take appropriate measures to secure your data, no system is ever entirely immune to breaches. If a data breach occurs, we will notify affected users as required by law.
7. International Data Transfers
Where personal data is transferred outside the European Economic Area (EEA) or other regulated jurisdictions, we ensure appropriate safeguards are in place consistent with data protection laws. These safeguards may include the use of approved Standard Contractual Clauses (SCCs), adequacy decisions, or legally binding corporate rules.
8. Data Retention
We retain your personal data only as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law. General retention periods include:
– Account & Transaction Data: Up to 6 years for legal and accounting compliance.
– Usage, Technical & Cookie Data: Retained for up to 24 months from the date of collection.
– Communication Data: Retained for as long as reasonably necessary to address the concern or inquiry, and for audit purposes if needed.
– Marketing Preferences: Until consent is withdrawn.
After expiration of the relevant retention periods, data is securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar technologies to enhance your browsing experience on theclubthat.com. The types of cookies we use include:
– Essential Cookies: Necessary for the basic functionality of the website (e.g., authentication, security).
– Functional Cookies: Enable enhanced features like remembering preferences or language settings.
– Analytics Cookies: Help us analyze website traffic and user behavior using aggregated, anonymized data.
– Performance Cookies: Measure system performance and help us improve responsiveness and UX.
For a more detailed explanation of the cookies we use, please review our separate Cookie Notice available on theclubthat.com.
10. Cookie Management and GDPR/CCPA Compliance
Upon your first visit to theclubthat.com, you will receive a cookie banner allowing you to accept or manage your preferences. You can also modify or withdraw your consent at any time by adjusting your browser settings or accessing our Cookie Settings Panel. We fully comply with GDPR requirements and honor “Do Not Sell My Personal Information” rights under the CCPA.
California residents may exercise their CCPA rights related to cookies by contacting us at [email protected] or using opt-out tools where available.
11. Protection of Minors
Our website and services are not intended for individuals under the age of 13. We do not knowingly collect personal information from children. If we become aware that such data has been collected without appropriate parental consent, we will take immediate steps to delete the information. Parents or guardians who believe their child may have submitted personal data should contact us directly.
12. Policy Updates & User Notifications
We may update this Privacy Policy to reflect legal changes or improvements in our practices. Any significant amendments will be communicated to users through notices on theclubthat.com or via direct communication methods (e.g., email notices when applicable). Continued use of our services following any changes is considered acceptance of the updated policy.
13. Contact Us
If you have any questions, concerns, or requests related to this Privacy Policy or your personal data, you may contact us at:
Email: [email protected]
We are committed to resolving your concerns thoroughly and in a timely manner.
Compliance Statement
The Club That operates in full compliance with applicable data privacy laws, including GDPR and CCPA. We are committed to transparency and to upholding your rights as a user. If you have concerns about how your information is managed, please reach out at [email protected].