Privacy Policy
At The Club That (“we,” “us,” or “our”), accessible at theclubthat.com, we are committed to safeguarding your personal data and respecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and protect your personal information in compliance with applicable data protection laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
1. Commitment to Privacy and Data Protection
We place a high priority on maintaining the confidentiality, integrity, and security of your personal information. We endeavor to process personal data lawfully, fairly, and transparently, ensuring compliance with the principles of data minimization, purpose limitation, and accountability as defined under applicable regulations.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of our website, theclubthat.com, and any services or communications offered through it. The Club That acts as the Data Controller for the personal information collected and processed through our digital platforms. If you have any questions or requests concerning your personal data, please contact us at [email protected].
3. Categories of Data Processed
We collect and process the following categories of personal data:
a. Usage Data: This includes information about your interaction with our website, such as IP address, browser type and version, time zone settings, pages visited, and actions taken. We collect this data using automated technologies like cookies and server logs.
b. Account Data: When you create an account or register with us, we collect your full name, postal address, email address, and telephone number.
c. Profile Data: Includes your preferences, product interests, browsing habits, purchase history, and behavioral data derived from website activity.
d. Communication Data: Encompasses email correspondence, customer support inquiries, chat transcripts, or other interactions submitted via forms or direct contact.
e. Technical Data: This relates to your device information (e.g., operating system, hardware model, mobile network), system configurations, and browser plug-in types.
f. Transaction Data: Includes details relevant to the transactions you perform with us, such as payment card details (processed securely via third-party services), billing address, delivery address, and past order history.
g. Preference Data: Captures your consent status for marketing, customized messaging, and subscription options, along with selected content or product categories.
4. Legal Bases for Processing
We process your personal data only when there is a lawful basis as defined by GDPR and CCPA, including:
– Performance of a Contract: For fulfilling user-initiated orders, account management, and customer service.
– Legitimate Interests: For analytics, fraud prevention, improving services, and marketing (provided such interests are not overridden by your rights).
– Consent: For sending promotional and marketing communications where opt-in is required.
– Legal Obligation: When we are required to retain or disclose information to comply with applicable laws and regulations.
5. Your Rights
As provided under GDPR and CCPA, you have the following rights:
– Right of Access: Request access to your personal data and how it is processed.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure (“Right to be Forgotten”): Request deletion of your data under specific circumstances.
– Right to Restriction: Request limited processing of your data under certain conditions.
– Right to Data Portability: Request a structured and machine-readable copy of your information or transfer to another controller.
– Right to Object: Object to processing where we rely on legitimate interests or for direct marketing purposes.
– Right to Non-Discrimination: You will not receive discriminatory treatment for exercising your rights under the CCPA.
To exercise any of these rights, contact us at [email protected].
6. Security Measures
We employ appropriate technical and organizational measures to secure your personal data. These include, but are not limited to:
– End-to-end encryption
– Controlled access to personal data through role-based permissions
– Multi-layered firewalls and intrusion detection systems
– Regular security audits and vulnerability scans
– Staff training in data protection protocols
While we implement robust protections, no system can be guaranteed 100% secure. Users are encouraged to maintain the confidentiality of their login credentials.
7. International Transfers
Your personal data may be transferred, stored, and processed in countries outside your jurisdiction, including countries not deemed to provide adequate protection by default under GDPR. In such cases, we ensure appropriate safeguards such as Standard Contractual Clauses or equivalent contractual and technical measures to uphold your rights and protections.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:
– Usage Data: Up to 12 months
– Account and Profile Data: Retained while the account is active and up to 24 months post-deactivation
– Communication and Technical Data: Up to 24 months
– Transaction Data: Up to 7 years for legal and financial compliance
– Preference Data: Retained until consent is withdrawn
After retention periods expire, data is securely anonymized or deleted.
9. Cookie Policy
Our website uses cookies and similar technologies to improve user experience and functionality. The types of cookies used include:
– Essential Cookies: Necessary for basic site functionality and security.
– Functional Cookies: Enable website enhancements like saved preferences.
– Performance Cookies: Gather aggregated statistics on site usage and speed optimization.
– Analytics Cookies: Track user behavior to improve content and services.
A detailed overview is provided within our Cookie Management Tool available on theclubthat.com.
10. Cookie Management under GDPR and CCPA
Under GDPR and CCPA, we offer cookie consent management. Upon your first visit and periodically thereafter, we will request your consent to use non-essential cookies. You may adjust or revoke your settings at any time via the “Cookie Preferences” link at the footer of theclubthat.com. Browser-level controls for rejecting or deleting cookies are also available.
11. Children’s Privacy
We do not knowingly collect personal data from children under the age of 13. If we learn that personal information has been collected from a child without verifiable parental consent, we will take appropriate steps to delete such data. Parents or guardians who believe their child has submitted information may contact us at [email protected].
12. Policy Updates and Notifications
We reserve the right to update this Privacy Policy to reflect changes in legal obligations, technologies, or our data practices. Any material changes will be communicated directly via notification on theclubthat.com or through other appropriate channels.
13. Contact Information
If you have any questions, concerns, or requests regarding this Privacy Policy, your personal data, or our data practices, please contact:
Email: [email protected]
Website: https://theclubthat.com
We are committed to maintaining the highest standards of data protection and privacy compliance. Please do not hesitate to reach out if you have any questions or concerns about your personal data.