Privacy Policy
1. Introduction
At Rhodes Rib Experience (“we,” “our,” or “us”), accessible at rhodesribexperience.com, we are fully committed to respecting and protecting your privacy. This Privacy Policy outlines how we collect, use, store, and safeguard your personal data in accordance with applicable data protection laws, including the European Union General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We are dedicated to transparency and to giving users control over their personal information.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of rhodesribexperience.com and related services. Rhodes Rib Experience acts as the Data Controller for all personal data collected through our website, meaning we determine the purposes and means of processing your personal information. If you have questions regarding data processing or want to exercise your data protection rights, you may contact us at [email protected].
3. Categories of Data Processed
We may process various categories of personal data depending on your interaction with our website and services:
a) Usage Data
Information such as IP address, browser type and version, geographic location, operating system, pages viewed, session duration, and clickstream data.
b) Account Data
Personal identifiers including your name, email address, postal address, phone number, and account credentials if applicable.
c) Profile Data
Your preferences, browsing behavior, purchase history, and any interests related to our products or services.
d) Communication Data
Records of your communications with us, including support requests, inquiries, and contact history.
e) Technical Data
Device-specific data including device type, hardware model, operating system configuration, and diagnostic data.
f) Transaction Data
Information relating to transactions carried out on our website, including payment details, booking records, and delivery details.
g) Preference Data
Your explicit marketing and communication preferences, as well as expressed interests in specific activities or offers.
4. Legal Bases for Processing
We process your personal data only when a legal basis applies. The lawful bases we rely upon include:
– Consent: When you voluntarily provide data or agree to receive marketing communications.
– Contractual Necessity: When data is necessary to fulfill our contract with you, such as processing bookings or providing customer service.
– Legal Obligation: When processing is required to comply with applicable legal requirements.
– Legitimate Interests: When processing is essential to our operations, provided it does not override your fundamental rights—for instance, fraud prevention or service improvements.
5. Your Rights
Under GDPR and CCPA, you are entitled to certain rights concerning your personal data. These include:
– Right of Access: Obtain confirmation of whether we process your data and, if so, access to that data.
– Right to Rectification: Request correction of inaccurate or incomplete personal data.
– Right to Erasure: Request deletion of your personal data, subject to legal and operational limitations.
– Right to Restriction: Ask us to limit or pause the processing of your data under specific circumstances.
– Right to Data Portability: Receive your personal data in a structured, commonly used format and transmit it to another controller.
– Right to Object: Object to data processing based on legitimate interests or direct marketing.
– Right to Non-Discrimination (CCPA): You will not receive discriminatory treatment for exercising any of your data protection rights.
To exercise any of the above rights, please contact us at [email protected].
6. Security Measures
We implement a range of technical and organizational security measures in line with industry best practices to ensure the protection of your personal data. These include but are not limited to:
– Encryption of sensitive data both in transit and at rest.
– Secure access controls and authentication mechanisms.
– Regular data backups and continuity planning.
– Staff training regarding data privacy and security awareness.
While we strive to use commercially acceptable means to protect your personal information, no method of transmission or storage is 100% secure.
7. International Transfers
Your data may be transferred to and processed in countries outside of your jurisdiction, including to service providers or affiliates located in jurisdictions that may not have the same legal protections for personal data. We ensure that such transfers comply with applicable law using safeguards such as Standard Contractual Clauses, adequacy decisions, or other legally endorsed mechanisms.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to comply with legal, tax, and accounting obligations. Retention periods vary depending on the type of data:
– Usage Data: Retained for 12 months.
– Account Data: Retained for the duration of your account and up to 5 years thereafter.
– Profile and Preference Data: Retained for up to 3 years from last interaction.
– Support and Communication Data: Retained for 2 years.
– Transaction Data: Retained for 7 years to meet tax and audit requirements.
Upon expiry of the retention period, your data will be securely erased or anonymized.
9. Cookie Policy
We use cookies and similar technologies to enhance your experience on rhodesribexperience.com by delivering relevant content and improving navigation. Our cookies fall into the following categories:
– Essential Cookies: Necessary for core site functionality and access to secure areas.
– Functional Cookies: Enhance usability and site customization.
– Analytics Cookies: Help us understand how visitors interact with the site for performance improvements.
– Performance Cookies: Monitor site performance and operational status to diagnose problems and optimize content delivery.
10. Cookie Management and Compliance with GDPR & CCPA
By visiting rhodesribexperience.com, you will be presented with an option to manage your cookie preferences via a consent management platform. You have the right to:
– Accept or deny cookie categories (excluding essential cookies).
– Revoke consent at any time.
– Use browser settings to manage or delete cookies.
– Opt-out of data sales or analytics tracking (as applicable under CCPA).
For more information on how to manage cookies, see your browser documentation or contact us.
11. Special Protections for Children
Our services are not directed to children under the age of 13. We do not knowingly collect or process personal data from individuals under this age. If we learn that we have inadvertently collected data from a child without appropriate consent, we will take immediate steps to delete such data.
12. Policy Updates and User Notifications
We reserve the right to update this Privacy Policy from time to time to reflect changes in legal requirements, our processing practices, or the nature of our business. All changes will take effect once posted on rhodesribexperience.com. Where appropriate, we will notify you of significant updates via email or site pop-ups.
We encourage all users to periodically review this Policy to stay informed about how we are protecting their information.
13. Contact
If you have any questions, concerns, or requests related to this Privacy Policy or our data practices, please contact us at:
Email: [email protected]
Website: rhodesribexperience.com
We are fully committed to complying with applicable data protection laws and ensuring that your rights are respected at all stages of data processing. If you have any concerns about our use of your personal information, we encourage you to reach out.