Privacy Policy for HyltonCastle.com
1. Introduction
At HyltonCastle.com, your privacy and the security of your personal data are of paramount importance to us. This Privacy Policy outlines how we collect, use, store, and share your personal information when you visit or interact with our website. We are committed to safeguarding your data in accordance with all applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We aim to maintain transparency in our practices and to offer you clear insight into your rights and choices.
2. Scope of Policy and Role as Data Controller
This Privacy Policy applies to all personal data collected via the HyltonCastle.com website, whether you are browsing, submitting a request, creating an account, or purchasing a product or service. HyltonCastle.com operates as the data controller responsible for determining the purposes and means of processing your personal data under applicable law.
If you have any questions or requests related to this Privacy Policy, please contact us at: [email protected].
3. Categories of Data We Process
We may collect and process the following categories of personal data:
a. Usage Data – Information about how you use our website, including browser type, IP address, device type, operating system, referral source, pages visited, time spent on pages, and session data.
b. Account Data – Information you provide when creating or updating an account, such as your full name, email address, phone number, physical address, and login credentials.
c. Profile Data – Preferences, interests, order history, and behavioral data based on your interactions with HyltonCastle.com.
d. Communication Data – Records of your communications with us, including messages submitted through contact forms, support requests, surveys, and correspondence history.
e. Technical Data – Device identifiers, system configuration details, time zone settings, and other technical parameters needed to ensure website compatibility and functionality.
f. Transaction Data – Data related to purchases or service agreements, including payment confirmations, billing addresses, delivery information, and any applicable transaction identifiers.
g. Preference Data – Marketing consents, notification choices, and your stated product or content interests.
4. Legal Bases for Processing Personal Data
We process personal data solely where permitted by applicable law, based on the following legal grounds:
– Consent: Where you provide us with explicit permission to process your data (e.g., for newsletter subscriptions or optional cookies).
– Contractual Necessity: Where processing is required to fulfill a contract with you or to take steps prior to entering into a contract (e.g., processing a purchase).
– Legal Obligation: Where we are required to process your data for compliance with a legal obligation.
– Legitimate Interests: In circumstances where processing is necessary for our legitimate business interests, provided those interests are not overridden by your privacy rights (e.g., improving website functionality or analyzing user interaction trends).
5. Your Rights Under Data Protection Law
As a data subject, you have the following rights with respect to your personal data:
– Right of Access – To obtain confirmation of whether we process your data and to request a copy of your personal data.
– Right to Rectification – To request correction or completion of inaccurate or incomplete data.
– Right to Erasure – To request deletion of your personal data, subject to limitations prescribed by law.
– Right to Restriction – To request limitation of how we process your data under specific conditions.
– Right to Data Portability – To request that your data be transferred to another controller in a structured, commonly used format.
– Right to Object – To object to the processing of your data on grounds relating to your particular situation, including objection to direct marketing.
Requests to exercise these rights can be submitted to: [email protected]. We will respond in accordance with applicable legal obligations.
6. Security Measures
We implement appropriate technical and organizational measures to ensure the protection of your personal data, including but not limited to:
– Data encryption using industry-standard protocols.
– Role-based access controls with restricted permissions.
– Regular system backups and data integrity checks.
– Staff training on data security and privacy compliance.
– Monitoring and detection systems to identify unauthorized access.
Although we endeavor to safeguard your information, no online transmission is fully secure. We encourage you to take suitable precautions when interacting with our services.
7. International Data Transfers
Your personal data may be transferred to and stored in jurisdictions outside your home country, including countries outside the European Economic Area (EEA). When such transfers occur, we ensure adequate protection through:
– Standard contractual clauses approved by the European Commission.
– Certification under recognized frameworks, where applicable.
– Binding corporate rules or similar acceptable transfer mechanisms.
We are committed to complying with all applicable international data protection standards.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting obligations. Retention periods vary depending on the type of data:
– Usage & Technical Data: Up to 12 months for analytics and diagnostic purposes.
– Account & Profile Data: Until the account is closed and for up to 7 years thereafter for compliance and recordkeeping.
– Communication Data: Retained for up to 3 years following the last interaction.
– Transaction Data: Retained for 7 years to comply with financial and tax regulations.
– Preference Data: Retained until unsubscribed or withdrawn by the user.
9. Cookie Policy
We use cookies and similar tracking technologies on HyltonCastle.com for multiple purposes:
– Essential Cookies: Necessary for the website to function properly, including session management and authentication.
– Functional Cookies: Enhance user experience by remembering your settings and preferences.
– Analytics Cookies: Help us understand how you interact with the site, enabling us to improve content and design.
– Performance Cookies: Measure site performance and allow improvements through statistical evaluation.
Each cookie is assigned a defined lifespan, after which it is automatically deleted or renewed upon active user interaction.
10. Cookie Management and Compliance
We provide clear controls for cookie preferences in compliance with GDPR and CCPA. Upon first visit, users are presented with a cookie consent banner to accept, reject, or customize cookie settings.
Users located in jurisdictions governed by the GDPR or CCPA may also opt out of specific categories of cookies or tracking mechanisms at any time through cookie management tools on HyltonCastle.com.
California residents may exercise their rights under the CCPA, including the right to opt out of the sale of personal information.
11. Protection of Children’s Data
HyltonCastle.com does not knowingly collect or process personal data from children under the age of 13. If we are made aware that we have inadvertently collected information from a child under the age of 13 without verifiable parental consent, we will take immediate steps to delete such data.
Parents or guardians who believe that their child may have submitted personal data are encouraged to contact us at: [email protected].
12. Policy Updates
We may revise this Privacy Policy from time to time to reflect legal, technical, or operational changes. Any significant modifications will be communicated through appropriate channels, such as a website notification or direct email, where appropriate.
We encourage you to review this Privacy Policy periodically to stay informed of our data practices.
13. Contacting Us
If you have any questions, concerns, or requests related to this Privacy Policy or your personal data, please contact us at:
Email: [email protected]
Website: https://hyltoncastle.com
—
HyltonCastle.com respects your privacy and is committed to transparent and responsible data practices. We adhere to the principles and obligations set forth under GDPR, CCPA, and other relevant privacy legislation. For further information or to raise a privacy concern, please reach out to us at the contact details provided above.