Privacy Policy for owlondon.com

1. Introduction

At OW London (accessible via owlondon.com), we are committed to protecting your personal data and respecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and protect your information in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We implement a privacy-first approach in all our operations and take your data protection rights seriously.

2. Scope of the Policy and Data Controller Role

This Privacy Policy applies to all users of our website, owlondon.com, and related services. OW London is the data controller responsible for the processing of personal data as described herein. This policy covers all data collected via the website, through customer interactions, and in the course of the provision of our services.

3. Categories of Data Processed

We may collect and process the following categories of personal data:

– Usage Data: Information about how you use our website, including browser types, IP addresses, session durations, page views, and referral URLs.
– Account Data: Personal details you provide when creating an account, such as name, billing address, email address, and telephone number.
– Profile Data: Information derived from your account and related activity, including purchase history, preferences, behavior patterns, saved products, and wish lists.
– Communication Data: Any data provided through interactions with our support team, responses to surveys, and communication history via email or our website contact forms.
– Technical Data: Device identifiers, system settings, browser settings, operating system information, and diagnostic logs.
– Transaction Data: Details of products and services purchased, delivery address, payment methods (excluding full credit card numbers), and invoice records.
– Preference Data: Marketing communication preferences, product interests, cookie preferences, and opt-in statuses for newsletters or promotional emails.

4. Legal Bases for Processing

OW London processes personal data only when we have a legal basis to do so. The principal legal bases include:

– Consent: When you have given clear and affirmative permission for a specific purpose (e.g., newsletter subscription).
– Contractual Necessity: To fulfill a contract or take steps at your request prior to entering into a contract (e.g., order fulfillment).
– Legitimate Interest: For purposes such as improving our website, preventing fraud, or analyzing usage trends, provided such interests are not overridden by your rights.
– Legal Obligation: To comply with legal and regulatory obligations.

5. Your Rights

Under GDPR and CCPA, you have the following rights, which OW London facilitates upon request:

– Right of Access: Obtain a copy of your personal data and information on how it is processed.
– Right to Rectification: Request that inaccuracies in your personal data be corrected.
– Right to Erasure: Ask for your personal data to be deleted, subject to certain exceptions.
– Right to Restriction: Request limitation of processing under specific circumstances.
– Right to Portability: Request your personal data in a structured, commonly used, and machine-readable format to transmit to another provider.
– Right to Object: Object to the processing of your data where we rely on legitimate interests as a legal basis.
– Right Not to Be Subject to Automated Decision-Making: You may request human intervention where decisions have significant effects on you.

To exercise your rights at any time, please contact us at [email protected].

6. Security Measures

We apply robust technical and organizational security measures to safeguard your data, including:

– Encryption of data in transit and at rest.
– Controlled access to personal data on a need-to-know basis.
– Secure data backup mechanisms and disaster recovery procedures.
– Regular staff training on cybersecurity, data protection, and privacy awareness.

Despite our efforts, no data transmission or storage system can be guaranteed 100% secure. We encourage you to use caution and protect your own digital security.

7. International Transfers

Your personal data may be transferred to and processed in countries outside your jurisdiction, including countries not offering the same level of data protection. In such cases, OW London ensures all international transfers comply with applicable requirements by implementing:

– Standard Contractual Clauses (SCCs) approved by the European Commission.
– Adequacy decisions by regulatory authorities where applicable.
– Additional technical and organizational safeguards.

8. Data Retention

We only retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including:

– Account Data: duration of account existence and up to 6 years for legal and compliance reasons.
– Transaction Data: 7 years to meet tax, legal, and audit requirements.
– Communication Data: 3 years for support history and operational insight.
– Technical, Usage & Profile Data: anonymized or retained for a maximum of 2 years for analytical purposes.
– Marketing Preferences: maintained until consent is withdrawn or after 2 years of inactivity.

9. Cookie Policy

Owlondon.com uses cookies and similar technologies to improve your user experience. Cookies fall under the following categories:

– Essential Cookies: Necessary for core website functionality (e.g., shopping cart, secure login).
– Functional Cookies: Enhance usability by storing preferences and previously viewed items.
– Analytics Cookies: Gather data about website usage and performance to help us improve.
– Performance Cookies: Monitor the effectiveness of our marketing campaigns and website usability.

10. Cookie Management and Compliance

Upon visiting owlondon.com, you have the option to manage your cookie preferences via our cookie banner. You may:

– Accept or reject non-essential cookies.
– Modify your preferences at any time through our Cookie Settings page.
– Configure your browser settings to block or delete cookies.

In compliance with GDPR and CCPA, we do not place non-essential cookies without prior user consent and respect Do Not Track and Global Privacy Control signals where applicable.

11. Children’s Privacy

Our website and services are not directed toward individuals under the age of 13, and we do not knowingly collect or solicit personal data from children. If you become aware that a child has provided us with data, please contact us at [email protected] so we can take appropriate action.

12. Policy Updates and User Notifications

We may update this Privacy Policy to reflect changes in our practices, legal requirements, or website functionalities. Any material changes will be highlighted on owlondon.com and, where required, we will notify you via email or on-site notification. Continued use of the website after updates signifies your consent to the revised policy.

13. Contact Information

For any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please contact our Data Protection Officer at:

Email: [email protected]

We are committed to ensuring your personal data is handled in compliance with all relevant privacy regulations and invite you to reach out with any privacy-related concerns or inquiries.