Privacy Policy for Oxford House Books
Oxford House Books (“we”, “us”, or “our”) is committed to safeguarding the privacy and personal data of all individuals who interact with our website, https://oxfordhousebooks.com (“Website”). We take data privacy seriously and maintain the highest standards of security and transparency in our capacities as a data controller.
1. Our Commitment to Privacy and Data Protection
Your privacy matters to us. We are dedicated to complying fully with all applicable data protection regulations, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the California Consumer Privacy Act of 2018 (“CCPA”), and other relevant global privacy standards. This Privacy Policy outlines how we collect, use, share, and protect your personal data when you engage with our services through the Website.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of the Website and to any personal data collected through it. Oxford House Books is the data controller responsible for your personal data. As the data controller, we determine the purposes and means of processing your personal data in compliance with stipulated laws and regulations.
3. Categories of Data We Process
We collect and process various categories of personal data to provide a seamless, secure, and personalized user experience. The types of personal data we may process include:
a) Usage Data
Information automatically collected about your interaction with the Website, such as IP addresses, browser type, pages viewed, time spent on pages, interaction data, date and time of visit, and session identifiers.
b) Account Data
Personal information you provide when creating an account, including full name, physical address, email address, and telephone number.
c) Profile Data
Information derived from your interactions on the Website, such as purchase history, product preferences, reading interests, and browsing behavior.
d) Communication Data
Details of communications between you and Oxford House Books, including inquiries, customer service interactions, feedback, and support tickets.
e) Technical Data
Data about the devices and systems you use to access our Website, such as device identifiers, operating systems, browser configurations, system preferences, and mobile network information.
f) Transaction Data
Details relating to purchases and payments, including billing addresses, payment confirmation data, shipping information, and transaction history.
g) Preference Data
Information about your marketing and communication preferences, including newsletter subscriptions, opt-in or opt-out choices, and product categories of interest.
4. Legal Bases for Processing Your Data
We only process your personal data when legally justified under the following bases:
– Contractual Necessity: To fulfill our obligations to you under any agreement, such as processing your purchases.
– Legitimate Interests: To further our legitimate business interests, such as improving services, conducting analytics, detecting fraud, and securing our network, provided these interests are not overridden by your rights.
– Consent: Where required by law, we rely on your explicit consent to process your personal information (e.g., for non-essential cookies or marketing communications).
– Legal Obligations: To comply with legal requirements or lawful authorities.
5. Your Rights
Under GDPR and CCPA, you have the following rights regarding your personal data:
– Right of Access: You may request access to personal data we hold about you.
– Right to Rectification: You may request correction of inaccurate or incomplete data.
– Right to Erasure: You may request deletion of your personal data under certain conditions (“right to be forgotten”).
– Right to Restriction: You may request restrictions on how we use your personal data.
– Right to Data Portability: You are entitled to receive a copy of your data in a structured, commonly used, machine-readable format.
– Californian Residents’ Rights: Under the CCPA, you may also request information about categories of personal information collected and request that we do not sell your data. We do not sell personal information in the traditional sense.
To exercise your rights, please contact us at [email protected].
6. Security Measures
We implement robust administrative, technical, and physical safeguards to protect your personal data, including:
– End-to-end encryption of transmitted data (TLS/SSL)
– Secure storage and limited access to personal data
– Role-based user permission systems and authentication controls
– Regular security assessments and penetration testing
– Staff training on data privacy and secure information handling
– Automated backup and data recovery systems
7. International Transfers
We may transfer your personal information to countries outside of your jurisdiction, including countries that may not offer the same level of protection as that provided under your local laws. Where such transfers occur, we implement appropriate safeguards, including Standard Contractual Clauses approved by the European Commission, to ensure adequate protection of your data.
8. Data Retention
We retain personal data only for as long as necessary for the purposes outlined in this Policy or as required by law. The following general timeframes apply:
– Account and Profile Data: Retained until you delete your account or request erasure.
– Transaction Data: Retained for 7 years for financial and audit compliance.
– Communication Data: Retained for 3 years following the last user interaction.
– Cookie and Usage Data: Retention varies but does not exceed 26 months, subject to cookie and analytics settings.
9. Cookie Policy
The Website uses cookies and similar technologies to enhance user experience and improve our services. Cookies fall into the following categories:
– Essential Cookies: Required for core site functionality (e.g., cart persistence, login sessions).
– Functional Cookies: Improve usability by remembering choices and settings.
– Analytics Cookies: Help us understand usage patterns through anonymized data (e.g., Google Analytics).
– Performance Cookies: Measure loading times and user navigation to enhance performance.
10. Cookie Management and Compliance
In accordance with GDPR and CCPA, we provide users with the ability to manage their cookie preferences through a consent banner upon first visit and via a “Cookie Settings” interface accessible at any time. Non-essential cookies are disabled by default and only activated upon user consent.
You may also configure your browser settings to refuse or delete cookies. Certain functionalities may be limited without cookie access.
11. Children’s Privacy
Oxford House Books does not knowingly collect or process personal data of children under the age of 13. If we become aware that a child under 13 has provided personal information without parental consent, we will delete such data in accordance with regulatory compliance obligations. Parents or legal guardians may contact us at [email protected] to request deletion.
12. Policy Updates and Notifications
We reserve the right to update or modify this Privacy Policy at our discretion. Any changes that materially affect your rights or the way we use your data will be communicated via notice on the Website or via email where appropriate. We encourage periodic review to ensure awareness of the most current version.
13. Contact Us
For any inquiries, concerns, or requests regarding your personal data or this Privacy Policy, please contact:
Oxford House Books
Email: [email protected]
Website: https://oxfordhousebooks.com
We are committed to honoring your privacy rights and responsibilities under applicable privacy laws and will respond to queries within legally mandated timelines.
This Privacy Policy reflects our ongoing commitment to transparency, accountability, and compliance. If you believe your data protection rights have been violated, you may also lodge a complaint with your local data protection authority.