Privacy Policy for TennentsofScotland.com
1. Introduction
Tennents of Scotland (“we”, “us”, or “our”) is deeply committed to protecting the privacy and personal data of our website users and customers. This Privacy Policy outlines how we collect, use, store, share, and protect your personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”). Our approach prioritizes transparency, accountability, and user control to ensure your data is handled with integrity and care.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of our website, tennentsofscotland.com, and pertains to the personal data collected through our digital services, communications, and interactions. Tennents of Scotland is the data controller for all personal data processed through this site. As the controller, we are responsible for determining the purpose and means of processing your personal data, and for ensuring that this processing is compliant with all relevant laws.
3. Categories of Data We Process
We may collect and process the following categories of data:
a. Usage Data
Includes details such as browser type, IP address, referral source, page views, session duration, and site navigation patterns. This information helps us understand how visitors use our website and optimize its performance.
b. Account Data
Includes your full name, billing and shipping address, email address, phone number, and other identifiers provided when creating an account or placing an order.
c. Profile Data
Comprises demographic information, preferences, historic purchases, feedback, and other behavioral indicators related to your interaction with our services.
d. Communication Data
Covers communications such as customer support queries, messages submitted via contact forms, and email correspondences. We may also process metadata associated with these communications.
e. Technical Data
Involves device identifiers, system and application settings, operating system type, network information, and diagnostic data related to device use in accessing our services.
f. Transaction Data
Includes order history, financial details related to payments (processed securely via third-party services), delivery addresses, and refund records.
g. Preference Data
Consists of your consents to receive marketing emails, areas of product interest, newsletter subscription status, and your responses to marketing campaigns or surveys.
4. Legal Bases for Processing
We collect and process your personal data based on one or more of the following legal grounds:
– Performance of a Contract: To fulfill and manage orders, services, or subscriptions you have requested.
– Legitimate Interest: For analytics, marketing, fraud prevention, and ensuring site performance and security.
– Consent: Where we require your explicit permission, such as for receiving marketing emails or certain cookie deployments.
– Legal Obligation: Where processing is necessary to meet statutory requirements (e.g., tax reporting, regulatory disclosures).
5. Your Rights
Under the GDPR and CCPA (where applicable), you are entitled to exercise a number of rights regarding your personal data:
– Right of Access: You may request confirmation of whether we hold personal data about you and, if so, obtain access to that data.
– Right to Rectification: You have the right to request corrections to inaccurate or incomplete data.
– Right to Erasure: Also known as the “right to be forgotten”, you may ask us to delete personal data under certain conditions.
– Right to Restrict Processing: You may request that we restrict the processing of your personal data under specific circumstances.
– Right to Data Portability: You may request the transfer of your personal data to another controller in a structured, commonly used, and machine-readable format.
– Right to Object: You may object to processing based on legitimate interests or to receiving marketing communications.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement industry-standard technical and organizational measures to protect your personal data, including but not limited to:
– Encryption of data in transit and at rest
– Access controls with role-based permissions
– Secure servers and multi-layer firewalls
– Regular backups and disaster recovery planning
– Employee training in data privacy and information security protocols
7. International Transfers
When processing your data involves transfer outside of the United Kingdom, the European Economic Area (EEA), or the United States, we ensure that appropriate safeguards are in place. These include standard contractual clauses approved by the European Commission, or operating under frameworks recognized as ensuring adequate protection. We take care that such transfers comply fully with regional privacy obligations.
8. Data Retention
We retain personal data only for as long as is necessary for the purposes described in this policy:
– Usage Data: Retained for 12 months to analyze trends and improve services
– Account Data: Retained while your account remains active and up to 6 years afterwards for record-keeping
– Profile Data: Retained for 3 years following your last website interaction
– Communication Data: Retained for 24 months after the conclusion of the relevant inquiry
– Technical Data: Retained for a maximum of 18 months for diagnostics and troubleshooting
– Transaction Data: Retained for 6 years to comply with tax and contractual obligations
– Preference Data: Retained for as long as user marketing preferences remain in place, or until withdrawn
9. Cookie Policy
Our website employs cookies and similar tracking technologies to optimize user experience. These include:
– Essential Cookies: Required for site navigation, security, and accessibility
– Functional Cookies: Enhance site functionality and user preferences (e.g., remembering your language or login preferences)
– Analytics Cookies: Gather anonymized data to understand user behavior and measure website performance
– Performance Cookies: Monitor server load and performance for reliability
Details about individual cookies used on tennentsofscotland.com can be found in our separate Cookie Disclosure Notice.
10. Cookie Management and Compliance
By accessing tennentsofscotland.com, you are presented with a cookie consent banner that enables you to select which cookie categories you accept. You may modify your cookie preferences at any time via our Cookie Preferences Center. Our cookie management framework complies with GDPR and CCPA requirements by ensuring explicit opt-in/opt-out mechanisms, granular control over categories, and transparency regarding cookie usage.
11. Children’s Privacy
Our services are not intended for children under the age of 13. We do not knowingly collect personal data from individuals under this age. If we become aware that we have inadvertently gathered information from a child without appropriate parental or guardian consent, we will take immediate steps to delete such information.
12. Policy Updates and Notifications
This Privacy Policy may be updated from time to time to reflect changes in laws, technology, or our business practices. Where required, we will notify users of material changes via our website interface or through direct electronic communication.
Continued use of tennentsofscotland.com following the update constitutes your agreement to the revised terms. We encourage you to review this policy periodically.
13. Contact Us
If you have any questions, requests, or concerns related to this Privacy Policy or our approach to data protection more generally, please contact us:
Email: [email protected]
Website: https://tennentsofscotland.com
—
We are committed to full compliance with applicable privacy laws and encourage all users to contact us with any privacy-related inquiries. Your trust is important to us, and we strive to protect your rights with transparency and diligence.