Privacy Policy
1. Introduction
Your privacy is of paramount importance to us. At the Sir Stanley Matthews Foundation (“we,” “our,” or “us”), we are deeply committed to safeguarding your personal data in accordance with applicable data protection legislation, including the European Union General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we collect, use, store, disclose, and safeguard your personal data when you visit sirstanleymatthewsfoundation.com (“our website”). Our objective is to manage your information responsibly, transparently, and with the utmost respect for your privacy.
2. Scope of This Policy and Role of Data Controller
This Privacy Policy applies to all personal data processed through our website, including data collected via forms, communications, purchases, and other interactions. The Sir Stanley Matthews Foundation is the data controller responsible for determining the purposes and methods for processing your personal data under relevant data privacy laws. For any inquiries about our data processing practices, please contact us at [email protected].
3. Categories of Personal Data We Process
We process various categories of personal data depending on your interaction with our website:
a) Usage Data
Information automatically collected through your visit to our website, such as your IP address, browser type, operating system, referral source, pages viewed, time spent on pages, and clickstream data. This data helps us maintain security and improve user experience.
b) Account Data
Personal information you provide when creating an account, subscribing to our services, or otherwise engaging with our website. This includes your full name, email address, telephone number, mailing address, usernames, and passwords.
c) Profile Data
Data derived from your interactions and preferences, such as your interests, purchase history, engagement behavior, content downloads, and participation in events or programs.
d) Communication Data
Records of your correspondence with us, including inquiries, support requests, feedback, and contact history via email or web forms.
e) Technical Data
Details about the device you use to access our website (e.g., device type, operating system, language settings), browser configurations, and network provider information.
f) Transaction Data
Information related to purchases, donations, or service delivery, including payment method details (processed via third-party providers), billing addresses, transaction dates, and service fulfillment details.
g) Preference Data
Information regarding your marketing consents, areas of interest, newsletter sign-ups, and communication preferences.
4. Legal Bases for Processing Your Personal Data
We process personal data where a lawful basis exists, including the following:
– Consent: When you have explicitly agreed to the processing (e.g., subscribing to email updates).
– Contractual Necessity: When processing is required for the performance of a contract with you or to take steps at your request prior to entering into a contract.
– Legal Obligation: When processing is necessary for compliance with a legal requirement.
– Legitimate Interests: When processing is required for our legitimate business interests, provided these are not outweighed by your rights and freedoms (e.g., improving user experience, preventing fraud, operational analytics).
5. Your Data Protection Rights
Subject to applicable laws, including GDPR and CCPA, you may have the following rights regarding the personal data we hold about you:
– Right of Access: Obtain confirmation whether your data is being processed and access to it.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your personal data where legally permitted.
– Right to Restriction: Request the limitation of processing in certain circumstances.
– Right to Data Portability: Receive personal data in a structured, commonly used format and transfer it to another controller where applicable.
– Right to Object: Object to processing based on legitimate interests or direct marketing.
– Right to Withdraw Consent: Withdraw consent at any time, without affecting the lawfulness of prior processing.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We take the protection of your personal data seriously and implement appropriate technical and organizational security measures, including:
– Encryption of sensitive data during transmission and storage.
– Role-based access controls to systems hosting personal data.
– Regular data backups and secure storage solutions.
– Staff training on data protection principles and secure data handling.
– Continuous monitoring for potential vulnerabilities and incidents.
While we strive to maintain a secure environment, no method of transmission over the internet is entirely risk-free. Accordingly, we cannot guarantee absolute security.
7. International Data Transfers
Some of our data processors or service providers may be located outside of your country or the European Economic Area (EEA), including in jurisdictions that may not offer equivalent privacy protections. When such data transfers occur, we implement standard contractual clauses or ensure other appropriate safeguards to protect your data in accordance with applicable privacy laws.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required or permitted by law. Retention periods per data category include:
– Usage and Technical Data: Up to 12 months for analytics purposes.
– Account and Profile Data: Retained as long as your account is active or required for recordkeeping (typically 6 years for contractual records).
– Communication and Transaction Data: Retained for a period of 6 years for compliance with legal and financial obligations.
– Preference Data: Retained until consent is withdrawn or data becomes outdated.
9. Cookie Policy
Our website uses cookies and related technologies to enhance user experience and analyze website usage. These include:
– Essential Cookies: Necessary for the website to function properly (e.g., session management, secure login).
– Functional Cookies: Enable personalization and user preferences (e.g., language settings).
– Analytics Cookies: Help us understand how visitors interact with our website (e.g., Google Analytics).
– Performance Cookies: Collect data to improve performance and loading times.
10. Managing Cookies and Compliance
You may manage or withdraw your consent to cookie usage at any time by adjusting your browser settings or using the cookie management tool available on our website. We comply with GDPR by requesting express consent for non-essential cookies and provide opt-out mechanisms in accordance with CCPA, including the right to opt out of “sale” of personal data, if applicable.
For California residents, we do not sell your personal data and do not offer financial incentives for data sharing. If this changes, required disclosures and mechanisms will be provided as mandated under CCPA.
11. Children’s Privacy
We are committed to protecting the privacy of children. Our website is not intended for or directed toward children under the age of 13. We do not knowingly collect or process personal data from anyone under 13. If you believe that data from a child under 13 has been collected, please contact us immediately at [email protected] so that we may take appropriate steps.
12. Policy Updates and Notifications
We reserve the right to revise this Privacy Policy at any time in order to reflect changes in our practices, applicable laws, and technology. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data. Where required by law, we will notify you of material changes through an appropriate communication channel.
13. Contact Information
If you have any concerns, questions, or requests related to this Privacy Policy or the way we process your personal data, please contact:
Sir Stanley Matthews Foundation
Email: [email protected]
Website: sirstanleymatthewsfoundation.com
We are committed to full compliance with GDPR, CCPA, and other applicable data protection laws. If you have concerns about your privacy or how your personal data is used, please reach out – we are here to help.