Privacy Policy
1. Introduction
At Cleveland Echo (“we”, “our”, or “us”), accessible via clevelandecho.com, we are fully committed to maintaining the trust and confidence of our users, visitors, and customers. The privacy and security of your personal data are of the utmost importance to us. This Privacy Policy outlines how we collect, use, store, and protect your data in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope of This Policy and Role of the Data Controller
This Privacy Policy applies to all personal data processed by Cleveland Echo through its website, clevelandecho.com, as well as related services such as customer support and online transactions. For the purposes of the GDPR, Cleveland Echo is the data controller responsible for determining the purposes and means of processing your personal data. For California residents, this policy also outlines your rights under the CCPA.
3. Categories of Data Processed
We may collect and process the following categories of personal data:
a) Usage Data
Information about how you use clevelandecho.com, including browser type, IP address, pages visited, session duration, and other diagnostic data.
b) Account Data
Personal information provided during account creation or order placement, including your full name, email address, mailing and shipping addresses, and phone number.
c) Profile Data
Information such as user preferences, purchase history, feedback, and behavioral information based on your interactions with our website.
d) Communication Data
Records and contents of support requests, customer service communications, and other contact history submitted through our email or contact forms.
e) Technical Data
Details about your device including operating system, browser settings, screen resolution, language information, and device identifiers.
f) Transaction Data
Details of purchases and payments made, including billing address, payment methods, delivery information, and transaction history.
g) Preference Data
Marketing consents and opt-in/opt-out status, product preferences, and interest indicators based on prior interactions and declared preferences.
4. Legal Bases for Processing
We only process personal data where we have a valid legal basis as defined under applicable law:
– Consent: When you have given explicit consent to the processing of your data, such as when subscribing to our newsletter.
– Contractual Necessity: When processing is necessary to deliver a product or service you have requested or purchased.
– Legal Obligation: When we are legally required to retain or disclose certain data.
– Legitimate Interest: Where processing is necessary for our legitimate business interests including website security, fraud prevention, marketing, and improving our services — provided those interests are not overridden by your rights and freedoms.
5. Your Rights
You are entitled to exercise the following rights regarding your personal data:
– Right of Access: You may request access to your personal data and receive a copy.
– Right to Rectification: You may request a correction of inaccurate or incomplete data.
– Right to Erasure: You may request deletion of your personal data, subject to any legal retention obligations.
– Right to Restriction: You may request that we limit how we use your data in certain circumstances.
– Right to Data Portability: You may request your personal data in a structured, commonly used machine-readable format.
– Right to Object: You may object to processing based on legitimate interests or direct marketing.
To exercise any of your rights, please email us at [email protected]. We will respond to all requests in accordance with applicable laws.
6. Security Measures
We implement appropriate technical and organizational measures to safeguard your personal data. These include, but are not limited to:
– Encryption of data in transit and at rest.
– Access control policies to restrict access to authorized personnel only.
– Routine backups and disaster recovery protocols.
– Staff training on data protection and security best practices.
7. International Transfers
Your personal data may be transferred to, and maintained on, servers located outside your jurisdiction, including countries that may not have data protection laws equivalent to those in your country. In such cases, we ensure adequate protections are in place, including the use of Standard Contractual Clauses approved by the European Commission, and compliance with regional data transfer requirements.
8. Data Retention
We retain your personal data only for as long as necessary for the purposes set out in this Privacy Policy. Data retention timelines include:
– Account Data: For as long as the account is active or as required to fulfill legal obligations.
– Transaction Data: Retained for up to seven years for accounting and compliance purposes.
– Communication Data: Retained for two years following the last interaction.
– Preference Data: Retained for as long as consent remains valid or until revoked.
9. Cookie Policy
We use cookies and similar technologies on clevelandecho.com to enhance your experience and analyze site traffic. Cookies fall into several categories:
– Essential Cookies: Necessary for core site functionality, including shopping cart and authentication features.
– Functional Cookies: Enable personalization such as language preferences or session persistence.
– Analytics Cookies: Help analyze user behavior to improve site functionality.
– Performance Cookies: Monitor site performance, load times, and responsiveness.
10. Cookie Management and Compliance
By accessing clevelandecho.com, you will be presented with a cookie consent banner in compliance with GDPR and CCPA. You have the right to manage your cookie preferences at any time through your browser settings or by accessing the cookie management tool provided on our website. California users may also opt-out of the sale of their personal information via “Do Not Sell My Personal Information” links when applicable.
11. Children’s Privacy
Cleveland Echo does not knowingly collect or solicit personal data from individuals under the age of 13. If you are a parent or guardian and believe that a child under 13 has provided us with personal data, please contact us at [email protected]. We will take prompt steps to delete such information from our systems.
12. Policy Updates
We reserve the right to update this Privacy Policy to reflect changes in legal, regulatory, or operational requirements. Where appropriate, we will notify users of material changes via the website or direct communication channels.
13. Contact Information
If you have any questions or concerns regarding this Privacy Policy or our data practices, please contact us at:
Email: [email protected]
—
We are committed to full compliance with global data protection regulations and strive to uphold the rights and freedoms of all users. For any privacy-related inquiries, do not hesitate to reach out to us.