Privacy Policy
1. Introduction
At oasisgowerton.com (“we”, “our”, “us”), your privacy is of paramount importance. We are committed to safeguarding the personal data of all users who visit and interact with our website and services. This Privacy Policy outlines how we collect, use, and protect your personal information in accordance with applicable data protection legislation, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We uphold a privacy-first approach, ensuring transparency, accountability, and control over your personal data.
2. Scope of This Policy and Role of Data Controller
This Privacy Policy applies to all data collected through your interaction with our website, oasisgowerton.com, including when you browse, make purchases, submit forms, or communicate with us. For the purposes of applicable data protection laws, we are the “Data Controller” of your personal information, responsible for determining the purposes and means of its processing.
3. Categories of Data Processed
We collect various categories of personal information depending on how you interact with our website:
a. Usage Data
Includes data automatically collected about your browser type, IP address, pages visited, time spent on our site, referral pages, clickstream data, and similar information related to your visit and usage patterns.
b. Account Data
Includes identifiers such as your name, email address, telephone number, postal address, and login credentials if you create an account with us.
c. Profile Data
Includes information about your preferences, interests, purchase history, and behavioral data related to how you use our services and site.
d. Communication Data
Includes correspondence between you and us, such as emails, support tickets, chat transcripts, and contact history submitted via forms or direct email.
e. Technical Data
Includes data relating to the device you use to access our site, such as operating system, hardware model, unique device identifiers, browser configuration, and system platform settings.
f. Transaction Data
Includes data required to complete financial transactions such as billing address, payment method (processed securely by third-party services), confirmation numbers, and delivery information.
g. Preference Data
Includes data on your consents to receive marketing communications, notification settings, language preferences, and product or service interests.
4. Legal Bases for Processing
We process your personal data on the following legal grounds, as applicable under the GDPR:
– Consent: When you have given clear, affirmative consent for us to process your data for specific purposes (e.g., to receive marketing communications).
– Contractual Necessity: When data processing is necessary to perform our contractual obligations with you (e.g., customer account management, order fulfillment).
– Legal Obligation: Where processing is necessary to comply with legal requirements or regulatory obligations.
– Legitimate Interests: Where we have a legitimate business interest that is not overridden by your data protection rights (e.g., fraud prevention, service improvement, website analytics).
Under CCPA, consumers have the right to know about the personal data collected and whether it is sold or shared. We do not sell your data.
5. Your Data Protection Rights
Depending on your jurisdiction, particularly within the EU and California, you may exercise the following rights regarding your personal data:
– Right of Access: Request confirmation of whether we process your data and obtain a copy.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of personal data under certain conditions.
– Right to Restrict Processing: Request limitations on how your data is processed.
– Right to Data Portability: Request your data in a structured, machine-readable format.
– Right to Object: Object to processing based on legitimate interests or for direct marketing purposes.
– Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time.
To exercise your rights, please contact us at [email protected].
6. Security Measures
We implement robust technical and organizational security measures to protect your data against unauthorized access, loss, misuse, disclosure, or alteration. These measures include, but are not limited to:
– Data encryption in transit and at rest
– Secure access controls and authentication
– Regular system monitoring, logging, and auditing
– Regular staff training in data protection and privacy best practices
– Ongoing system updates and security patching
– Secure data backup and recovery protocols
7. International Data Transfers
If your personal data is transferred outside of the European Economic Area (EEA), including to third-party service providers in the United States, we ensure appropriate safeguards are in place, including the use of Standard Contractual Clauses approved by the European Commission or other compliant transfer mechanisms under GDPR, ensuring that your rights and protections remain intact.
8. Data Retention
We retain personal data only for as long as is necessary for the purposes for which it was collected:
– Usage Data: retained for up to 12 months for analytics.
– Account & Profile Data: retained for as long as the account remains active and for 6 years thereafter to support compliance and legal obligations.
– Transaction Data: retained for 7 years for financial auditing and tax compliance.
– Communication Data: retained for up to 3 years after last contact.
– Preference Data: retained until updated or revoked by the user.
After these periods, personal data is securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar tracking technologies to optimize user experience and analyze site performance:
a. Essential Cookies
These enable core site functionality like security, account login, and transactional functions. They are strictly necessary for the website to operate.
b. Functional Cookies
Used to remember your preferences and enhance personalization.
c. Analytics Cookies
Third-party cookies (e.g., Google Analytics) help us understand how users interact with oasisgowerton.com and allow us to improve performance and content.
d. Performance Cookies
Used to monitor performance metrics, loading times, and user interaction for quality assurance purposes.
10. Cookie Management and Compliance
When you visit oasisgowerton.com, a cookie banner or consent management platform will provide the option to accept, reject, or customize cookie settings. You can adjust or revoke your consent at any time via the cookie settings tool available on our website.
In accordance with GDPR, consent is obtained prior to storing non-essential cookies on your device. Similarly, under the CCPA, you may opt out of the use of cookies considered to involve the “sale” or “sharing” of data.
11. Children’s Privacy
Our website and services are not directed to, or intended for, children under the age of 13. We do not knowingly collect personal information from individuals in this age group. If we become aware of such a data collection, we will immediately delete the information and take appropriate action. If you believe a child under 13 has provided us with personal data, please contact us at [email protected].
12. Policy Updates
We reserve the right to modify this Privacy Policy at any time to ensure continued compliance with legal obligations and privacy best practices. Substantive changes to this policy will be notified to users through prominent notices on oasisgowerton.com or through direct communication where appropriate. We encourage you to periodically review this page for the latest version.
13. Contact Information
If you have questions about this Privacy Policy, your personal data, or wish to exercise your data subject rights, please contact our data privacy team at:
Email: [email protected]
Website: https://oasisgowerton.com
We are committed to upholding your privacy rights and compliance with GDPR, CCPA, and all applicable data protection laws. Please do not hesitate to reach out with any privacy-related concerns or requests.