Privacy Policy
At Sesiwn Fawr (“we”, “our”, “us”), accessible via sesiwnfawr.com, we are committed to safeguarding your privacy and ensuring the protection of your personal data. This Privacy Policy outlines how we collect, use, disclose, and protect your information when you engage with our website, services, or contact us. We are dedicated to complying with applicable privacy regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
Please read this policy carefully to understand your rights and our obligations.
1. Commitment to Privacy and Data Protection
We respect your right to privacy and take our data protection responsibilities seriously. We adhere to the principles of lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, and accountability in processing your personal data.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users and visitors of sesiwnfawr.com and any personal data collected through our services, communications, and interactions. Sesiwn Fawr is the data controller for the purposes of the GDPR and is responsible for your personal information under this Policy.
If you have any questions regarding your data or this policy, please contact us at [email protected].
3. Categories of Personal Data We Process
We may collect and process the following categories of personal data through your use of sesiwnfawr.com:
a) Usage Data
Includes information about how you use our website, such as IP address, browser type, operating system, device identifiers, session timestamps, and activity log data.
b) Account Data
Includes identifying and contact information you provide when registering an account, such as your full name, address, email address, phone number, and login credentials.
c) Profile Data
Includes your preferences, interests, purchase history, event participation, user behavior, and account configurations.
d) Communication Data
Includes records of your communications with us, including support inquiries, email correspondence, and feedback submissions.
e) Technical Data
Includes system configurations, device model, internet service provider, connection information, screen resolution, and performance diagnostics.
f) Transaction Data
Includes payment details (via secure third-party processors), billing and shipping addresses, order details, and delivery confirmations.
g) Preference Data
Includes your express marketing preferences, notification settings, newsletter subscriptions, and product or event interests.
4. Lawful Bases for Processing Your Data
We process your personal data based on the following lawful grounds in accordance with Article 6 of the GDPR:
– Consent: where you have provided clear, informed, and voluntary consent (e.g., marketing communications).
– Contractual Necessity: where processing is required to perform or enter into a contract with you (e.g., account setup, ticket purchases).
– Legitimate Interests: where we pursue legitimate business interests, balanced against your rights and freedoms (e.g., website analytics, fraud prevention).
– Legal Obligation: where processing is necessary for compliance with a legal or regulatory obligation (e.g., tax law, accounting standards).
We process personal information of California residents in accordance with the CCPA and ensure all required rights and disclosures are provided accordingly.
5. Your Rights
Under applicable data protection laws, you have the following rights:
– Right of Access – to obtain confirmation about how we use your data and request a copy.
– Right to Rectification – to correct inaccuracies or incomplete information.
– Right to Erasure (Right to Be Forgotten) – to request deletion of your personal data under certain conditions.
– Right to Restrict Processing – to limit the processing of your personal data.
– Right to Data Portability – to receive your data in a structured, machine-readable format or transmit it to another provider.
To exercise any of the above rights, please contact us at [email protected]. We may require verification of your identity.
6. Security Measures
We employ robust technical and organizational measures to secure your personal data, including:
– SSL encryption for website data transmission
– Access control and user authentication
– Secure server infrastructure and regular backups
– Employee training programs in data protection and cybersecurity
While no online platform is entirely immune to risk, we are fully committed to minimizing threats to your information.
7. International Transfers
If your data is transferred outside the European Economic Area (EEA) or to jurisdictions lacking equivalent data protection laws, we ensure appropriate safeguards are in place. These may include:
– Implementation of Standard Contractual Clauses (SCCs)
– Binding Corporate Rules (BCRs)
– Additional protective technical and contractual measures
By interacting with sesiwnfawr.com, you acknowledge that your data may be transferred and processed across borders as necessary.
8. Data Retention
We only retain your personal data for as long as necessary to fulfill the purposes outlined in this Policy:
– Usage Data: up to 12 months from collection
– Account and Profile Data: for the duration of your user relationship, and 6 years thereafter
– Communication Data: for 3 years from the date of last contact
– Transaction Data: for 7 years in accordance with financial and legal obligations
– Preference Data: until you update your settings or withdraw consent
Upon expiry of the applicable retention period, your data will be securely deleted or anonymized.
9. Cookie Policy
Sesiwnfawr.com uses cookies and similar technologies to enhance user experience and support web analytics. Our cookies fall into the following categories:
– Essential Cookies: Necessary for website functionality—cannot be disabled.
– Functional Cookies: Enhance user experience, such as remembering preferences.
– Analytical Cookies: Help us understand website usage and improve performance.
– Performance Cookies: Track technical issues and load times.
We do not use cookies to collect sensitive personal information without your consent.
10. Cookie Management and GDPR/CCPA Compliance
You can manage your cookie preferences at any time through our cookie banner or browser settings. Where required by law, we request your explicit consent before placing certain cookies.
Under the CCPA, California residents may opt out of the sale or sharing of personal information. While we do not sell personal data, we honor requests and privacy preferences in full compliance with both GDPR and CCPA standards.
11. Children’s Privacy
Our website and services are not intended for individuals under the age of 13. We do not knowingly collect personal data from children. If we learn that we have inadvertently obtained information from a child under 13, we will promptly delete it. If you believe a child has submitted data, please contact us at [email protected].
12. Policy Updates
We reserve the right to amend or update this Privacy Policy without prior notice. Any updates will be reflected on this page. Where material changes are made, we will take reasonable steps to notify you via our website or other appropriate means.
13. Contacting Us
If you have any questions, concerns, or requests related to this Privacy Policy or our processing of your data, please contact us at:
Email: [email protected]
Website: sesiwnfawr.com
We are committed to addressing all privacy inquiries in a timely and transparent manner.
Compliance Commitment
Sesiwn Fawr is committed to protecting your privacy and adhering to all applicable data protection laws and best practices. For any privacy-related questions or concerns, feel free to reach out to us via [email protected].