Privacy Policy
1. Introduction
At christopher-lucas.com, we are committed to protecting and respecting your privacy. This Privacy Policy outlines our principles regarding the collection, processing, and protection of personal data when you interact with our website, services, content, and communications. We recognize the importance of privacy and data protection as fundamental rights and adhere to strict legal and ethical standards to ensure your data remains secure, confidential, and used only in accordance with applicable laws including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope and Data Controller
This Privacy Policy applies to personal data collected via christopher-lucas.com (the “Site”) and related communications. The data controller responsible for your personal information is Christopher Lucas, the owner and operator of the Site. For any inquiries related to this policy or the handling of your personal information, you may contact us at [email protected].
This Policy governs data collection when you access our site, subscribe to newsletters, make inquiries, create an account, or participate in any other related services.
3. Categories of Personal Data We Process
We may collect, use, store, and process the following categories of personal information:
a. Usage Data
Includes information such as your IP address, browser type, referring URLs, access times, pages viewed, session durations, and clickstream data as you interact with our Site.
b. Account Data
Consists of identifying information such as your full name, email address, mailing address, and telephone number that you provide when creating, updating, or managing your account.
c. Profile Data
Includes your preferences, service or product interests, purchase history, behavioral patterns, and any responses to surveys or feedback forms.
d. Communication Data
Encompasses records of correspondence via email, contact forms, and customer support interactions, including subject matter, timestamps, and related documentation.
e. Technical Data
Details about the devices and systems used to access our Site, such as device type, operating system, language settings, hardware configurations, and browser configurations.
f. Transaction Data
Covers details related to any purchases, including billing information, payment confirmations, order states, delivery logistics, and payment method identifiers (note: payment processing is handled securely through third-party providers).
g. Preference Data
Includes your settings for email and marketing preferences, content subscriptions, advertising choices, and opt-in/opt-out selections for receiving promotional material.
4. Legal Bases for Data Processing
We only collect and process your personal data where we have a lawful basis to do so under applicable law. These include:
– Contractual Necessity: To perform our obligations under a contract (e.g., account registration, order fulfillment).
– Consent: Where you have explicitly provided us with consent to process your information for specific purposes (e.g., email marketing).
– Legitimate Interest: When processing is necessary for our legitimate business interests (e.g., improving site performance, preventing fraud) and such interests are not overridden by your privacy rights.
– Legal Obligation: To comply with legal or regulatory obligations to which we are subject.
5. Your Data Subject Rights
Under applicable data protection laws, you have several rights regarding your personal data, subject to certain conditions:
– Right of Access: You may request a copy of the personal data we hold about you.
– Right to Rectification: You are entitled to request correction of inaccurate or incomplete information.
– Right to Erasure (“Right to be Forgotten”): You may request the deletion of your personal data where legally permissible.
– Right to Restrict Processing: You may request the limitation of how we process your personal data in specific circumstances.
– Right to Data Portability: You can request a structured and machine-readable copy of your data or that we transmit it to a third party.
– Right to Object: You may object to processing that is based on our legitimate interests, including profiling and direct marketing.
To exercise any of the above rights, please contact us at [email protected]. We will respond to all valid requests in accordance with applicable data protection laws.
6. Security Measures
We implement comprehensive physical, administrative, and technical safeguards to protect your personal data from unauthorized access, use, or disclosure. These measures include:
– End-to-end encryption in data transmission and storage.
– Role-based access control to restrict access to only authorized personnel.
– Regular automated and manual backups.
– Staff training on data privacy and security protocols.
Despite these efforts, no internet-based platform can be guaranteed fully secure. You are encouraged to take personal steps to protect your data by using strong passwords and securing access to your devices.
7. International Data Transfers
If your personal data is transferred outside the European Economic Area (EEA) or other jurisdictions with comprehensive data protection laws, we ensure adequate levels of protection are in place. This may include entering into Standard Contractual Clauses approved by the European Commission or other lawful mechanisms such as adequacy decisions or Binding Corporate Rules. We also comply with CCPA cross-border data transfer requirements where applicable.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, regulatory, tax, accounting, and reporting obligations. Timeframes include but are not limited to:
– Usage Data: up to 12 months
– Account and Profile Data: for the duration of the account and an additional 12 months after closure
– Communication and Support Data: retained for up to 3 years
– Transaction Data: retained for 6 years for audit and accounting
– Marketing and Preference Data: until you opt out or withdraw consent
Data is securely deleted or anonymized after the applicable retention period.
9. Cookies Policy
Our website uses cookies and similar technologies to enhance your browsing experience, analyze traffic, and provide personalized content. Types of cookies we use include:
– Essential Cookies: Necessary for the operation and basic functionality of the Site.
– Functional Cookies: Remember your preferences and enhance features.
– Performance Cookies: Collect anonymous data on how users navigate and interact with the Site.
– Analytics Cookies: Provided by third-party partners (e.g., Google Analytics) to understand user behavior.
10. Cookie Management and User Controls
Upon your first visit to christopher-lucas.com, we display a cookie banner requesting your consent for non-essential cookies. You may withdraw consent or update your preferences at any time through our Cookie Settings tool. Under GDPR and CCPA, you are entitled to:
– Be informed prior to cookie placement (e.g., via banners)
– Provide or withdraw consent at will
– Opt-out of “sale” of personal data as defined under CCPA
– Access mechanisms to identify and remove stored identifiers
For more details, refer to our dedicated Cookie Policy available via the website.
11. Children’s Privacy
We do not knowingly collect, use, or disclose personal information from children under the age of 13. If we learn that we have inadvertently collected such data, we will take timely steps to delete it. If you are a parent or guardian and believe your child’s information has been provided in error, please contact us immediately at [email protected].
12. Updates to This Policy
This Privacy Policy may be revised periodically to reflect changes in our practices, legal obligations, or service offerings. We encourage you to review the policy regularly. Material changes will be communicated via appropriate channels, such as prominent notices on the Site or direct email communication when legally required.
13. Contact Information
For any questions, requests, or concerns regarding our privacy practices or this policy, please reach out to:
Christopher Lucas
Email: [email protected]
Website: https://www.christopher-lucas.com
We are committed to full compliance with applicable data privacy laws and are happy to assist you in exercising your rights or addressing any privacy-related concerns.