Privacy Policy
HowdenCastle.com (“we,” “us,” or “our”) is committed to safeguarding the privacy and personal data of all our website users, customers, and visitors. This Privacy Policy outlines how we collect, use, disclose, and protect your information when you interact with our website, https://howdencastle.com, in accordance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data privacy laws. We take a privacy-first approach in all our practices and are dedicated to ensuring the confidentiality and integrity of your personal information.
1. Scope of Policy and Our Role as Data Controller
This Privacy Policy applies to personal data collected through our website, howdencastle.com, and any related online services where this policy is posted. For the purposes of data protection laws, we are the Data Controller responsible for determining the purposes and means by which your personal data is processed.
If you have any questions or concerns, you may contact us at: [email protected].
2. Categories of Personal Data We Process
We may collect and process the following categories of personal data:
a. Usage Data
Includes information such as your IP address, browser type and version, referring URL, access times, visited pages, time spent on each page, and interaction with links and features.
b. Account Data
Includes personally identifiable details provided by you when registering or using an account, such as your name, postal address, email address, and telephone number.
c. Profile Data
Includes data you provide or generate to personalize your experience, such as purchase history, behavioral preferences, saved items, and navigation history.
d. Communication Data
Includes information contained in support queries, service requests, emails, live chats, and other correspondence, including timestamps and communication records.
e. Technical Data
Includes information from the device(s) you use to access our services, such as device identifiers, operating systems, configurations, language preferences, and browser settings.
f. Transaction Data
Includes details of purchases or transactions carried out on howdencastle.com, including billing address, items ordered, payment methods, delivery address, and transaction confirmations.
g. Preference Data
Includes your marketing preferences, newsletter opt-ins, product interest tags, event RSVPs, survey responses, and other stated interests.
3. Legal Bases for Processing Personal Data
We rely on the following lawful bases to collect and process your personal data:
– Contractual Necessity: When processing is necessary to fulfill our contractual obligations with you, such as providing services or delivering orders.
– Legal Obligation: Where applicable laws or regulations require the processing of data.
– Legitimate Interests: Where processing is necessary for our legitimate business interests, and these are not overridden by your data protection rights.
– Consent: Where we rely on your explicit consent for specific processing activities, such as sending marketing communications.
Where consent is required, it may be withdrawn at any time without affecting prior lawful processing.
4. Your Data Protection Rights
Subject to applicable legislation, you have the following rights in relation to your personal data:
– Right of Access: You may request access to your personal data held by us.
– Right to Rectification: You may request correction of inaccurate or incomplete data.
– Right to Erasure: You may request deletion of your personal data, subject to legal limitations.
– Right to Restrict Processing: You may request that we limit processing of your data under certain circumstances.
– Right to Data Portability: You may request to receive your data in a structured, commonly used, and machine-readable format, and to have it transferred to another controller.
– Right to Object: You may object to processing conducted on the basis of legitimate interests or for direct marketing.
– Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time.
To exercise any of the above rights, please contact us at [email protected]. We will respond in accordance with applicable laws.
5. Security Measures
We implement appropriate technical and organizational security measures to ensure the confidentiality, integrity, and availability of your personal data. These measures include:
– Encryption of data in transit and at rest
– Role-based access control (RBAC) and secure authentication
– Routine internal audits and security monitoring
– Regular data backups with secure storage
– Staff training and strict confidentiality obligations
While we endeavor to protect your data, no system can ever be 100% secure. We encourage users to use strong passwords and remain vigilant with their own devices and information.
6. International Data Transfers
Your personal data may be transferred and processed outside of your jurisdiction, including to countries that may not afford the same data protection standards as your home country.
Where such transfers occur, we ensure adequate safeguards are in place, such as:
– Standard Contractual Clauses (SCCs) approved by applicable regulators
– Binding Corporate Rules
– Certification mechanisms or other legally approved safeguards
We comply with all relevant cross-border data transfer regulations to ensure your personal information is handled securely and lawfully.
7. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including complying with legal, accounting, or regulatory reporting obligations.
– Usage and Technical Data: 12 months from collection
– Account and Profile Data: Duration of the user’s account plus 18 months post-deactivation
– Communication Data: 24 months from last interaction
– Transaction Data: 7 years for tax and audit purposes
– Marketing/Preference Data: Until withdrawn or after 24 months of inactivity
Data may be pseudonymized or anonymized when no longer required for business purposes.
8. Cookie Policy
Cookies and similar technologies (e.g., web beacons, local storage) are used on howdencastle.com to:
– Ensure core website functionality (Essential Cookies)
– Remember user settings and preferences (Functional Cookies)
– Collect anonymized analytics and usage patterns (Analytical Cookies)
– Monitor website performance and optimize load times (Performance Cookies)
We use both first-party and third-party cookies to understand user behavior, improve user experience, and tailor content and offers.
9. Cookie Management and Compliance
When you first visit howdencastle.com, you will be asked to consent to the use of cookies via a compliant cookie banner. You have the option to accept, reject, or manage individual cookie preferences.
You may also manage or delete cookies through your browser settings. Declining certain cookies may affect your ability to access certain features of the site.
Under GDPR and CCPA, we ensure consent mechanisms and opt-out procedures are fully compliant and auditable.
10. Protection for Children Under 13
Our website and services are not directed toward individuals under the age of 13. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected personal information from a child, we will delete such data from our systems.
Parents or guardians who believe we may have collected information from a child can contact us at [email protected] to request its removal.
11. Policy Updates and Notifications
We reserve the right to modify this Privacy Policy at any time to reflect legal updates or changes in our practices. In the event of any material changes, we will notify you through prominent website notices or direct communication, where appropriate. Continued use of howdencastle.com constitutes agreement to the revised policy.
We encourage users to periodically review this Privacy Policy to stay informed.
12. Contact Us
If you have any questions, concerns, or complaints related to this Privacy Policy, your data, or your rights under applicable laws, please contact us at:
Email: [email protected]
Website: https://howdencastle.com
We are committed to maintaining the confidentiality of your data and addressing any privacy inquiries thoroughly and promptly.
—
We operate in full compliance with GDPR, CCPA, and other applicable privacy regulations. For any data-related concerns, please reach out to us at [email protected].