Privacy Policy

1. Introduction

At matt-barlow.com (“Website”), we are deeply committed to protecting your personal information and respecting your privacy rights. This Privacy Policy outlines how we collect, process, use, retain, disclose, and protect your personal data throughout your interaction with the Website. We adhere strictly to the principles of data minimization, purpose limitation, transparency, integrity, and confidentiality in handling all information entrusted to us. Our practices comply with applicable data protection laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).

2. Scope of Policy and Data Controller Role

This Privacy Policy applies to all visitors, users, and others who access matt-barlow.com. For the purposes of the GDPR, matt-barlow.com is the data controller, responsible for determining the purposes and means of processing your personal data. If you have any questions concerning this policy, you may contact us at: [email protected].

3. Categories of Data Processed

We collect and process various categories of personal data, which may include, but are not limited to, the following:

a. Usage Data
Collected automatically through your interaction with the Website, including your IP address, browser type, language settings, pages viewed, time and date of your visit, and session identifiers.

b. Account Data
Provided directly by you when creating an account or making inquiries, including your full name, mailing address, email address, and telephone number.

c. Profile Data
Comprised of information related to your user preferences, purchase history, user behavior on the Website, account settings, and feedback or survey responses.

d. Communication Data
Includes records of your communication with us, such as emails, customer support inquiries, feedback forms, and chat messages, including content and timestamps.

e. Technical Data
Derived from your device and software configuration, including operating system, browser plug-in types and versions, mobile device identifiers, and network characteristics.

f. Transaction Data
Includes details about products or services you have purchased through the Website, billing addresses, payment method, order confirmation, delivery status, and refund history. Please note, all direct payment data such as credit card numbers may be handled via trusted third-party payment processors and not stored on our servers.

g. Preference Data
Captures your choices about receiving marketing communications, newsletter subscription preferences, and your interests in specific offerings displayed on matt-barlow.com.

4. Legal Bases for Processing

We process your personal data under the following lawful bases as recognized under GDPR and CCPA:

– Consent: where you have explicitly provided your consent (e.g., for marketing emails or cookies).
– Contract: where processing is necessary for the performance of a contract (e.g., completing a purchase).
– Legitimate Interests: in promoting and securing our services, fraud prevention, or improving Website functionality, provided such interests are not overridden by your rights and freedoms.
– Legal Obligation: where compliance with a legal or statutory obligation requires processing.
– Public Interest: in the context of requests from lawful authorities or regulatory bodies.

5. Your Rights

Under applicable data protection laws, you may exercise the following rights:

– Right of Access: Obtain confirmation about whether your data is being processed and, if so, access a copy.
– Right to Rectification: Request corrections to inaccurate or incomplete personal data.
– Right to Erasure: Request deletion of your personal data where legally permissible.
– Right to Restriction: Request limitation of processing under specific circumstances.
– Right to Data Portability: Receive your data in a structured, commonly used, and machine-readable format and have it transferred to another controller upon request.
– Right to Object: Object to processing based on legitimate interest or direct marketing purposes.
– Right to Withdraw Consent: Where processing is based on consent, you may withdraw at any time without affecting the legality of prior processing.

To exercise any of your rights, please contact us at [email protected]. We will address your request in accordance with applicable laws and within statutory timeframes.

6. Security Measures

Protecting your data is of paramount importance to us. We implement a range of organizational and technical safeguards including:

– Secure encryption protocols for data transmission and storage.
– Role-based access controls and authentication standards.
– Routine data backups and disaster recovery protocols.
– Ongoing employee training on data protection and privacy obligations.
– Monitoring systems to detect unauthorized access, data breaches, or anomalies.

7. International Transfers

Your data may be transferred and processed in countries outside of your jurisdiction, including those that may not offer the same level of data protection. In such cases, we ensure appropriate safeguards are in place, including EU-approved Standard Contractual Clauses or equivalent frameworks, to maintain compliant and secure data transfers in accordance with GDPR and CCPA.

8. Data Retention

We retain your personal data only as long as necessary to fulfill the purpose it was collected for, including legal, accounting, or reporting requirements. Retention periods vary depending on the category of data, as outlined below:

– Usage and Technical Data: Up to 26 months
– Account and Profile Data: Retained while the account is active and for up to 36 months after inactivity
– Communication Data: Up to 36 months
– Transaction Data: Kept for 7 years for legal and audit compliance
– Preference Data: Until consent is withdrawn or data is updated

Upon expiry of retention periods, data is securely deleted or anonymized.

9. Cookie Policy

matt-barlow.com uses cookies and similar technologies to improve user experience, provide personalized content, and analyze traffic patterns. We may use:

– Essential Cookies: Necessary for core functionality such as authentication and security.
– Functional Cookies: Enhance website features and user preferences.
– Analytics Cookies: Help us understand user engagement and improve our performance.
– Performance Cookies: Track load times, error reporting, and UI responsiveness.

10. Cookie Management & Compliance

We provide users with the ability to manage cookie preferences upon first visit and at any time through a cookie consent banner. For EU users, we honor opt-in practices as required under GDPR. For California residents, we support opt-out functionality in compliance with CCPA “Do Not Sell or Share My Personal Information” provisions. You may also control cookies through your browser settings.

11. Children’s Data

matt-barlow.com does not knowingly collect or solicit personal information from children under the age of 13. If we become aware that such information has been unintentionally collected, we will promptly delete it and terminate any associated accounts. Parents or guardians who believe their child may have submitted data may contact us at [email protected].

12. Updates to This Policy

We may revise this Privacy Policy from time to time in response to changes in legal, technical, or business developments. When updates occur, we will post the revised version on the Website. Where appropriate, we may also notify users by email or through a prominent notice on the homepage. Continued use of matt-barlow.com constitutes acceptance of any changes.

13. Contact Information

If you have any questions, concerns, or complaints regarding this Privacy Policy or our data protection practices, please contact us at:

Email: [email protected]

We are committed to maintaining transparency and upholding robust privacy standards in line with the GDPR, the CCPA, and other applicable regulations. We encourage all users to review this Privacy Policy periodically and to contact us should any privacy-related concerns arise.