Privacy Policy
1. Introduction
At Brocato Photo (“we,” “us,” or “our”), accessible via brocatophoto.com (“Website”), we are committed to respecting your privacy and protecting your personal data. Our approach to data protection is guided by transparency, security, and the lawful use of information. This Privacy Policy outlines how we collect, use, store, and share personal data in a manner that upholds your rights under applicable laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to personal data collected through brocatophoto.com and related communications or services. For the purpose of the GDPR and similar data protection laws, the data controller responsible for your personal data is:
Brocato Photo
Email: [email protected]
As the data controller, we determine the means and purposes of processing your data.
3. Categories of Data Processed
We collect and process the following categories of personal data, depending on your interaction with our Website and services:
– Usage Data: Includes information such as your IP address, browser type and version, operating system, referral URLs, pages viewed, and duration of visits. This data is collected automatically through cookies and server logs to monitor site usage and improve our systems.
– Account Data: Includes your full name, address, email address, and telephone number. This information is collected when you create an account, subscribe to our services, or make purchases.
– Profile Data: Includes your purchase history, preferences, and behavioral patterns on brocatophoto.com. This enables us to customize your experience.
– Communication Data: Includes records of inquiries, support requests, email correspondence, and other communications submitted via our Website or by email.
– Technical Data: Includes information about your device, operating system, browser configuration, screen resolution, and platform to ensure an optimized browsing experience.
– Transaction Data: Includes payment information (such as billing details, payment method) and delivery data provided during checkout or invoicing. All sensitive payment data is processed securely through third-party payment gateways.
– Preference Data: Includes your marketing preferences, notification settings, and declared interests relating to products or services.
4. Legal Bases for Processing
We rely on the following legal bases to process your personal data:
– Consent: When you have provided affirmative consent (e.g. subscribing to newsletters or allowing cookies).
– Contractual Necessity: When processing is required for the performance of a contract to which you are a party, such as fulfilling a purchase order.
– Legitimate Interests: In pursuit of our legitimate business interests, such as enhancing services, communicating with users, or securing our systems, provided your rights do not override these interests.
– Legal Obligation: When processing is required to comply with a legal mandate, such as tax, financial, or regulatory obligations.
5. Your Rights
Under GDPR and CCPA, you have the following rights regarding your personal data:
– Right of Access: You may request a copy of your personal data we hold.
– Right to Rectification: You may request correction of any inaccurate or incomplete information.
– Right to Erasure: Also known as the “right to be forgotten.” You can request deletion of your data under certain conditions.
– Right to Restrict Processing: You may request temporary suspension of processing under certain circumstances.
– Right to Data Portability: You may request to receive your data in a structured, commonly used format and transfer it to another controller.
California residents are further entitled to opt out of the “sale” of personal data and request disclosure about categories and specific pieces of collected information.
To exercise any of these rights, contact us at [email protected]. We will respond in accordance with applicable data protection laws.
6. Security Measures
We implement appropriate technical and organizational safeguards to ensure the confidentiality, integrity, and availability of your personal data, including:
– HTTPS encryption on brocatophoto.com
– Secure password policies and authentication controls
– Access restrictions based on role and function
– Regular backup and disaster recovery protocols
– Employee training on cybersecurity and privacy best practices
Despite our efforts, no system can be guaranteed 100% secure, and we encourage you to use strong passwords and be vigilant when sharing personal information.
7. International Transfers
Where personal data is transferred outside of the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, or adherence to the Privacy Shield framework (where applicable), to ensure an adequate level of data protection.
Users outside of the United States accessing brocatophoto.com acknowledge that their data may be processed in jurisdictions with different data protection laws, but we will always handle data in accordance with this Policy.
8. Data Retention
We retain personal data only for as long as necessary to fulfill its intended purpose, including compliance with legal, regulatory, accounting, and reporting requirements. Current retention periods include:
– Usage & Technical Data: up to 12 months
– Account & Communication Data: retained for duration of account and up to 3 years post-termination
– Transaction Data: retained for up to 7 years under financial recordkeeping obligations
– Marketing and Preference Data: retained until revocation of consent or 2 years of inactivity
– Support records: retained for up to 2 years after the last communication
9. Cookie Policy
We use cookies and similar trackers to enhance functionality and personalize your experience on brocatophoto.com. These may include:
– Essential Cookies: Required for core Website functionality (e.g., shopping cart, login).
– Functional Cookies: Enable personalization and site settings retention.
– Analytics Cookies: Allow us to understand user behavior and Website performance statistics.
– Performance Cookies: Help us test and improve site speed and content delivery.
10. Cookie Management and Compliance
You may manage your cookie preferences via your browser settings or our on-site cookie consent banner, in compliance with GDPR. California users may also exercise their “Do Not Sell My Personal Information” rights by adjusting cookie preferences accordingly.
We use cookie consent tools to ensure that non-essential cookies are not placed without your explicit, affirmative action.
11. Protection of Children
Our services are not intended for children under the age of 13. We do not knowingly collect or solicit personal data from children. If we become aware that personal data has been inadvertently collected from a child under 13, we will promptly delete such information. If you believe we have collected such data, please contact us at [email protected].
12. Policy Updates
We may periodically revise this Privacy Policy to reflect legal updates, service changes, or user feedback. Material changes will be communicated via notices on brocatophoto.com or direct communication where feasible. Continued use of the Website constitutes acceptance of the revised policy.
13. Contact
For any questions, concerns, or to exercise your privacy rights, please contact us:
Email: [email protected]
Website: brocatophoto.com
We are committed to respecting your privacy rights and complying with applicable data protection laws and standards. Please reach out if you have questions regarding how we protect your personal information.