Privacy Policy
1. Introduction
At Cardiff Skatepark (“we”, “our”, or “us”), accessible via https://cardiffskatepark.com, we are committed to protecting your personal data and respecting your privacy. This Privacy Policy outlines the manner in which we collect, use, disclose, and safeguard your information. We approach data privacy with transparency and responsibility, ensuring that our practices comply with applicable laws, including the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of our website at https://cardiffskatepark.com (“Site”) and any services, features, or functionalities offered through it. Cardiff Skatepark is the data controller responsible for the processing of your personal data in accordance with this policy, unless otherwise communicated.
For any questions or concerns related to this policy or your personal data, you may contact us at [email protected].
3. Categories of Data We Process
We may collect and process the following categories of personal data:
– Usage Data – information about how you use our Site, such as IP address, browser type, operating system, referral source, length of visit, pages viewed, timestamp of access, and interaction data.
– Account Data – personal details submitted upon registration or purchase, including name, address, email address, and telephone number.
– Profile Data – preferences, feedback, purchase history, and behavioral interactions with our Site and communications.
– Communication Data – correspondence with our customer service or via contact forms, including inquiry details, support tickets, and engagement history.
– Technical Data – device identifiers, system configurations, connection type, screen resolution, and browser configurations.
– Transaction Data – records of purchases or bookings, payment card data (processed securely through third-party providers), delivery preferences, and billing details.
– Preference Data – your preferences regarding communications, consent regarding marketing, newsletters, surveys, and interest in specific services or offerings.
4. Legal Bases for Processing
We process your personal data only when legally permitted. Our legal bases include:
– Your Consent – where you have affirmatively agreed to the processing of your personal data for specific purposes (e.g., marketing).
– Performance of a Contract – where processing is necessary to fulfill our contract with you or to take pre-contractual steps at your request.
– Legitimate Interests – where the processing is necessary for our legitimate business purposes, provided your interests or fundamental rights do not override them (e.g., analytics, improving user experience, fraud prevention).
– Compliance with Legal Obligations – where we are required to comply with applicable legal and regulatory requirements.
5. Your Rights
Under applicable privacy laws, particularly GDPR and CCPA, you have the following rights:
– Right of Access – to obtain confirmation as to whether we process your data and access to that data.
– Right to Rectification – to request correction of inaccurate or incomplete personal data.
– Right to Erasure – to request deletion of your personal data under certain circumstances (“Right to be Forgotten”).
– Right to Restrict Processing – to limit how we process your data under specific conditions.
– Right to Data Portability – to receive personal data in a structured, commonly used, and machine-readable format, and transmit it to another controller.
– Right to Object – to object to our processing based on legitimate interests or direct marketing.
– Right to Withdraw Consent – to withdraw your consent at any time where processing is based on consent.
– California Rights – under CCPA, California residents may additionally request disclosure of categories and specific pieces of personal data we collect, request deletion of their data, and opt out of the sale of personal data, if applicable.
To exercise any of the above rights, please contact us at [email protected]. We may require you to verify your identity before fulfilling your request.
6. Security Measures
We implement robust technical and organizational measures to protect your personal data, including but not limited to:
– Encryption of data in transit and at rest
– Secure servers and firewalls
– Access controls and authentication protocols
– Regular security audits and vulnerability assessments
– Employee data protection training and awareness programs
Despite our efforts, no data transmission over the internet can be guaranteed to be 100% secure. We encourage users to use caution when transmitting personal information online.
7. International Transfers
Your personal data may be stored or processed outside your jurisdiction, including in countries that may not provide the same level of data protection as your home country. Where such transfers occur, we rely on standard contractual clauses or other appropriate safeguards as approved under GDPR or comparable local laws to ensure your data is protected.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. Specific retention periods include:
– Usage and Technical Data – up to 24 months
– Account and Transaction Data – up to 7 years post-transaction or account closure
– Communication Data – up to 36 months
– Preference Data – until consent is withdrawn or data is otherwise updated
– Anonymized or aggregated data may be retained indefinitely for research or analytical purposes.
9. Cookie Policy
Our Site uses cookies and similar technologies for various purposes to enhance your browsing experience and to gather data about site usage. We utilize the following categories of cookies:
– Essential Cookies – necessary for the basic functioning of the website (e.g., session management, login status).
– Functional Cookies – remember your settings and preferences (e.g., region, language).
– Analytical Cookies – collect information about how visitors use the website to help us improve performance (e.g., Google Analytics).
– Performance Cookies – assess the functionality and responsiveness of the Site.
Third-party services may set cookies on your device. We ensure these providers only process data in accordance with lawful agreements that restrict misuse and extend data protections.
10. Cookie Management and Compliance
Upon your first visit to cardiffskatepark.com, we present a cookie banner asking for your consent to place cookies (excluding essential cookies). You may review or modify your cookie preferences at any time using the cookie settings option on our website. Users in the EU are provided with granular control over cookies as required by the GDPR.
California residents may opt out of the sale of personal data by adjusting cookie settings or sending a request to [email protected].
11. Children’s Privacy
We do not knowingly collect or solicit personal data from children under the age of 13. If we become aware that we have received such data, we will promptly delete it. Parents or guardians who become aware that a child has provided us with personal data without their consent should contact us at [email protected].
12. Policy Updates
We may change or update this Privacy Policy from time to time to reflect legal, technological, or operational changes. We encourage you to periodically review this page for the latest information. Where required by law, we will notify you of material changes in advance and provide the opportunity to review revised terms.
13. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us at:
Email: [email protected]
We are fully committed to safeguarding your data and ensuring compliance with global data privacy laws. Your trust is important to us, and we strive to maintain the highest standards in personal data protection.