Privacy Policy
This Privacy Policy outlines how we collect, use, share, and protect your personal data when you visit or interact with tonyposnanski.com (“Website”). We are committed to safeguarding your privacy and protecting your personal data in accordance with applicable data protection legislation, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the California Consumer Privacy Act (“CCPA”), and other relevant laws and regulations.
1. Commitment to Privacy and Data Protection
At tonyposnanski.com, your privacy is of paramount importance. We are committed to handling your personal data with the utmost respect, transparency, and confidentiality, and only using it as legally justified and necessary for providing and enhancing our services. We implement strong data protection practices and prioritize privacy by design and by default throughout our operations.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data collected through tonyposnanski.com and associated digital services, communications, and interactions. For purposes of the GDPR and other applicable regulations, tonyposnanski.com is the data controller responsible for processing your data in accordance with this Privacy Policy.
3. Categories of Personal Data We Process
We may collect and process the following categories of personal data, either directly from you, automatically through your use of the Website, or through third-party integrations:
a. Usage Data:
Includes data automatically collected when you visit the Website, such as IP addresses, browser type and version, time zones, operating system, referring URLs, pages viewed, time spent on pages, and other diagnostic and analytical data.
b. Account Data:
Information you provide during account creation or registration, including your full name, mailing address, email address, and mobile or telephone number.
c. Profile Data:
Details relating to your behavior and preferences, such as articles read, user-generated content, bookmarked items, interests, preferences, and history of interactions with the Website.
d. Communication Data:
Includes correspondence records such as emails sent to our support channels, inquiries submitted via contact forms, chat transcripts, and message content exchanged with our administrative team.
e. Technical Data:
Information about the device you use to access the Website, including hardware model, operating system version, device identifiers, browser plugins, and configuration data.
f. Transaction Data:
If applicable, we may process financial and transaction-based data associated with purchases, such as billing address, transaction history, delivery address, and limited payment data (processed securely by third-party payment processors).
g. Preference Data:
Marketing and communication preferences, including your consent to receive newsletters, email campaigns, and interest in specific types of content or offerings.
4. Legal Bases for Processing
We process your personal data only where there is a lawful basis for doing so under applicable law. These include:
– Consent: Where you have explicitly consented to a specific use of your personal data.
– Contractual Necessity: Where processing is necessary to fulfill our contractual obligations or take steps at your request before entering into a contract.
– Legitimate Interests: Where processing is necessary for our legitimate interests in conducting and growing our business, provided that such interests are not overridden by your rights and freedoms.
– Legal Obligations: When processing is needed to comply with a legal obligation imposed by a regulatory or law enforcement authority.
5. Your Rights
Under applicable data protection laws, you have the following rights:
– Right of Access: You may request access to the personal data we hold about you.
– Right of Rectification: You may request correction of inaccurate or incomplete data.
– Right to Erasure: Under certain conditions, you may request the deletion of your personal data.
– Right to Restriction: You may request the limitation of processing your personal data.
– Right to Data Portability: You may request to receive your data in a structured, commonly used, and machine-readable format.
– Right to Object: You have a right to object to certain types of processing, including direct marketing and processing based on legitimate interests.
– Right to Withdraw Consent: Where processing is based on your consent, you may withdraw it at any time.
To exercise your rights, please contact us at [email protected].
6. Security Measures
We take a robust approach to information security. We employ industry-standard security measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These include, but are not limited to:
– Encryption in transit and at rest
– Role-based access controls
– Multi-factor authentication
– Regular data backups and monitoring
– Staff training on data privacy and cybersecurity policies
7. International Data Transfers
We may process and store your personal data on servers located outside your jurisdiction, including in countries that may not provide the same level of data protection. Where applicable, we utilize Standard Contractual Clauses (SCCs) or other recognized legal mechanisms approved under the GDPR for transferring personal data internationally and implement appropriate safeguards to ensure a consistent level of data protection.
8. Data Retention
We retain personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Generally:
– Usage Data: Retained for up to 26 months for analytics and diagnostics
– Account Data: Retained while account remains active or up to 2 years after closure
– Profile Data: Retained concurrently with Account Data
– Communication Data: Retained up to 3 years for record-keeping and service improvement
– Technical Data: Retained up to 26 months
– Transaction Data: Retained for 7 years to comply with financial and tax regulations
– Preference Data: Retained for as long as consent remains valid or until user opts out
Upon expiration or request, data is securely deleted or anonymized.
9. Cookie Policy
We utilize cookies and similar tracking technologies on tonyposnanski.com to enhance user experience, provide analytics, and support the functionality of our Website. These may include:
– Essential Cookies: Required for core website operation and authentication.
– Functional Cookies: Support enhanced features such as preferences and site personalization.
– Analytics Cookies: Collect anonymous usage data to improve Website performance and understand visitor behavior (e.g., Google Analytics).
– Performance Cookies: Help us evaluate the effectiveness of our digital campaigns and load times.
10. Cookie Management and Compliance
Visitors from regions under the GDPR and CCPA are presented with clear, affirmative consent options through a cookie consent mechanism. You may adjust your cookie preferences at any time through the cookie settings tool provided on our Website or via browser-level controls to refuse or delete cookies.
Under CCPA, you have the right to opt-out of the sale of your personal information. We do not sell personal data in the conventional sense; however, we honor relevant opt-out preferences and cookies settings.
11. Protection of Children’s Data
We do not knowingly collect personal data from individuals under the age of 13. If you believe that personal data has been collected from a child under 13 without parental consent, please contact us immediately at [email protected], and we will take swift action to delete such data.
12. Updates to this Privacy Policy
We reserve the right to amend or update this Privacy Policy at our discretion to reflect changes to our practices or legal obligations. You are advised to review this page periodically for updates. Continued use of tonyposnanski.com following any changes constitutes acceptance of those modifications. Where material changes occur, we will endeavor to notify users through prominent notices or direct communication.
13. Contact Us
If you have any questions, concerns, or requests relating to this Privacy Policy or our handling of your personal data, please reach out to:
Email: [email protected]
We are dedicated to resolving privacy-related inquiries in a timely and transparent manner.
This Privacy Policy is intended to convey our commitment to upholding the highest standards of data protection and legal compliance. Please do not hesitate to contact us with any privacy concerns or questions regarding your data.