Privacy Policy for john-rex.com
1. Introduction
At john-rex.com, we are committed to safeguarding your privacy and protecting the personal information you entrust to us. This Privacy Policy outlines how we collect, use, disclose, and store your data in accordance with applicable data protection regulations such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). By visiting and using john-rex.com, you acknowledge and accept the practices described herein.
2. Scope of This Policy and Data Controller Information
This Privacy Policy applies to all users, visitors, and customers accessing or interacting with john-rex.com. For the purposes of applicable data protection legislation, john-rex.com acts as the “data controller,” determining the purposes and methods of processing personal information collected through the website or through any related services.
Should you have any questions regarding this policy, please contact our Data Protection Officer at [email protected].
3. Categories of Personal Data We Process
We collect and process the following categories of personal data:
– Usage Data: Information about your interaction with john-rex.com, including IP address, browser type, pages visited, session durations, referral URLs, and navigation paths.
– Account Data: Personal identifiers you provide when creating an account or making a purchase, including name, billing and shipping address, email address, password, and phone number.
– Profile Data: Insights collected about your behavior and preferences, such as purchase history, content interactions, wishlists, feedback, demographic data, or other behavioral information.
– Communication Data: Records of correspondence via email, contact forms, customer service inquiries, or live chat interactions.
– Technical Data: Device- and system-level information such as operating system, device type, language settings, mobile network data, and browser configurations.
– Transaction Data: Details of transactions conducted through john-rex.com, including product selections, payment method (note: we do not store full payment data), order history, delivery details, and invoicing information.
– Preference Data: Marketing preferences, product interest indicators, and consent to receive newsletters or promotional material.
4. Legal Bases for Processing Personal Data
We process your personal data based on one or more of the following legal grounds:
– Contractual Necessity: To fulfill contractual obligations, such as delivering goods or providing services requested by you.
– Legitimate Interests: To optimize our website, enhance customer service, prevent fraud, secure our digital infrastructure, or personalize content in a non-intrusive manner.
– Consent: For certain data uses such as direct marketing, cookies (where applicable), or email newsletters, we rely on your voluntary, informed consent.
– Legal Obligation: To comply with legal or regulatory requirements, including tax and accounting laws, fraud prevention, and data protection legislation.
5. Your Data Protection Rights
You have the following rights under data protection laws:
– Right of Access: Obtain confirmation of whether we process your personal data and gain access to a copy of that data.
– Right to Rectification: Request the correction of inaccurate or incomplete personal data.
– Right to Erasure: Request the deletion of your data, subject to legal obligations and retention justifications.
– Right to Restriction: Request restriction of processing if data is contested, unlawfully processed, no longer required, or you have objected.
– Right to Data Portability: Receive your data in a structured, commonly used, machine-readable format and request transmission to another controller where applicable.
To exercise any of these rights, please contact us at [email protected]. We may require verification of your identity before executing your request.
6. Security Measures
We implement technical and organizational security safeguards to protect your personal information from unauthorized access, disclosure, alteration, or destruction. These include:
– Encryption of data in transit and at rest using industry-standard protocols.
– Access control mechanisms ensuring that only authorized personnel can access sensitive data.
– Regular system backups and secure data storage practices.
– Staff training on data protection principles, GDPR requirements, and information security.
7. International Data Transfers
Where necessary, we transfer your personal data outside the European Economic Area (EEA) or United States in strict compliance with international data protection laws. In such cases, we utilize appropriate safeguards including Standard Contractual Clauses (SCCs) approved by the European Commission or reliance on adequacy decisions issued for specific countries. We take all necessary steps to ensure that your data is treated securely and in accordance with this Privacy Policy.
8. Data Retention
We will retain your personal information only as long as necessary for the purposes set out in this policy, including legal, accounting, and operational purposes. Specific retention periods by data category are:
– Usage Data: up to 24 months, for analytics and security.
– Account Data: until your account is deleted, or 7 years after last interaction for auditing and compliance.
– Profile and Preference Data: up to 36 months from the last engagement or until consent is withdrawn.
– Communication Data: retained for a minimum of 3 years for customer service reviews and legal obligations.
– Transaction Data: retained for 7 years for tax and financial reporting obligations.
9. Cookie Policy
john-rex.com uses cookies and similar tracking technologies to enhance user experience and gather data on website usage. These include:
– Essential Cookies: Required for core functionalities, such as session management, navigation, and authentication.
– Functional Cookies: Stored preferences like language settings and user interface customizations.
– Performance Cookies: Measure site performance and help analyze user behavior to improve our services.
– Analytics Cookies: Anonymous tracking cookies that help us measure site traffic, analyze trends, and enhance user journeys.
10. Cookie Management and Regulatory Compliance
You will be prompted to accept or manage cookies when you first access john-rex.com. You may modify your cookie preferences at any time through your browser settings or via our Cookie Preferences Center. We comply strictly with GDPR and CCPA guidelines on cookie usage. Under CCPA, California residents have the right to opt out of the “sale” of their personal data, broadly interpreted to include tracking for advertising; we honor such requests without discrimination.
11. Children’s Privacy
john-rex.com and its services are not directed toward, nor intentionally collect data from, individuals under the age of 13. If we become aware that a child under 13 has submitted personal data without verifiable parental consent, we will promptly delete such information from our systems. If you are a parent or guardian and believe we may have collected data from your child, please contact us at [email protected].
12. Policy Updates and Notification
We reserve the right to amend or update this Privacy Policy to reflect changes in our practices or legal requirements. Significant modifications will be communicated via a site banner, email notice, or other appropriate means. We encourage users to review this page periodically for the latest information on our privacy practices.
13. Contact Information
Should you have any questions, concerns, or requests related to this Privacy Policy or our handling of your personal data, please contact us at:
Email: [email protected]
We are committed to responding to all valid inquiries and requests promptly and in accordance with data protection laws.
Final Statement
At john-rex.com, we uphold a privacy-centric approach and ensure adherence to applicable data protection regulations, including GDPR and CCPA. If you have any concerns about your data privacy or would like to exercise your rights, please do not hesitate to contact us at [email protected].