Privacy Policy for Hendre Hall
1. Introduction
Hendre Hall (“we”, “us”, or “our”) is fully committed to protecting the privacy and personal data of our website users, customers, and partners. This Privacy Policy outlines how we collect, use, disclose, and protect your personal information when you interact with our website (hendrehall.com), and your rights under applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
We adopt a privacy-first approach in all our operations, aiming to uphold the highest standards of data protection, transparency, and accountability.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data collected through hendrehall.com and related services offered through the platform. Hendre Hall is the entity responsible for the processing of personal data under applicable data protection legislation and acts as the Data Controller for any personal data processed via the site.
For any inquiries regarding this policy or our data practices, you may contact us at: [email protected].
3. Categories of Data Processed
We may collect, store, and process the following categories of personal data:
A. Usage Data
This includes data automatically collected through your use of hendrehall.com such as browser type and version, operating system, IP address, device identifiers, date and time of access, referring website addresses, and session durations.
B. Account Data
When you create an account, make a booking, or sign up for newsletters, we collect personal identifiers such as your name, physical address, email address, and telephone number.
C. Profile Data
Information relating to your registered interests, preferences, previous purchases or bookings, and behavioral patterns on the website.
D. Communication Data
Includes the contents of your messages and correspondence with us, customer support inquiries, queries submitted via our contact forms, and communication history.
E. Technical Data
Hardware and software specifications, device information, file logs, screen resolutions, and configuration settings relevant to the use of the website.
F. Transaction Data
Data associated with purchases and reservations, such as billing details, payment confirmations, delivery addresses, and transaction history.
G. Preference Data
Marketing and communication preferences, product affinity indicators, consents granted for promotional outreach, and newsletter subscription status.
4. Legal Bases for Processing
We process your personal information based on one or more of the following legal bases:
– Consent: Where you have provided explicit consent for specific purposes (e.g. marketing emails).
– Contractual Necessity: For purposes necessary to enter into or perform a contract with you.
– Legitimate Interests: Where processing is necessary for our legitimate business interests, provided these are not overridden by your fundamental rights.
– Legal Obligations: Where we must process personal data to comply with applicable laws and regulations.
5. Your Data Protection Rights
In compliance with GDPR and CCPA, you may exercise the following rights:
– Right of Access – You may request access to the personal information we hold about you.
– Right to Rectification – You can request corrections to inaccurate or incomplete data.
– Right to Erasure – You have the right to request deletion of your personal data, subject to certain exceptions.
– Right to Restrict Processing – Under certain circumstances, you may request that we limit processing of your personal data.
– Right to Data Portability – Where applicable, you may receive your data in a structured, machine-readable format for transmission to another service.
To exercise any of these rights, please email: [email protected].
6. Security Measures
We take appropriate technical and organizational measures to ensure a level of security appropriate to the risk associated with the processing of your personal data. Measures include but are not limited to:
– Encryption of data in transit and at rest;
– Role-based access controls and authentication mechanisms;
– Regular cybersecurity audits and vulnerability assessments;
– Staff data protection training and strict confidentiality obligations;
– Secure data hosting and regularly updated firewalls.
7. International Data Transfers
Whenever we transfer your personal data outside of your jurisdiction, including to third-party service providers located abroad, we ensure that appropriate safeguards are in place. These include the use of Standard Contractual Clauses approved by the European Commission, as well as Data Processing Agreements that align with regional privacy laws.
8. Data Retention
We retain personal data only as long as necessary for the purpose for which it was collected or to comply with legal or regulatory obligations. Approximate retention periods include:
– Account & Profile Data – retained while the account remains active and for up to 6 years thereafter.
– Transaction Data – retained for 7 years to conform with accounting laws.
– Usage and Technical Data – anonymized and retained indefinitely for analytics or retained in raw form for up to 36 months.
– Communication Data – retained for up to 3 years after resolution of the inquiry.
9. Cookie Policy
Hendrehall.com uses cookies and similar tracking technologies for various purposes:
– Essential Cookies: Required for basic site functionality.
– Functional Cookies: Support enhanced features and personalization.
– Analytics Cookies: Help us understand how users interact with the website (e.g. Google Analytics).
– Performance Cookies: Measure and improve the performance and usability of the site.
By continuing to use the website, you consent to the placement of cookies in accordance with this policy.
10. Cookie Management and Regulatory Compliance
In compliance with GDPR and CCPA, users are offered a clear cookie consent banner providing options to accept or reject non-essential cookies. You may withdraw or modify your consent at any time using the “Cookie Settings” feature on the website or by adjusting your browser settings. Detailed management instructions are available in our Cookie Settings page.
11. Protection of Children’s Privacy
hendrehall.com is not directed to, or intended for, children under the age of 13. We do not knowingly collect or solicit personal data from children. If we become aware that we have inadvertently collected such information, we will delete it promptly. Parents and legal guardians are encouraged to monitor their children’s internet usage and to help enforce this policy by instructing children never to provide personal data without permission.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in legal, operational, or technological procedures. Where required by law, we will notify you of material changes through the contact details you have provided or via a prominent notice on hendrehall.com.
13. Contact Us
For questions, concerns, requests, or complaints relating to this Privacy Policy or the way your personal data is handled, please contact our Data Protection team at:
Email: [email protected]
We are committed to full compliance with GDPR, CCPA, and other applicable data protection frameworks. If you have any privacy-related questions or wish to file a complaint, please reach out and we will respond promptly and professionally.