PRIVACY POLICY
At Drink Hanky (“we,” “us,” or “our”), accessible at drinkhanky.com, we value your privacy and are committed to safeguarding your personal data. This Privacy Policy outlines how we collect, process, store, and protect your information in compliance with applicable privacy laws, including the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
1. Our Commitment to Privacy and Data Protection
Your privacy is of paramount importance to us. We are dedicated to maintaining the confidentiality, integrity, and security of your personal information and ensuring transparent handling of data collected through drinkhanky.com. We continuously strive to implement best practices in privacy protection and data security.
2. Scope and Role as Data Controller
This Privacy Policy applies to personal data collected through drinkhanky.com. Drink Hanky is the data controller responsible for determining the purposes and means of processing your personal data where the GDPR applies. If you reside in California, this policy also describes your rights under the CCPA.
3. Categories of Personal Data We Process
We collect and process the following categories of data, depending upon your interaction with our website and services:
a) Usage Data
Information about how users interact with our website, including browser type and version, device identifiers, IP address, domain name, location-based data, access times, page views, referring URLs, session durations, and diagnostic logs.
b) Account Data
Personal information you provide when you create an account or register for services, including your full name, shipping and billing addresses, email address, and phone number.
c) Profile Data
Preferences such as wishlists, product favorites, purchase behavior, browsing history on drinkhanky.com, subscription information, and user-specific content customizations.
d) Communication Data
Information provided in communications with us, including support requests, inquiries, emails, and chat transcripts. We retain this data to manage customer service interactions and to improve service quality.
e) Technical Data
Device details such as hardware model, operating system, screen resolution, mobile network information, system settings, and other technical identifiers.
f) Transaction Data
Products purchased, payment methods (excluding full payment card data), payment confirmation, billing records, shipping details, and order history.
g) Preference Data
Your choices related to marketing communications, email newsletter opt-ins, advertisement preferences, product interest signaling (e.g., clicks on targeted ads), and cookie consent settings.
4. Legal Bases for Processing
We process personal data lawfully based on the following legal justifications:
– Consent: We process certain data only with your freely given, informed, and unambiguous consent for purposes like direct marketing or non-essential cookies.
– Contractual Necessity: We process data to fulfill our contractual obligations, such as completing transactions or delivering ordered products.
– Legal Obligations: We may process data to comply with applicable laws, tax obligations, or regulatory requirements.
– Legitimate Interests: We process data to enhance security, prevent fraud, maintain service continuity, and improve functionality, provided such interests are not overridden by your rights and freedoms.
5. Your Rights Under GDPR and CCPA
Depending on your jurisdiction, you may have the following rights regarding your personal data:
– Right of Access: You may request a copy of the personal data we hold about you.
– Right to Rectification: You have the right to ensure your personal data is accurate and up to date.
– Right to Erasure (“Right to be Forgotten”): You may request deletion of your information, subject to legal and contractual obligations.
– Right to Restriction: You can ask us to limit the processing of your data under certain conditions.
– Right to Data Portability: You are entitled to receive your data in a structured, commonly used, and machine-readable format.
– Right to Object: You may object to certain processing activities, including profiling and direct marketing.
– Opt-Out of Sale (for California Residents): We do not sell personal information in the traditional sense, but if you reside in California, you may request to opt-out of any data sharing considered a “sale” under the CCPA.
To exercise any of these rights, please contact us at [email protected].
6. Data Security Measures
We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. These include:
– Data encryption across secure protocols (e.g., TLS/SSL)
– Role-based access control and authentication mechanisms
– Secure backups and failover systems
– Staff data protection training and confidentiality agreements
– Regular security audits and risk assessments
While no transmission or storage system can be guaranteed completely secure, we continuously strive to enhance our security posture.
7. International Data Transfers
If you are located outside of the jurisdiction in which our services are hosted, please be aware that your data may be transferred to and processed in countries with different data protection laws. Where such transfers occur, we rely upon adequate safeguards including:
– European Commission Standard Contractual Clauses (SCCs)
– Binding Corporate Rules (where applicable)
– Participating in frameworks such as the UK GDPR or Swiss Privacy Shield (if applicable)
We ensure that such transfers meet the required confidentiality and security standards.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:
– Account Data: Retained for the duration of your account and up to 5 years after closure
– Transaction Data: Retained for 7 years to comply with tax and accounting obligations
– Communication Data: Retained for up to 3 years for quality assurance
– Technical and Usage Data: Retained up to 2 years for analytics and service improvement
– Preference Data: Retained until you change your consent or unsubscribe
Upon expiration of retention periods, data will be anonymized or securely deleted.
9. Cookie Policy
Cookies are small data files placed on your device when you visit drinkhanky.com. We use cookies for various purposes:
– Essential Cookies: Enable website core functionalities, such as page navigation and secure login.
– Functional Cookies: Remember user settings and preferences (e.g., location, language).
– Analytics Cookies: Collect aggregated data on site usage to improve performance and experience (e.g., Google Analytics).
– Performance Cookies: Measure interaction and behavior to optimize content and load speeds.
We do not use cookies to identify individuals unless they have specifically supplied us with their information through forms or accounts.
10. Cookie Management and Legal Compliance
Consent for non-essential cookies is obtained via our cookie consent banner, in compliance with GDPR and CCPA. You may adjust or withdraw your consent at any time through your browser settings or via the cookie settings available on our website.
For California users, opting out of certain tracking tools may constitute exercise of your “Do Not Sell My Personal Information” rights.
11. Children’s Privacy
Our website and services are not directed to, and we do not knowingly collect personal data from, children under the age of 13. If you are a parent or guardian and believe your child has provided us with Personal Information, please contact us at [email protected]. We will take appropriate action to investigate and delete such data if necessary.
12. Policy Modifications
We may update this Privacy Policy periodically to reflect changes in legal requirements, technological advancements, or our practices. Any significant modifications will be communicated via drinkhanky.com or through other appropriate channels. Continued use of our services after updates constitutes acknowledgment of the changes.
13. Contact Information
If you have any questions, concerns, or requests regarding this Privacy Policy, your personal data, or our privacy practices, please contact our Data Protection Team at:
Email: [email protected]
Website: https://drinkhanky.com
We are fully committed to upholding the privacy rights of all users. Compliance with GDPR, CCPA, and other applicable data protection regulations is a core principle of our operations. Please reach out with any concerns, and we will respond promptly and respectfully.