Privacy Policy
1. Introduction
At Drink Hanky, accessible at drinkhanky.com, we are committed to safeguarding your privacy and protecting your personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act (“CCPA”). This Privacy Policy outlines how we collect, use, disclose, and secure your information and informs you of your rights under relevant privacy regulations. Our mission is to handle your personal data with care, respect, and transparency.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to the collection and processing of personal data when you access or use drinkhanky.com, interact with our customer service team, or otherwise communicate with us. Drink Hanky is the data controller with respect to any personal information collected via this website unless otherwise stated. As a data controller, we determine the purposes and means of processing your personal data.
For any questions or concerns regarding the handling of your personal information, you may contact us at [email protected].
3. Categories of Data We Process
We may collect and process the following categories of personal data:
– Usage Data: Includes information such as your browser type, IP address, time zone setting, pages visited, session duration, and how you interact with the website.
– Account Data: Includes your name, billing address, shipping address, email address, phone number, and account credentials when you create or maintain an account with us.
– Profile Data: Includes information such as your product preferences, purchase history, and behavioral data derived from your interactions with drinkhanky.com.
– Communication Data: Includes records of correspondence with us, including inquiries submitted through contact forms, customer service interactions, or other communications.
– Technical Data: Includes device identifiers, operating system type and version, system configurations, and platform used to access the website.
– Transaction Data: Includes information related to payments you make for purchases (e.g., billing details, payment method, order history, and delivery tracking information).
– Preference Data: Includes your marketing communication preferences, opted-in categories of interest, and advertising engagement data.
All information is collected fairly and lawfully and is retained only as long as necessary for the purposes for which it was collected.
4. Legal Bases for Processing
We process your personal data on the following legal bases:
– Consent: Where you have given us clear permission to process your data for a specific purpose, such as receiving marketing communications.
– Contractual Necessity: Processing is necessary for the performance of a contract with you, including fulfilling product orders and managing your account.
– Legal Obligation: To comply with a legal obligation, such as tax or regulatory reporting requirements.
– Legitimate Interests: To pursue our legitimate business interests in a manner that does not override your fundamental rights and freedoms, such as website functionality testing, preventing fraud, and improving service offerings.
5. Your Data Protection Rights
Subject to applicable law, you have the following rights regarding your personal data:
– Right of Access: You may request confirmation as to whether we process your data and, if so, access to that data and relevant information.
– Right to Rectification: You may request the correction of inaccurate or incomplete personal data.
– Right to Erasure: In certain circumstances, you may request the deletion of your personal data.
– Right to Restriction: You may request that we limit the processing of your data under specific conditions.
– Right to Data Portability: You may request to receive your data in a structured, commonly-used format and transmit it to another data controller where technically feasible.
To exercise your rights, please email [email protected] with your verified request, and we will respond in accordance with applicable legal requirements.
6. Security Measures
We implement appropriate technical and organizational measures to protect your personal data, including:
– Encryption of sensitive data, including payment and login credentials during transmission.
– Access control mechanisms to limit internal access to personal data based on operational need.
– Secure user authentication and session controls to protect account integrity.
– Periodic security audits and staff data protection training programs.
– Regular data backups to enable restoration in case of accidental data loss or damage.
Despite these efforts, no system is 100% secure, and we cannot guarantee the absolute security of your information.
7. International Transfers
Your personal data may be transferred to, and processed in, countries outside of your jurisdiction, including countries that may not have equivalent data protection laws. When we transfer personal data outside the European Economic Area (EEA) or California, we rely on appropriate legal mechanisms, such as:
– Standard Contractual Clauses approved by the European Commission.
– Binding Corporate Rules or equivalent safeguards to ensure adequate data protection.
All international transfers of data are conducted in full compliance with applicable laws to ensure your rights are preserved.
8. Data Retention
We retain personal data only for as long as necessary for the purposes set out in this policy, unless a longer period is required by law:
– Account and Profile Data: Retained for the duration of your account and thereafter for up to 7 years for legal and reporting purposes.
– Transaction Data: Retained for 7 years in compliance with tax laws and auditing standards.
– Communication Data: Retained for 2 years to manage inquiries and maintain service quality.
– Usage and Technical Data: Retained for 26 months for analytics and security purposes.
– Marketing and Preference Data: Retained until you opt-out or unsubscribe, with periodic reviews to ensure relevance.
Once the applicable retention period expires, we securely delete or anonymize your data.
9. Cookie Policy
We use cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and provide tailored content and advertisements. Cookies fall into the following categories:
– Essential Cookies: Required for core site functionality, such as secure login and shopping cart support; cannot be disabled.
– Functional Cookies: Enable enhanced features and personalization, such as language selection and user preferences.
– Analytics Cookies: Allow us to understand site usage and improve performance by collecting aggregated user statistics.
– Performance/Advertising Cookies: Track user activity across the website and other platforms to deliver relevant advertising.
10. Cookie Management and Regulatory Compliance
You may manage cookie preferences through our website banner or your browser settings at any time. For EU users, consent is obtained prior to placing non-essential cookies in compliance with GDPR transparency and consent requirements. California residents can opt-out of the sale of personal data through a dedicated link in compliance with CCPA regulations.
For further control, most browsers allow you to configure settings to reject cookies or prompt you before storing them. Be aware that disabling certain cookies may affect the usability and functionality of drinkhanky.com.
11. Special Protections for Children Under 13
Drink Hanky does not knowingly collect or solicit personal data from children under the age of 13. If we become aware that such information has been collected without verified parental consent, we will take immediate steps to delete the specific data. We encourage parents and guardians to monitor their children’s online activity.
If you believe that a child under 13 has submitted personal information to drinkhanky.com without consent, please contact us promptly at [email protected].
12. Policy Updates and Notifications
We may update this Privacy Policy from time to time to reflect changes in our business practices, legal obligations, or service offerings. Any material changes will be posted on this page, and, where appropriate, notified to you via email or an alert on our homepage. We encourage you to review this policy periodically to stay informed about how we protect your data.
13. Contact Us
If you have any questions, concerns, or requests relating to your personal data or this Privacy Policy, please contact us at:
We are committed to complying with applicable privacy laws and ensuring your rights are respected. For further clarification or to report any concern, do not hesitate to reach out to us at the email address above.