Privacy Policy
1. Introduction
At Jones & Sands Publishing (“Company”, “we”, “us”, or “our”), accessible via jones-sands-publishing.com (“Website”), we are fully committed to the protection of your personal data and your privacy. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information in accordance with applicable privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We approach your data with a privacy-first philosophy, and we strive to ensure transparency, accountability, and security in everything we do.
2. Scope of this Policy and Data Controller Role
This Privacy Policy applies to all visitors, users, and others who access the Website or interact with our services. For purposes of data protection laws, Jones & Sands Publishing is the data controller of your personal data, determining the purposes and means of its processing. By accessing or using our Website, you acknowledge and agree to the practices described in this Privacy Policy.
3. Categories of Data We Process
We process a variety of personal data to support our services and improve user experience. The categories of data we collect and process include:
a. Usage Data:
Includes information about your interactions with the Website, such as IP addresses, browser types, operating systems, referring URLs, session durations, page views, and geolocation derived from IP addresses.
b. Account Data:
Information provided when creating an account, such as your full name, email address, phone number, billing and delivery addresses.
c. Profile Data:
Preferences, reading or purchase history, user behavior on our platform, saved items, and settings.
d. Communication Data:
Records of communications with our support team, emails sent to [email protected], chat logs, feedback, and customer service inquiries.
e. Technical Data:
Device identifiers, system configurations, access timestamps, internet service provider details, and crash diagnostics.
f. Transaction Data:
Details about purchases made through our Website, including payment information (excluding full credit card or banking details, which are processed via secure third-party providers), transaction history, delivery tracking, and order confirmations.
g. Preference Data:
Marketing communication preferences, content and category interests, opt-in/opt-out statuses, consent flags, and engagement metrics with newsletters and promotional campaigns.
4. Legal Bases for Processing
We process your personal data lawfully under the following legal bases as permitted by GDPR:
– Performance of a Contract: When data processing is necessary to provide you with goods, services, or support.
– Legitimate Interests: For instance, to improve our services, detect and prevent fraud, ensure network security, and conduct internal analytics.
– Consent: Where required, we will seek your explicit consent before processing data for purposes such as personalized marketing.
– Legal Obligation: Where processing is necessary for compliance with applicable legal requirements.
5. Your Rights
Subject to applicable GDPR and CCPA provisions, you may exercise the following rights regarding your personal data:
– Right of Access: Request a copy of the personal data we hold about you.
– Right to Rectification: Request correction of incorrect or incomplete personal data.
– Right to Erasure: Request the deletion of your personal data (“right to be forgotten”), subject to legal retention obligations.
– Right to Restriction: Request that we limit or suspend the processing of your data in certain circumstances.
– Right to Data Portability: Receive your data in a structured, commonly used, and machine-readable format and transmit that data to another controller.
– Right to Object: Object to processing based on our legitimate interests or direct marketing.
– Do Not Sell My Personal Information (under CCPA): Request that we do not sell your personal information to third parties.
To exercise these rights, please contact us at [email protected].
6. Security Measures
We implement robust security measures to ensure the confidentiality, integrity, and availability of your data, including:
– Data encryption in storage and transit using industry-standard protocols.
– Granular access controls to ensure only authorized personnel can access sensitive data.
– Frequent backups and disaster recovery procedures.
– Employee training on information security and data protection best practices.
– Regular audits and assessments of our data infrastructure.
7. International Data Transfers
When transferring personal data outside of the European Economic Area (EEA), we implement safeguards such as the European Commission’s Standard Contractual Clauses (SCCs) or rely on adequacy decisions. These transfers comply with GDPR requirements, ensuring your personal data remains protected in jurisdictions with potentially differing levels of data protection laws.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal and regulatory obligations. Specific retention periods include:
– Usage Data: 12 months for analytics and diagnostics.
– Account & Profile Data: Retained until your account is deactivated or deleted.
– Communication Data: Retained for up to 3 years following final correspondence.
– Transaction Data: Retained for 7 years in accordance with financial and tax laws.
– Preference Data: Maintained until consent is withdrawn or changed.
Upon expiry of the retention periods, data is securely deleted or anonymized.
9. Cookie Policy
Our Website uses cookies and similar tracking technologies to enhance performance and user experience. We categorize cookies as follows:
– Essential Cookies: Necessary for the website to function and cannot be switched off.
– Functional Cookies: Enable the site to remember choices you make (e.g., language, region).
– Analytics Cookies: Help us understand user behavior and website performance.
– Performance Cookies: Collect anonymous data to improve interface responsiveness, speed, and interactivity.
For detailed information on the specific cookies we use and how they function, please see our standalone Cookie Notice (if applicable).
10. Cookie Management and Compliance with GDPR & CCPA
When accessing jones-sands-publishing.com, you are presented with a cookie consent banner in accordance with GDPR and CCPA regulations. You can manage your preferences or revoke consent at any time by accessing the ‘Cookie Settings’ section of our website. For California residents, additional opt-out rights related to the use and sharing of cookies are clearly provided.
We use a Consent Management Platform (CMP) to document and honor your preferences across browsing sessions.
11. Special Protections for Children Under 13
Our Website and services are not intended for children under the age of 13. We do not knowingly collect or solicit personal data from minors under this age. If we discover that we have collected personal data from a child under 13 without verifiable parental consent, we will promptly delete this information. Parents or guardians who believe their child has provided us with information are encouraged to contact [email protected] immediately.
12. Policy Updates and Notifications
We may revise this Privacy Policy periodically to reflect changes in the law, our data practices, or the features of the site. Any significant changes will be communicated via notifications on jones-sands-publishing.com or through direct emails where applicable. Continued use of the Website following any modifications constitutes acceptance of those changes.
13. Contact
If you have any questions, concerns, or requests related to this Privacy Policy or your personal data, please reach out to our Data Protection team at:
Email: [email protected]
We are committed to full compliance with the GDPR, CCPA, and other applicable data protection laws. For any privacy concerns or complaints, we encourage you to contact us directly so we can promptly address your issue.