Privacy Policy
1. Introduction
At Glasgow Bridge (glasgowbridge.com), we are committed to protecting and respecting your privacy. This Privacy Policy outlines our approach to handling personal data in accordance with applicable data protection legislation, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”). We uphold a privacy-first philosophy in the design and operation of our services, aiming to process data responsibly, transparently, and securely.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all visitors, users, and others who access glasgowbridge.com (the “Website”), as well as any services provided through it. Glasgow Bridge is the data controller for the personal data collected via this Website and can be contacted at [email protected] for any data protection-related matters.
By using the Website, you acknowledge that your personal data will be processed in accordance with this Policy.
3. Categories of Data Processed
We collect and process the following categories of personal data:
a. Usage Data
We may process data about your use of our Website, including your browser type, IP address, operating system, referral URLs, device identifiers, session statistics, access times, and browsing behavior. This helps us understand how users interact with our content and improve the user experience.
b. Account Data
When you create an account or provide details during registration or purchase, we collect information such as your name, address, email address, and telephone number.
c. Profile Data
This includes preferences, purchase history, browsing behavior, and other insights derived from your interactions with the Website and services, which help us personalize your experience.
d. Communication Data
We process information related to customer support inquiries, feedback, email correspondence, and other communications you send to us, including contact history.
e. Technical Data
This includes information about the devices you use, system configurations, time zone settings, screen resolution, and other technical characteristics of your access environment.
f. Transaction Data
Information regarding purchases, payment methods, billing addresses, and delivery details (where applicable) is processed for order fulfillment and fraud prevention.
g. Preference Data
We collect marketing and communication preferences, including opt-in/opt-out choices for newsletters, promotional materials, and product interest indications.
4. Legal Bases for Processing
We process your data based on the following lawful grounds:
– Consent: where you have given clear permission for us to process your personal data for a specific purpose (e.g., receiving marketing emails).
– Contractual necessity: to fulfill our contractual obligations to you (e.g., provision of services or delivery of purchases).
– Legal obligation: where processing is necessary to comply with applicable laws or lawful inquiries.
– Legitimate interests: for purposes such as improving our products and services, communicating with you, and maintaining the security of the Website, provided these interests are not overridden by your own rights and freedoms.
5. Your Rights
You may exercise the following rights with respect to your personal data:
– Access: You may request access to the personal data we hold about you.
– Rectification: You can request corrections to inaccurate or incomplete data.
– Erasure: Also known as the “right to be forgotten,” you can request deletion of your data under certain circumstances.
– Restriction: You can request we limit the way we use your data.
– Portability: You may request to receive your data in a structured, commonly used, and machine-readable format or have it transmitted to another controller.
– Objection: Where we rely on legitimate interests or send direct marketing, you have the right to object to such processing.
– Withdraw Consent: If processing is based on your consent, you may withdraw it at any time.
To exercise any of the above rights, you may contact us at [email protected].
6. Security Measures
We implement comprehensive security protocols to safeguard your personal data. These measures include, but are not limited to:
– Data encryption in transit and at rest.
– Strict access control and authentication protocols.
– Regular security audits and vulnerability assessments.
– Up-to-date firewalls and intrusion detection systems.
– Secure data backups and disaster recovery plans.
– Staff privacy and security training programs.
7. International Transfers
Where personal data is transferred outside the European Economic Area (EEA) or similar jurisdictions, we ensure such transfers are subject to appropriate safeguards, including standard contractual clauses approved by the European Commission or other lawful transfer mechanisms, to maintain a high level of data protection.
8. Data Retention
We retain personal data only for as long as necessary for the purposes it was collected, including:
– Usage Data: Retained for up to 12 months for analytics and performance optimization.
– Account & Profile Data: Retained for the lifespan of the user account, and up to six years afterward in line with legal obligations.
– Communication Data: Retained for three years to manage customer relationships and support record-keeping.
– Technical Data: Retained for 12 months to ensure site compatibility and security monitoring.
– Transaction Data: Retained for seven years to comply with tax and financial regulations.
– Preference Data: Retained until consent is modified or withdrawn.
9. Cookie Policy
We use various types of cookies on glasgowbridge.com to enhance performance and your user experience:
– Essential Cookies: Necessary for basic site functionality, such as navigation and access control.
– Functional Cookies: Help store user preferences and enhance usability.
– Analytics Cookies: Provide insights into user behavior, traffic sources, and engagement.
– Performance Cookies: Measure system performance metrics and usage anomalies.
These cookies may be set by us or third-party providers integrated into our services.
10. Cookie Management and Compliance
We provide a cookie consent tool in accordance with GDPR and CCPA requirements, enabling you to:
– Consent to or reject non-essential cookies at first visit.
– Modify your cookie preferences at any time.
– Obtain information on each cookie category and vendor.
California residents may use authorized opt-out mechanisms, including “Do Not Sell or Share My Personal Information” links and global opt-out signals, which we honor in accordance with CCPA guidelines.
11. Children’s Privacy
Glasgow Bridge does not knowingly collect or solicit personal data from individuals under the age of 13. If we learn that personal information of a child under 13 has been collected inadvertently, we will delete such information promptly. Parents or guardians who believe their child has submitted data may contact [email protected] for immediate assistance.
12. Policy Updates and User Notifications
We reserve the right to update this Privacy Policy as needed to reflect changes in our legal obligations, technologies, practices, or services. In cases of material changes, we will notify users via our Website or direct email communication where appropriate. Continued use of the Website signifies your acceptance of the revised policy.
13. Contact
If you have any questions, concerns, or requests related to this Privacy Policy or how your data is handled, you may contact us at:
Email: [email protected]
We are committed to upholding your privacy rights with transparency and integrity. Please do not hesitate to reach out to us with any data protection concerns.