Privacy Policy for Spotlight Reads HQ
1. Introduction
Spotlight Reads HQ (“we,” “us,” or “our”) is committed to protecting and respecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal information when you visit or interact with our website, spotlightreadshq.com (the “Website”). We prioritize your privacy rights and uphold the highest standards of data protection in compliance with applicable laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of the Website and related services. For the purposes of the GDPR, Spotlight Reads HQ is the Data Controller of your personal data. By accessing or using our Website, you acknowledge that you have read, understood, and agreed to the collection and processing of your data as described herein.
3. Categories of Data We Process
We may collect and process the following categories of personal information:
a. Usage Data – Includes information such as your IP address, browser type and version, operating system, referral source, length of visit, page views, site navigation paths, and information about the timing, frequency, and pattern of your service use.
b. Account Data – Includes name, postal address, email address, telephone number, and any other identifiers that you voluntarily provide when creating an account or subscribing to our services.
c. Profile Data – Includes your preferences, interests, past purchases, behavior on the Website, reading history, and other demographic insights that help personalize your experience.
d. Communication Data – Includes records of correspondence, support requests, chat transcripts, and contact history when you engage with our team via email or forms.
e. Technical Data – Includes device type, operating system, language settings, screen resolution, and hardware identification information necessary to ensure optimal content delivery and compatibility.
f. Transaction Data – Includes payment information, billing address, shipping details, order history, and relevant financial identifiers processed via our secure payment providers.
g. Preference Data – Includes your communication preferences, subscription settings, opt-ins or opt-outs from marketing materials, and interest indicators related to Spotlight Reads HQ offerings.
4. Legal Bases for Processing
We rely on the following lawful bases when processing your personal data:
– Consent: Where you have provided clear and explicit consent for us to process your personal data for specific purposes, such as receiving newsletters or marketing offers.
– Contractual Necessity: When processing is required to fulfill our contractual obligations to you, including delivering products or services.
– Legal Obligation: When processing is necessary to comply with obligations under applicable law or regulation.
– Legitimate Interests: Where processing serves a legitimate interest (e.g., fraud prevention, service optimization, or user experience enhancement) and such interest is not overridden by your data protection rights.
5. Your Rights
As a data subject under GDPR or a consumer under CCPA, you have the following rights:
– Right of Access – You can request confirmation as to whether we process your personal data and request a copy of that data.
– Right to Rectification – You may request correction of inaccurate or incomplete data we hold about you.
– Right to Erasure – You have the right to request deletion of your data, subject to legal and contractual obligations.
– Right to Restriction – You may request that we limit processing in certain circumstances.
– Right to Data Portability – You can obtain and reuse your personal data in a structured, commonly used, and machine-readable format.
– Right to Object – You can object to processing based on legitimate interest or direct marketing.
– Right to Opt-Out (CCPA) – California residents have the right to opt-out of the sale or sharing of their personal information.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We take appropriate technical and organizational security measures to protect your personal data from unauthorized access, disclosure, alteration, or destruction. Measures include:
– Use of SSL/TLS encryption for data transmission
– Regular access reviews and role-based access control
– Periodic data backups and secure storage protocols
– Ongoing staff training in data protection best practices
7. International Transfers
Your data may be transferred to and processed in countries outside your region, including those not deemed to provide an adequate level of data protection by the European Commission. In such cases, we implement appropriate safeguards, including Standard Contractual Clauses and supplementary measures, to ensure a similar degree of protection for your data.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:
– Account and Profile Data: Retained as long as your account remains active
– Transaction Data: Retained for a minimum of seven (7) years for tax and compliance purposes
– Communication and Support Records: Retained for up to three (3) years following resolution of the inquiry
– Cookie-related Data: Retention timeframe determined by cookie lifespans (see Section 9)
Upon expiration of these periods, data is securely deleted or anonymized.
9. Cookie Policy
Our Website uses cookies and similar technologies to enhance user experience, deliver personalized content, facilitate web analytics, and measure performance. Categories of cookies we use include:
– Essential Cookies: Required for website functionality, such as user authentication or secure login.
– Functional Cookies: Enable tailored content and user preferences.
– Analytics Cookies: Help us understand user interaction with the Website using tools like Google Analytics.
– Performance Cookies: Collect information about technical performance for the purpose of optimizing delivery.
10. Cookie Management and Legal Compliance
In accordance with GDPR and CCPA requirements:
– Users are presented with a cookie consent banner upon first visit, allowing the choice to accept or reject non-essential cookies.
– You can manage or revoke your consent at any time by accessing your cookie preferences in the Website footer.
– Most web browsers also provide options to block or delete cookies from your device. However, this may affect the functionality of certain areas of spotlightreadshq.com.
11. Protection of Children
Our Website and services are not directed to, nor do we knowingly collect personal data from, children under the age of 13. If we become aware that we have inadvertently collected data from a child under 13, we will take immediate steps to delete such information. If you believe we may have collected data from a child, please contact us at [email protected].
12. Policy Updates and Notifications
We reserve the right to modify this Privacy Policy to reflect changes in legal requirements, data processing practices, or our services. All updates will be posted on this page, and where appropriate, we may notify you via email or platform alerts. Continued use of the Website constitutes your acceptance of the revised policy.
13. Contact Information
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, you can contact us using the following:
Email: [email protected]
We are fully committed to safeguarding your data and ensuring our practices remain transparent, accountable, and compliant with applicable privacy laws.
