Privacy Policy

Privacy Policy for romanmfrance.com

1. Introduction

At romanmfrance.com, we are firmly committed to safeguarding the privacy and personal data of our website visitors, customers, and partners. In accordance with applicable data protection laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”), we strive to uphold the highest standards of transparency, accountability, and user rights. This Privacy Policy outlines the types of personal data we collect, how we use it, and the rights available to you to control your personal information.

2. Scope of the Policy and Role as Data Controller

This Privacy Policy applies to all individuals who interact with our website romanmfrance.com. For all data processing activities described in this policy, romanmfrance.com acts as the “data controller,” meaning we determine the purposes and means of processing your personal data. If you access our services or submit information through romanmfrance.com, this policy will apply to your interaction with us.

3. Categories of Data We Process

We collect and process the following categories of personal data:

a. Usage Data
Includes information about how you use our website such as browser type, IP address, referral URLs, page views, time spent on pages, and geographic locations derived from IP.

b. Account Data
Includes identifiable information such as your name, email address, billing/shipping address, and contact phone number that you voluntarily submit during the registration, account creation, or checkout process.

c. Profile Data
Includes information created as part of your user profile, such as your preferences, product selections, behavioral data, and purchase history.

d. Communication Data
Includes messages sent via contact forms, customer service inquiries, support requests, and records of communications between you and our team.

e. Technical Data
Includes device type, operating system, browser plug-ins, screen resolution, and other system configuration information when accessing our site.

f. Transaction Data
Includes records of purchases made via our platform, payment information (processed securely via third-party payment processors), receipt details, order history, billing, and delivery information.

g. Preference Data
Includes information regarding consent to marketing communications, product or content interests, newsletter subscriptions, and user-selected preferences.

4. Legal Bases for Processing

We process personal data under the following lawful bases as defined under GDPR and aligned with CCPA principles:

– Contractual Necessity: To provide products or services you requested, including processing and delivering orders.
– Legitimate Interests: For website security, improving platform functionality, communicating with customers, and fraud prevention.
– Consent: For sending newsletters, handling cookies, or processing sensitive data, where required. You may withdraw consent at any time.
– Legal Obligations: To comply with legal or regulatory requirements.

5. Your Rights

As an individual whose data we process, you have the following rights under applicable data protection laws:

– Right of Access: Request a copy of the personal data we hold about you.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your personal information where lawful grounds permit.
– Right to Restrict Processing: Request the limitation of processing where appropriate.
– Right to Data Portability: Request a copy of your personal data in a structured, machine-readable format for portability.
To exercise any of these rights or for related inquiries, please contact us at [email protected].

6. Security Measures

We implement rigorous technical and organizational measures to protect your data, including but not limited to:

– End-to-end encryption of personal data in transit and storage.
– Access controls restricting data access to authorized personnel only.
– Regular security audits and continuous infrastructure monitoring.
– Employee training on data privacy, handling, and security protocols.
– Secure data backups and redundancy systems.

7. International Transfers

Where personal data is transferred outside the European Economic Area (EEA) or the State of California, we ensure a similar level of protection is afforded by implementing appropriate safeguards such as:

– Standard Contractual Clauses approved by the European Commission, or
– Transfers to jurisdictions recognized as offering adequate levels of protection.

We are committed to maintaining compliance with both EU and U.S. data transfer requirements.

8. Data Retention

We retain personal data only as long as necessary for the purposes for which it was collected, including:

– Usage & Technical Data: retained for up to 12 months for analytics.
– Account & Profile Data: retained until the account is deleted or inactive for 24 months.
– Communication Data: retained for 3 years from the last interaction.
– Transaction Data: retained for 7 years for financial compliance.
– Preference Data: retained until consent is withdrawn or preference is changed.
Anonymized or aggregated data not linked to identifiable individuals may be stored indefinitely for analytical or statistical purposes.

9. Cookie Policy

Our website uses cookies to enhance user experience, analyze site performance, and provide personalized services. Cookies fall under these categories:

– Essential Cookies: Required for site functioning and secure transactions.
– Functional Cookies: Aid in remembering preferences like language or region.
– Analytics Cookies: Collect aggregated data on traffic and user interaction (e.g., Google Analytics).
– Performance Cookies: Help improve the speed and performance of the website.

10. Cookie Management and Compliance with GDPR & CCPA

Consent for non-essential cookies is obtained via a cookie banner upon your first visit. You can manage or withdraw your cookie preferences at any time through our Cookie Settings interface or by adjusting your browser settings. We respect “Do Not Track” requests and employ consent management in alignment with GDPR and CCPA guidelines.

Under CCPA, California residents also have the right to opt out of the sale of personal data. We do not sell your personal information.

11. Children’s Privacy

We do not knowingly collect personal data from individuals under 13 years of age. If we become aware that data from a child under 13 has been collected without verified parental consent, we will delete such data promptly. If you believe that we have inadvertently collected information from a child under 13, please contact us immediately at [email protected].

12. Policy Updates and User Notification

We reserve the right to modify or update this Privacy Policy to reflect changes in our practices or legal requirements. Updates will be posted on this page. Where significant changes are made, we will notify users via email or on-site notification where appropriate. Continued use of romanmfrance.com implies acceptance of the revised policy.

13. Contact

For any questions, concerns, or to exercise your data protection rights, please contact us via:

Email: [email protected]

We are fully committed to compliance with all applicable data protection regulations and will respond to all privacy-related queries in a timely and comprehensive manner.