Privacy Policy
1. Introduction
At hawaii-culture.com, we are deeply committed to safeguarding the privacy and personal data of our users. We recognize the importance of handling all personal information with accountability, integrity, and transparency. This Privacy Policy outlines how we collect, process, store, share, and protect your personal information in accordance with applicable data protection laws including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), with a privacy-first approach.
2. Scope of the Policy and Data Controller Role
This Privacy Policy applies to all personal data processed through your use of the website hawaii-culture.com, including any related services, platforms, and features. For the purposes of the GDPR and other data protection laws, the data controller responsible for the collection and processing of your information is:
Hawaii Culture
Email: [email protected]
By using hawaii-culture.com, you acknowledge that you have read and understood this Privacy Policy.
3. Categories of Data We Process
We collect and process the following categories of personal data:
a. Usage Data
Includes data about how you interact with our website such as IP address, browser type, pages visited, session duration, referring URLs, and time zone settings.
b. Account Data
Includes identifying and contact information you voluntarily provide when creating an account, such as your full name, mailing address, email address, and telephone number.
c. Profile Data
Includes information related to your user profile and preferences, purchase history, browsing behavior and interests in specific cultural products or services.
d. Communication Data
Includes messages, support queries, and the content of communications you send to us (including email correspondence and online contact forms).
e. Technical Data
Includes information about the device you use to access our website, such as model, operating system, hardware specifications, and browser settings.
f. Transaction Data
Includes information relating to the purchase of goods or services, such as billing details, delivery addresses, and full or partial payment information, excluding stored payment card numbers.
g. Preference Data
Includes marketing and communication preferences, interests regarding cultural products, and your consent status under applicable data protection laws.
4. Legal Bases for Processing
We rely on the following legal bases when processing your personal data:
– Consent: When you give us clear permission to process your data, such as signing up to receive newsletters or marketing emails.
– Contractual Necessity: To provide services or deliver products as per a contractual agreement you enter into via hawaii-culture.com.
– Legal Obligation: When processing is necessary to comply with our legal obligations, such as tax reporting or fraud prevention.
– Legitimate Interests: When necessary for our operational and business interests, provided these are not overridden by your data protection rights (e.g., to improve our services or ensure website security).
5. Your Rights
Subject to applicable data protection laws, you have the following rights regarding your personal data:
– Right of Access: You may request confirmation as to whether we process your personal information and obtain a copy of your data.
– Right to Rectification: You can request correction of inaccurate or incomplete personal information.
– Right to Erasure: Under certain conditions, you may request deletion of your personal data from our systems.
– Right to Restriction: You may request limitation of processing your personal data in specific circumstances.
– Right to Data Portability: Where legally applicable, you can request to receive your data in a structured, commonly used machine-readable format and transfer it to another provider.
– Right to Object: You may object to processing based on our legitimate interests or direct marketing purposes.
To exercise these rights, contact us at [email protected]. We will respond in accordance with applicable data protection laws.
6. Security Measures
We implement a combination of technical and organizational measures to ensure the integrity and confidentiality of your personal data, including:
– Data encryption in transit and at rest
– Role-based access control and employee authentication protocols
– Regular system audits, updates, and security testing
– Enforced information security practices, including staff training and awareness
– Frequent data backups and disaster recovery strategies
7. International Data Transfers
Where personal data is transferred to countries outside the European Economic Area (EEA) or California, we ensure such transfers are subject to appropriate safeguards. These may include Standard Contractual Clauses approved by the European Commission, adherence to Privacy Shield frameworks, or other recognized legal mechanisms to ensure adequate protection.
8. Data Retention
We retain personal data only as long as necessary to accomplish the purposes outlined in this Policy or to comply with legal obligations. Retention periods vary depending on the category of data:
– Usage Data: Up to 12 months for analytics and performance metrics
– Account and Profile Data: For the life of the account and up to 6 years thereafter
– Communication Data: Up to 3 years after last contact
– Transaction Data: Retained for legal and tax purposes up to 7 years
– Marketing and Preference Data: Until consent is withdrawn or data is no longer relevant
9. Cookie Policy
Our website uses cookies and similar technologies to customize user experiences and improve performance. Categories include:
– Essential Cookies: Required for core website functionality (e.g., shopping carts, secure logins)
– Functional Cookies: Enhance user convenience (e.g., remembering preferences)
– Analytic Cookies: Collect information to understand website usage and improve services (e.g., Google Analytics)
– Performance Cookies: Track site responsiveness and user journey paths
10. Cookie Management and Compliance
We offer users a comprehensive cookie consent tool upon first website visit. You can manage or withdraw consent at any time using our cookie preferences center located in the website footer. In compliance with GDPR and CCPA, you also have the right to opt-out of the sale or sharing of your personal data and to adjust browser settings to disable non-essential cookies.
California residents may exercise their rights under the CCPA, including the right to request information about the categories of personal data we collect and the right to opt out of data selling or sharing.
11. Children Under 13
hawaii-culture.com does not knowingly collect personal data from children under the age of 13. If we become aware that information has been collected from a child under this age without verified parental consent, we will take appropriate steps to delete such data.
12. Policy Updates and User Notifications
We reserve the right to amend this Privacy Policy at any time to reflect changes in our practices or legal obligations. All updates will be published on hawaii-culture.com and, where appropriate, communicated to users via email or onsite notifications. Continued use of the website after such changes constitutes acceptance of the updated policy.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or how your personal data is handled by hawaii-culture.com, please contact us at:
Email: [email protected]
We are fully committed to maintaining compliance with GDPR, CCPA, and all relevant privacy laws. Please do not hesitate to reach out to us with privacy questions or to exercise any of your legal rights.