Privacy Policy
1. Introduction
At BeachFest Bermuda (“we”, “our”, or “us”), accessible via beachfestbermuda.com, we are firmly committed to protecting and respecting your privacy. We understand that privacy is fundamental to maintaining a relationship of trust with our users, customers, and visitors. This Privacy Policy outlines how we collect, use, store, and protect your personal data in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), where applicable.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all personal data collected through our website, beachfestbermuda.com, and through any related services we provide online or offline. We are the data controller with respect to the personal information collected, meaning we determine the purposes and means of processing your personal data.
3. Categories of Data We Process
We may process the following categories of personal data about you:
– Usage Data:
Includes data about how you use our website and services, such as IP address, browser type, browsing actions and patterns, date/time stamps, referring/exit pages, session durations, and interaction data.
– Account Data:
Includes personal information you provide when registering or engaging with us, such as full name, mailing address, email address, and contact phone number.
– Profile Data:
Includes data captured from your activity and preferences, such as event attendance, purchase history, user behavior, and interests.
– Communication Data:
Includes records of your interactions with us via email, contact forms, support requests, surveys, or any other type of correspondence.
– Technical Data:
Includes information related to the devices and systems you use to access our services (e.g., operating systems, device identifiers, network settings, and website performance metrics).
– Transaction Data:
Includes payment and billing details, event registrations, ticket purchases, delivery information, and transaction history.
– Preference Data:
Includes your preferences in receiving marketing and promotional communications, as well as your product and service interests.
4. Legal Bases for Processing
We process your personal data based on the following legal grounds:
– Consent: In cases where you have given clear consent for the processing of your personal data (e.g., newsletter sign-up, marketing subscriptions).
– Contractual Necessity: When processing is necessary for the performance of a contract with you, such as processing a ticket purchase.
– Legitimate Interests: When the processing is based on our legitimate interests, provided those interests are not overridden by your rights and interests (e.g., analysis to improve our website or services).
– Legal Obligation: Where we are legally required to collect or retain certain types of personal data.
5. Your Rights
Subject to applicable data protection laws, you have the following rights:
– Right of Access: You have the right to request access to personal data we hold about you.
– Right to Rectification: You may ask us to correct any inaccurate or incomplete personal data.
– Right to Erasure: You can request the deletion of your personal data under certain circumstances.
– Right to Restriction of Processing: You may request we restrict or suspend the processing of your data under certain conditions.
– Right to Data Portability: You have the right to receive a copy of your data in a structured, commonly used, and machine-readable format.
– Right to Object: You may object to processing based on our legitimate interests, including marketing and profiling.
– Right to Withdraw Consent: If processing is based on your consent, you may withdraw that consent at any time.
To exercise your rights, please contact us at [email protected].
6. Security Measures
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk associated with processing personal data. This includes:
– Use of SSL encryption during transmission of sensitive data.
– Regular audits and updates to security protocols.
– Role-based access control to restrict data access to authorized personnel.
– Regular staff training on data protection awareness.
– Secure data storage and backup solutions with disaster recovery plans.
7. International Data Transfers
Where personal data is transferred outside of the European Economic Area (EEA) or your local jurisdiction, we ensure such transfers are made in compliance with applicable data protection laws. This may include the use of Standard Contractual Clauses approved by the European Commission or other regulatory bodies, and implementing further safeguards where necessary.
Beachfestbermuda.com may engage service providers located in countries that do not have the same level of data protection laws. In such cases, we will take all reasonable steps to ensure that your personal data continues to receive adequate protection.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:
– Usage and Technical Data: 12 months from date of collection, for analytics purposes.
– Transaction and Account Data: Up to 7 years for compliance with tax, legal, or contractual obligations.
– Communication and Preference Data: Retained until you withdraw consent or request deletion.
– Profile Data: Retained for 2 years from last interaction to enhance user experience and facilitate future events.
After the expiration of these periods, we securely delete or anonymize your personal data unless otherwise required by law.
9. Cookie Policy
Our website uses cookies and similar tracking technologies to enhance your browsing experience. The types of cookies used include:
– Essential Cookies: Necessary for the functioning of the website, such as session management and security.
– Functional Cookies: Improve usability, such as remembering preferences or login sessions.
– Analytics Cookies: Help us understand how users interact with the site, generating statistical insights (e.g., Google Analytics).
– Performance Cookies: Support optimization of website performance and loading speeds.
10. Cookie Management and Compliance
Upon your first visit to beachfestbermuda.com, you will be provided with a cookie consent banner allowing you to customize which cookies are stored on your device. You can manage cookie preferences at any time via your browser settings or the cookie settings page on our website.
We comply with GDPR requirements for prior consent for non-essential cookies and provide users with the ability to withdraw consent. Under CCPA, California residents also have the right to opt out of the sale or sharing of personal information collected through tracking technologies.
11. Children’s Privacy
We do not knowingly collect or solicit personal data from children under the age of 13. If you are under 13, please do not use the site or provide any personal information. If we learn that we have collected personal data from a child under 13 without verified parental consent, we will delete that information promptly. Parents or guardians who believe that their child has provided us with personal information should contact us at [email protected].
12. Policy Updates
We may revise this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. Where changes are material, we will take reasonable steps to notify you, including posting a notice on beachfestbermuda.com or contacting you by email, if appropriate. We encourage you to occasionally review this policy to stay informed of any updates.
13. Contact
If you have any questions about this Privacy Policy, your personal data, or your rights under applicable data protection laws, please contact:
Email: [email protected]
We are committed to addressing your privacy concerns in a timely and transparent manner.
—
BeachFest Bermuda adheres to both the letter and spirit of data protection laws and is dedicated to full compliance. For further information or to report a concern relating to your personal data, please do not hesitate to reach out to our privacy team at [email protected].