Privacy Policy
At Maximo Park (“we,” “our,” or “us”), accessible at maximo-park.com, we are committed to safeguarding the privacy and personal data of our users in accordance with the highest standards of data protection and privacy law. This Privacy Policy outlines how we collect, use, disclose, and protect your personal information when you use our website and associated services. We recognize the importance of your trust and take our responsibilities regarding your data seriously.
1. Introduction: Our Commitment to Privacy and Data Protection
Respecting your privacy is fundamental to our values. We are committed to handling your personal data with integrity, transparency, and in compliance with applicable privacy laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act of 2018 (“CCPA”) as amended. Our goal is to ensure that any data you share with us through maximo-park.com is protected, handled lawfully, and only used for legitimate purposes.
2. Scope of This Policy and Our Role as Data Controller
This Privacy Policy applies to all personal data collected through the website maximo-park.com and related interactions, including customer support, newsletter subscriptions, and transactions. Maximo Park is the data controller for purposes of personal data submitted via the website.
For data subjects in the European Economic Area (EEA) and other jurisdictions, Maximo Park determines the purposes and means of processing your personal data as the data controller.
If you have any questions or concerns as to how your data is processed, please contact us at [email protected].
3. Categories of Personal Data We Process
We may collect and process the following categories of personal data:
a. Usage Data: Includes information about how you use our website and services, such as IP address, browser type, operating system, access times, pages viewed, links clicked, and session duration.
b. Account Data: Information provided when creating an account or making a purchase, such as name, email address, telephone number, billing/shipping address.
c. Profile Data: Includes preferences, purchase history, feedback, browsing behavior, and participation in surveys or promotions.
d. Communication Data: Encompasses messages, inquiries, customer support tickets, and other correspondence sent to us via contact forms, email, or support systems.
e. Technical Data: Device identifiers, system configurations, browser settings, screen resolution, and other system-level data transmitted during website use.
f. Transaction Data: Information relating to the purchase of products or services, including payment method details, order history, transaction status, and delivery tracking.
g. Preference Data: Data regarding your communication and marketing preferences, interest in products or events, and choices regarding data sharing and tracking.
We do not process any sensitive personal data unless required by law and with your explicit consent.
4. Legal Bases for Data Processing
We rely on the following lawful bases for processing your personal data:
– Consent: Where you have provided explicit permission for specific processing activities, such as subscribing to newsletters or enabling tracking cookies.
– Contractual Necessity: To perform obligations under a contract with you, including order fulfillment, account management, and customer support.
– Legal Obligation: Compliance with legal requirements under applicable jurisdictions.
– Legitimate Interests: Pursuing legitimate business interests, such as improving our website functionality, preventing fraud, and securing our systems—where your rights do not override these interests.
5. Your Data Protection Rights
You have the following rights under applicable data protection laws:
– Right to Access: You may request a copy of your personal data that we hold.
– Right to Rectification: You may request correction of inaccurate or incomplete data.
– Right to Erasure: Also known as “the right to be forgotten,” you may request deletion of your personal data under certain conditions.
– Right to Restriction: You may request a restriction on the processing of your data in specific circumstances.
– Right to Data Portability: You have the right to request your personal data in machine-readable format and transmit it to another controller.
– Right to Object: You may object to processing that is based on legitimate interests or direct marketing.
– Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
To protect the confidentiality, integrity, and availability of your personal data, we implement a range of technical and organizational measures including, but not limited to:
– End-to-end encryption for data transmission
– Access control and user authentication protocols
– Regular security audits and vulnerability assessments
– Secure data center facilities and firewalls
– Enforced data minimization principles
– Staff training and internal privacy policies to ensure data confidentiality
7. International Data Transfers
In some instances, your personal data may be transferred outside of your jurisdiction, including to countries that may not offer the same level of data protection. Where such transfers occur, we apply appropriate safeguards, including:
– European Commission Standard Contractual Clauses (SCCs) for data transfers from the EEA
– Contractual obligations with third-party providers ensuring compliance with GDPR or equivalent standards
– Risk assessments in accordance with guidance from relevant regulators
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including any legal, accounting, or reporting requirements. Specific retention periods include:
– Account and Profile Data: Retained as long as the account remains active, and up to 5 years thereafter for record purposes.
– Transaction and Payment Data: Retained for at least 7 years to comply with tax and financial regulations.
– Communication and Support Data: Retained for 3 years from the date of last interaction.
– Cookie and Usage Data: Retained in accordance with our Cookie Policy and as permitted by applicable law.
Upon expiration of the retention period, data is securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar tracking technologies to enhance your experience on maximo-park.com. Cookies help us understand user behavior, remember your preferences, and improve website functionality. The categories of cookies used include:
– Essential Cookies: Necessary for the operation of the website, enabling basic features like page navigation and secure access.
– Functional Cookies: Remember your settings and preferences to enhance user experience.
– Performance Cookies: Collect aggregated information on how users interact with the site to improve performance and usability.
– Analytics Cookies: Allow us to analyze traffic and usage metrics through third-party services (e.g., Google Analytics).
For more details, please refer to the dedicated Cookie Management section below.
10. Cookie Management and Compliance with GDPR & CCPA
Upon your first visit to maximo-park.com, you will be presented with a cookie consent banner allowing you to accept or reject non-essential cookies in accordance with GDPR requirements. You may also manage cookies by:
– Adjusting browser settings to block or delete cookies
– Utilizing the “Privacy Settings” section on the website to update consent preferences
– Opting out of third-party analytics via respective service providers
CCPA: California residents may opt-out of the “sale” of personal information as defined under the CCPA by accessing our “Do Not Sell My Personal Information” link, where applicable.
11. Special Protections for Children Under 13
We do not knowingly collect personal data from children under the age of 13. If you believe that we have unintentionally collected such information, please contact us promptly at [email protected] so that we may take appropriate steps, including removing the data and disabling access.
12. Policy Updates and User Notifications
We reserve the right to amend this Privacy Policy from time to time in response to evolving legal, technical, or business developments. When changes are made, we will revise the updated version on the website and, where appropriate, notify you by email or other prominent means.
We encourage users to review this policy periodically to stay informed about how we protect their data.
13. Contact Information
If you have any questions regarding this Privacy Policy, concerns about how your personal data is handled, or wish to exercise your rights, please contact our privacy team at:
Email: [email protected]
Website: https://maximo-park.com
We are committed to cooperating with regulatory authorities and honoring your rights as a data subject.
Compliance Statement
Maximo Park strives to comply with all applicable data protection laws, including GDPR, CCPA, and relevant national regulations. We are dedicated to transparency, accountability, and respect for individual privacy. Should you have any privacy-related concerns, please reach out to us directly at [email protected].