Privacy Policy
1. Introduction
At Newport Harbor Football, accessible via newportharborfootball.com, we are committed to safeguarding your personal information and respecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and protect your personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We strive to ensure transparency in all aspects of our data handling practices and uphold the highest standards in protecting your privacy.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all users and visitors of newportharborfootball.com. Newport Harbor Football is the data controller responsible for your personal data, and we determine the purposes and means of its processing. This policy governs data collected through our website, services, and communications directed to or from us. By using our site, you acknowledge the practices described herein.
3. Categories of Personal Data We Process
The following categories of personal data may be collected directly from you or through your interaction with our services:
a. Usage Data
We collect information about how you interact with our website, including IP addresses, browser types, access times, visited pages, referring URLs, and session durations.
b. Account Data
Some areas of our website may require account creation, during which we collect your name, mailing address, phone number, and email address.
c. Profile Data
We may collect and process information related to your account preferences, purchase history, and behavior while using the website. This may include preferred team merchandise, events, or fundraising interests.
d. Communication Data
This includes copies of your correspondence with us, including support inquiries, feedback submissions, and other customer service interactions.
e. Technical Data
Includes device identifiers, operating system details, browser settings, time zone settings, and other system configurations used during site access.
f. Transaction Data
Payment and billing information (as applicable), along with delivery addresses related to purchases or donations made through the site.
g. Preference Data
Your stated interests regarding products, event participation, newsletter subscriptions, and marketing communications, such as email opt-ins or opt-outs.
4. Legal Bases for Processing Personal Data
We process your personal information under the following lawful bases:
– Consent: Where you have granted explicit permission for us to process your data.
– Contract Performance: Where processing is necessary to fulfill a contract with you or pre-contractual obligations.
– Legal Compliance: When required to meet legal obligations or applicable regulations.
– Legitimate Interests: For purposes such as improving website functionality, communicating relevant offers, preventing fraud, and ensuring network security, provided these do not override your rights and freedoms.
5. Your Privacy Rights
Under GDPR, CCPA, and applicable privacy laws, you have the following rights:
– Right of Access: Request confirmation and access to your personal data.
– Right to Rectification: Request correction of incomplete or inaccurate data.
– Right to Erasure: Request deletion of your data when it is no longer necessary or processed unlawfully.
– Right to Restrict Processing: Limit how your data is used in certain circumstances.
– Right to Data Portability: Receive your personal data in a structured, machine-readable format or request its transfer to another controller.
– Right to Object: Object to data processing based on legitimate interests or for direct marketing.
– Right Not to Be Subject to Automated Decision Making: You have the right to request human involvement instead of automated outcomes.
To exercise any of the above rights, contact us at [email protected].
6. Security Measures
We implement appropriate technical and organizational measures to secure your personal data, including:
– Industry-standard encryption to protect data both in transit and at rest.
– Access controls ensuring only authorized personnel can access personal data.
– Secure data storage and regular system backups.
– Ongoing employee privacy and data security training.
While we strive to protect your information, please note that no method of electronic transmission or storage is 100% secure.
7. International Data Transfers
Your personal information may be stored or processed in jurisdictions outside your place of residence, including the United States. Where such transfers occur, we take appropriate measures to ensure your data is adequately protected, including the use of standard contractual clauses or ensuring processors are certified under appropriate regulatory mechanisms such as the EU-U.S. Data Privacy Framework.
8. Data Retention
We retain your personal data only for as long as necessary for the purposes for which it was collected, including the fulfillment of legal, accounting, or reporting requirements.
Data retention periods:
– Usage Data: up to 12 months.
– Account Data: retained for the life of the account plus 24 months after termination.
– Transaction Data: retained for 7 years for audit and compliance.
– Communication Data: up to 3 years from last interaction.
– Cookie data: as defined in our cookie policy below.
Upon expiration of the applicable retention period, your data will be securely erased or anonymized.
9. Cookie Policy
We use cookies and similar tracking technologies to enhance your experience on our website. These cookies may be essential for operation or used to improve website performance and measure engagement.
Types of cookies:
– Essential Cookies: Required for core functionality such as navigation and form submissions.
– Functional Cookies: Enable personalization and user settings preferences.
– Analytics Cookies: Collect anonymous usage data to help improve website structure and content.
– Performance Cookies: Enhance site speed and performance tracking.
10. Cookie Management and Compliance
Users are presented with a cookie consent banner upon visiting newportharborfootball.com. You may manage your consent preferences through this banner or adjust browser settings to restrict or delete cookies. We honor Do Not Track (DNT) signals and provide mechanisms to revoke consent in accordance with GDPR and CCPA requirements.
11. Children’s Privacy Protection
We do not knowingly collect or solicit personal data from children under the age of 13. If we discover that personal information has been inadvertently collected from a child under 13, we will take immediate steps to delete such data. If you believe a child under 13 has provided data to us, please contact us at [email protected].
12. Policy Revisions and User Notification
We may periodically update this Privacy Policy to reflect changes in legal requirements or our data practices. Material updates will be communicated by email (where appropriate) or prominently posted on newportharborfootball.com. Continued use of the site after such updates constitutes acceptance of the revised policy.
13. How to Contact Us
For any questions regarding this Privacy Policy, to exercise your rights, or to express concerns about your data privacy, contact our privacy team at:
Email: [email protected]
We are committed to complying with applicable data protection regulations and will respond to your inquiries professionally and promptly.
Your trust is important to us, and we welcome your feedback as we continue to uphold strong privacy and data protection practices.