Privacy Policy
1. Introduction
At Saint Peter II, accessible at saintpeterii.com, we are firmly committed to protecting your privacy and safeguarding your personal data. This Privacy Policy outlines how we collect, use, disclose, and protect your information in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We prioritize transparency, fairness, and your privacy rights in every aspect of our operations.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to personal data collected through your use of our website, saintpeterii.com, and any associated services. Saint Peter II acts as the “Data Controller” under the GDPR for the personal data submitted, collected, and processed via this website. If you are a California resident, this policy also addresses your rights under the CCPA.
3. Categories of Data Processed
We may collect and process the following types of personal data:
a. Usage Data
This includes information about how you use our website, such as your IP address, browser type, operating system, pages visited, duration of session, and referral sources. This data helps us improve site functionality and user experience.
b. Account Data
Includes details you provide when creating an account—such as your full name, email address, mailing address, and telephone number.
c. Profile Data
Includes information related to your preferences, behavior on our website, purchase history, saved products, and personalization settings.
d. Communication Data
Comprises records of your interactions with us—support inquiries, contact messages, feedback, complaints, and acknowledgment receipts.
e. Technical Data
Includes device-specific information used to access our website or services, such as hardware model, operating system version, browser plugins, screen resolution, system preferences, and language settings.
f. Transaction Data
Refers to records of purchases or transactions you conduct through the website, including billing, shipping, and payment information (processed by third-party payment providers).
g. Preference Data
Includes your stated marketing preferences, communication choices, and interests indicated by site interaction or profile settings.
4. Legal Basis for Processing
We process your personal data based on the following legal grounds under the GDPR:
– Consent: When you voluntarily submit information (e.g., signing up for newsletters), or consent to cookies where required.
– Contract: Where processing is necessary to fulfill a contract with you (e.g., order fulfillment).
– Legal Obligation: Where processing is necessary for compliance with legal obligations.
– Legitimate Interest: For operational needs such as improving website performance, fraud prevention, customer support, and marketing (subject to your rights and freedoms).
5. Your Rights
Under data protection laws, you have certain rights regarding your personal data. These include the right to:
– Access: Obtain a copy of your personal data held by us.
– Rectification: Request corrections to inaccurate or incomplete data.
– Erasure: Request deletion of your personal data under certain conditions (“right to be forgotten”).
– Restriction: Request suspension or limitation of data processing.
– Data Portability: Request transfer of your data to a third party.
– Object: Object to data processing based on legitimate interests or direct marketing.
California residents also have the right to:
– Know the categories and specific pieces of personal information we collect.
– Request deletion of personal data.
– Opt-out of the sale of personal information.
– Not be discriminated against for exercising privacy rights.
To exercise your rights, contact us at [email protected].
6. Security Measures
We employ appropriate technical and organizational safeguards to ensure the confidentiality and integrity of your personal data. These measures include encryption, secure socket layer (SSL) protocols, authenticated data access, firewalls, regular system monitoring, user training, and secure backup protocols to reduce the risk of unauthorized access, disclosure, or loss.
7. International Data Transfers
Where personal data is transferred outside the European Economic Area (EEA), including to the United States, we ensure such transfers are governed by legally valid mechanisms, including the European Commission’s Standard Contractual Clauses and equivalent safeguards as required by GDPR. We also implement CCPA-compliant practices for cross-border transfers affecting California residents.
8. Data Retention
We only retain personal data for as long as necessary for the purpose for which it was collected or as required by applicable law. Specific retention periods vary by data type:
– Usage & Technical Data: up to 12 months (for analytics and security auditing).
– Account & Profile Data: active length of account plus 6 years (for legal purposes).
– Transaction Data: 7 years (consistent with legal and fiscal obligations).
– Communication Data: 3 years from last interaction.
– Marketing Preference Data: until consent is revoked.
After these periods, data is securely deleted or anonymized.
9. Cookie Policy
saintpeterii.com uses cookies and similar technologies to enhance your browsing experience. Cookies are small data files stored on your device that allow us to recognize you and retain session information.
We use the following categories of cookies:
– Essential Cookies: Necessary for core functionality such as navigation, account access, and secure transactions.
– Functional Cookies: Enable personalization features such as saved preferences.
– Analytics & Performance Cookies: Help us understand visitor interactions, traffic sources, and usability metrics.
– Marketing Cookies: Used to deliver relevant ads and content based on your interests.
We do not use cookies that sell your personal information without consent, in accordance with the CCPA.
10. Cookie Management and Compliance
Upon your first visit to saintpeterii.com, we request your cookie consent through a banner aligned with GDPR and CCPA obligations. You can modify your cookie preferences at any time via our Cookie Settings tool or by adjusting browser configurations to accept, block, or delete cookies.
Do Not Track signals are honored to the extent required by law.
11. Protection of Children’s Data
Saint Peter II does not knowingly collect or process personal data from children under the age of 13. If we discover that personal data of a child under 13 has been collected without verifiable parental consent, we will take immediate steps to delete such data from our systems.
12. Policy Updates & Notifications
We reserve the right to amend this Privacy Policy at any time for legal, operational, or regulatory reasons. Any changes will be announced prominently on saintpeterii.com or communicated directly through your user account, where applicable. We encourage you to periodically review this Policy to stay informed of how we protect your information.
13. Contact Us
If you have any questions, concerns, or requests related to this Privacy Policy or how your personal data is processed, please contact our Data Privacy Officer at:
Email: [email protected]
We are committed to full compliance with all applicable data privacy regulations and to resolving any privacy concerns in a timely and transparent manner.