Privacy Policy
1. Introduction
At Commonwealth Group (“we,” “us,” “our”), accessible at commonwealth-group.net, we are fully committed to safeguarding the privacy and personal data of our users. We recognize the importance of protecting personal information and are dedicated to processing data in compliance with applicable privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we collect, use, share, and protect your personal data and the choices you have with respect to your information.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all users who access or use services and features provided via commonwealth-group.net. Commonwealth Group acts as the data controller in relation to the personal data collected through our website, meaning we determine the purposes and means by which your personal information is processed.
3. Categories of Personal Data Processed
We collect and process various categories of personal data to provide and improve our services:
a. Usage Data
Includes information about your visits to and interaction with commonwealth-group.net, such as IP address, browser type, Internet service provider (ISP), referring/exit pages, operating system, date/time stamps, session duration, and clickstream data.
b. Account Data
Includes first name, last name, billing and shipping addresses, email address, username, password, and telephone number provided during account registration or order processing.
c. Profile Data
Includes your interests, purchase history, preferences, service feedback, and behavioral data based on your interactions with the site.
d. Communication Data
Includes records of communications with us, such as support inquiries, messages sent via contact forms, email interactions, and chat transcripts.
e. Technical Data
Includes data from the device(s) you use to access commonwealth-group.net, including device type, hardware model, device identifiers, screen resolution, language settings, and software platform configurations.
f. Transaction Data
Includes payment and transaction details such as the products or services purchased, purchase date, card type (obscured), shipping information, and order history.
g. Preference Data
Includes your marketing and communication preferences, subscription settings, personalized content selections, and opt-in/opt-out history.
4. Legal Bases for Processing
We process your personal data only when legally permitted under applicable data protection laws. Our legal bases include:
– Contractual Necessity: For fulfilling contractual obligations, such as completing a purchase or providing user-requested services.
– Legitimate Interests: For increasing service efficiency, customer support, fraud prevention, marketing (subject to relevant legal safeguards), and improving website content and functionality.
– Legal Obligation: When required to comply with legal duties or lawful requests from law enforcement or regulatory authorities.
– Consent: Where legally required, we will obtain your express consent before processing your information for specific purposes, such as marketing communications or optional cookies.
5. Your Rights under GDPR and CCPA
You have specific rights with respect to your personal information, which you may exercise by contacting us at [email protected]:
– Right to Access: Obtain confirmation whether we process your personal data and access the data we hold about you.
– Right to Rectification: Request correction of inaccurate or incomplete personal data.
– Right to Erasure: Request deletion of your personal data, subject to certain legal retention exceptions.
– Right to Restriction: Request temporary restriction of processing where data accuracy or lawful use is contested.
– Right to Data Portability: Receive your personal data in a structured, commonly used, portable format and transmit it to another controller.
– Right to Object: Object to data processing on grounds of legitimate interest or direct marketing.
– Right to Opt-Out (CCPA): California residents may object to the “sale” of their personal data and request to opt out of data sharing with third parties for advertising purposes.
We will fulfill your requests within legally mandated timeframes and may require you to verify your identity before taking further action.
6. Security Measures
We employ industry-standard administrative, technical, and physical security safeguards to protect your personal data, including:
– Data encryption (HTTPS, TLS) during transit and appropriate encryption at rest
– Multi-level access controls and authentication procedures
– Regular data backups and recovery protocols
– Staff privacy training and data handling protocols
– Monitoring and auditing of system access and usage
While no system can guarantee complete security, we take all reasonable measures to mitigate the risk of unauthorized access or data loss.
7. International Data Transfers
Where personal data is transferred outside of the European Economic Area (EEA) or other legally protected jurisdictions, we ensure appropriate safeguards are in place. These include standard contractual clauses approved by the European Commission, adequacy decisions, or other legally compliant transfer mechanisms to ensure data continues to be protected in accordance with applicable laws.
8. Data Retention
We retain personal data only as long as necessary for the purposes set out in this Privacy Policy:
– Account Data and related customer records: up to 7 years post-account closure or transaction, in compliance with tax and legal obligations
– Communication and Support Data: retained up to 3 years after last user interaction
– Marketing Preferences and Subscription Data: retained until user opts out or withdraws consent
– Technical and Usage Data: retained for up to 2 years for performance and analytical purposes
– Payment and Transaction Data: retained for 7 years to meet legal, regulatory, and financial obligations
Upon expiration of retention periods, data is securely deleted or anonymized.
9. Cookie Policy
Our website, commonwealth-group.net, uses cookies and similar tracking technologies to enhance user experience and website performance. Cookies we use include:
a. Essential Cookies: Necessary for the functioning of our website, such as login authentication, page navigation, and secure transaction processing.
b. Functional Cookies: Remember your preferences and choices to provide a more personalized experience.
c. Analytics Cookies: Help us understand how visitors use our site (e.g., page visits, click patterns) in order to improve usability and performance.
d. Performance Cookies: Monitor website responsiveness and server load management to optimize speed and reliability.
Third-party services, such as Google Analytics, may collect data on our behalf in compliance with our instructions and under strict privacy agreements. No cookies are used to collect personally identifiable information unless you explicitly provide it.
10. Cookie Management and Compliance
Under GDPR and CCPA, you have the right to accept or reject non-essential cookies.
On your first visit to our site, you will be presented with a clear cookie banner allowing you to manage your preferences. You may change these settings at any time by visiting the cookie settings link available on every page footer.
Additionally, you may control or delete cookies through your browser settings. Disabling some cookies may impact functionality or experience on commonwealth-group.net.
11. Children’s Privacy
Our services are not directed to individuals under the age of 13. We do not knowingly collect personal data from anyone under 13 years of age. If we become aware that data has been collected from a minor without verifiable parental consent, we will take immediate steps to delete such data. Parents or legal guardians who believe their child’s information has been provided should contact us directly at [email protected].
12. Updates to This Policy
We reserve the right to modify or update this Privacy Policy to reflect changes in our practices, legal requirements, or improvements to our services. All modifications will be posted on commonwealth-group.net, and users are encouraged to review our Policy periodically. Where required by law, you will be notified of material changes and, where applicable, given an opportunity to provide consent.
13. Contact Us
If you have any questions regarding this Privacy Policy, the handling of your personal data, or wish to exercise any of your rights, you may contact us at:
Commonwealth Group
Email: [email protected]
We are committed to maintaining the highest standard of data privacy compliance. Please do not hesitate to reach out with any concerns related to how your information is processed or protected.