Privacy Policy
1. Introduction
At True Orlando, accessible via trueorlando.com, we respect and prioritize your privacy. We are firmly committed to safeguarding the personal data of all users interacting with our website, services, and communications. In line with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), we have developed this Privacy Policy to explain how and why we collect, use, share, and protect your personal information. Our practices are founded on the principles of transparency, fairness, and accountability.
2. Scope of Policy and Controller Role
This Privacy Policy applies to all users who visit, interact with, or use the services and content provided through trueorlando.com. For the purposes of the GDPR and other applicable data protection legislation, the data controller responsible for your personal data is True Orlando. Any inquiries related to the collection and processing of your personal data should be directed to our designated contact at [email protected].
3. Categories of Data Processed
We collect and process the following categories of personal data as outlined below:
A. Usage Data:
We collect information on how our website is accessed and used. This may include your IP address, browser type and version, time zone, operating system, URL click paths, pages visited, date and time of your visits, and other diagnostic data related to your interaction with trueorlando.com.
B. Account Data:
When you create an account or interact with our website, we may collect identifying data, including your name, email address, postal address, telephone number, and login credentials.
C. Profile Data:
We process information linked to your personal preferences, purchase history, browsing behavior, saved items, and any surveys or feedback you submit.
D. Communication Data:
Any communication you send to us, including email correspondence, support tickets, inquiries, or chat interactions, may be collected and stored. This includes records of our responses and follow-up communications.
E. Technical Data:
We collect data from the devices and systems you use to interact with our services, including device types, unique device identifiers, system settings, language preferences, and mobile carrier details (if applicable).
F. Transaction Data:
We process payment and order history, billing addresses, delivery details, and refund information. Please note that we do not store full credit card details, which are handled securely via third-party payment processors in accordance with PCI-DSS standards.
G. Preference Data:
This includes your stated interests, product and content preferences, and consents for receiving marketing communications.
4. Legal Bases for Processing
We rely on the following lawful bases under the GDPR and corresponding provisions under the CCPA to process your personal data:
– Consent: Where you have provided your explicit permission for us to process personal data for a specific purpose (e.g., receiving marketing communications).
– Contractual Necessity: Where data processing is required to fulfil a contract to which you are a party (e.g., completing a purchase).
– Legal Obligation: Where we are legally required to process your data to comply with relevant laws.
– Legitimate Interests: Where processing is necessary for our legitimate business interests and does not override your personal rights and freedoms (e.g., to enhance website functionality, prevent fraud).
5. Your Rights
In accordance with the GDPR and CCPA, individuals are granted rights regarding their personal data. These include:
– Right of Access: You may request a copy of the personal data we hold about you.
– Right to Rectification: You have the right to correct inaccuracies in your data.
– Right to Erasure: You may request deletion of your data where legal grounds permit.
– Right to Restriction: You may request that we limit the processing of your data under specific conditions.
– Right to Data Portability: You may request to receive your data in a structured, commonly used and machine-readable format.
– Right to Object: You may object to processing where our legal basis is legitimate interests or where personal data is processed for direct marketing.
To exercise these rights, please contact us at [email protected].
6. Security Measures
We implement appropriate technical and organizational safeguards to ensure the confidentiality, integrity, and availability of your personal data. These include, but are not limited to:
– Data encryption for transmission and storage
– Multi-factor authentication and role-based access control
– Secure backup and recovery procedures
– Regular security audits and assessments
– Staff training on data protection best practices
Although we take every reasonable measure to secure your data, no system can be guaranteed to be fully secure. We encourage you to take personal precautions when accessing online services.
7. International Transfers
True Orlando operates globally, and your personal data may be transferred and maintained on servers located outside your state or country. In such cases, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission or other lawful mechanisms permitted under data protection laws.
8. Data Retention
We retain your personal data for only as long as necessary to fulfill the purposes for which it was collected:
– Account Data: Retained while the user maintains an active account and for up to 5 years thereafter for legal and administrative purposes.
– Transaction Data: Retained for 7 years to comply with tax and financial regulations.
– Communication Data: Retained for 2 years to ensure quality assurance and for reference in future inquiries.
– Profile and Preference Data: Retained for 3 years following last activity.
– Technical and Usage Data: Anonymous analytics data may be retained for statistical and performance monitoring for up to 3 years.
When data is no longer necessary, we securely dispose of or anonymize it.
9. Cookie Policy
trueorlando.com uses cookies and similar tracking technologies to provide a personalized and efficient user experience. These include:
– Essential Cookies: Necessary for website functionality, such as login functionality and shopping cart management.
– Functional Cookies: Enhance user experience by remembering preferences and settings.
– Analytical Cookies: Allow us to analyze web traffic, feature use, and performance, typically aggregated and anonymized.
– Performance Cookies: Help us identify and fix technical issues and optimize service delivery.
Third-party services (e.g., analytics providers, advertising networks) may also place cookies, subject to their respective privacy policies.
10. Cookie Management and Compliance with GDPR & CCPA
Upon accessing our website, you are presented with a cookie consent tool enabling you to control the categories of cookies activated. You may withdraw or change your consent at any time via this tool, accessible at the footer of trueorlando.com.
Additionally, most browsers allow users to manage cookie settings and delete cookies. Please note that disabling certain cookies may affect website performance or accessibility.
California residents may further opt out of the “sale” of personal information under the CCPA by utilizing the Do Not Sell My Personal Information link, which is present at the bottom of our website.
11. Protection of Children’s Data
Our website and services are not directed to children under the age of 13. We do not knowingly collect personal data from children. If we become aware that a child under 13 has provided personal data, we will take immediate steps to delete such information. Parents or guardians who believe their child may have submitted personal data should contact us at [email protected].
12. Policy Updates and User Notification
We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, legal requirements, or new services. Users will be notified of significant changes through appropriate channels, including website banners or email notifications, where applicable. Continued use of the website after any changes constitutes acceptance of the updated policy.
13. Contact Us
If you have any questions, comments, or concerns regarding this Privacy Policy or the handling of your personal data, please contact us at:
Email: [email protected]
We are committed to protecting your privacy and ensuring transparent, lawful, and secure data practices at all times. Your trust is essential to us, and we are always available to assist with any privacy-related inquiries.