Privacy Policy - Twin Brothers Worlds Apart

1. Introduction

At Twin Brothers: Worlds Apart (“we”, “our”, “us”), accessible via twinbrothersworldsapart.com (the “Website”), we are fully committed to safeguarding the privacy and personal data of our users and visitors. We take data protection seriously and understand the importance of maintaining the confidentiality, integrity, and availability of your personal information. This Privacy Policy outlines how we collect, use, disclose, and protect your data, with a strong emphasis on compliance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws.

We prioritize transparency and accountability in all our data processing activities and are dedicated to ensuring your rights are respected throughout your engagement with our Website, products, and services.

2. Scope of Policy and Data Controller Role

This Privacy Policy applies to the personal data collected through your use of twinbrothersworldsapart.com, including any related services, content, and communications. It governs the handling of personal information whether collected online through our Website or through direct communication with us.

For purposes of the GDPR, the data controller responsible for the processing of your personal data is:

Twin Brothers: Worlds Apart
Email: [email protected]

3. Categories of Data Processed

We process various categories of personal data for specific purposes, which may include:

– Usage Data: Information related to your interactions with our Website, such as browser type/version, IP address, date/time stamps, time zone settings, device identifiers, referring URLs, pages visited, click patterns, session durations, and other diagnostic data. This data helps us analyze performance and improve the user experience.

– Account Data: When creating an account or registering for services, we may collect your full name, email address, postal address, phone number, and login credentials.

– Profile Data: Includes demographic information, interests, purchase history, product preferences, and behavioral information gathered from user interactions or profile customization on our platform.

– Communication Data: Includes all messages, email exchanges, support requests, and correspondence between you and our team, along with metadata such as timestamps.

– Technical Data: Device type, operating system, browser settings, hardware configurations, screen resolution, language preferences, and installed plugins collected via cookies or similar technologies.

– Transaction Data: Data related to payments and transactions made via the Website, including billing addresses, delivery addresses, payment method details (processed via secure, external payment processors), and order history.

– Preference Data: Information related to marketing preferences, communication consents, and your response to promotional campaigns and surveys.

4. Legal Bases for Processing

We process personal data under the legal bases established under Article 6 of the GDPR and applicable CCPA provisions, including:

– Consent: Where you have voluntarily agreed to the processing for a specified purpose such as marketing communications or cookies.
– Contractual Necessity: Where processing is necessary for the performance of a contract or to take steps at your request prior to entering into a contract.
– Legal Obligation: Where required to comply with legal or regulatory obligations.
– Legitimate Interests: For purposes such as improving our services, preventing fraud, securing operations, market analysis, and communication, provided such interests are not overridden by your fundamental rights and freedoms.

5. Your Rights

We respect your rights under applicable data protection laws. You may exercise the following rights in relation to your personal data, subject to legal limitations:

– Right of Access: Request a copy of any personal data we hold about you.
– Right of Rectification: Correct inaccurate, outdated, or incomplete personal information.
– Right to Erasure: Request deletion of your data, where legally permissible.
– Right to Restriction: Restrict further processing of your data under specified conditions.
– Right to Data Portability: Receive your data in a commonly used, machine-readable format and request transmission to another controller.
– Right to Object: Oppose processing based on legitimate interest or direct marketing.
– Right Not to be Subject to Automated Decision-Making: Reject decisions made solely by automated processing that significantly affects you.

To exercise any of these rights, please contact us at [email protected]. We will consider and respond to all requests in accordance with applicable laws.

6. Security Measures

We implement robust technical and organizational measures to safeguard your personal data from unauthorized access, disclosure, alteration, or destruction. These include but are not limited to:

– Encrypted communications using HTTPS (SSL/TLS)
– Access controls and authentication protocols
– Firewalls and intrusion detection systems
– Secure data storage and regular backups
– Limited access to personal data on a “need-to-know” basis
– Ongoing security awareness training for personnel

While we strive for the highest level of security, no system can be entirely invulnerable. We therefore encourage you to play an active role in protecting your data by using strong passwords and keeping them confidential.

7. International Transfers

Your personal data may be transferred to, and stored or processed in, countries outside your jurisdiction, including the United States and other locations where we or our third-party service providers operate. Where such transfers occur, we ensure appropriate safeguards are in place, including:

– European Commission Standard Contractual Clauses (SCCs)
– Adequacy decisions, if applicable
– Binding corporate rules and additional supplementary measures

Such measures ensure that your data is treated securely in accordance with this Privacy Policy and legal requirements.

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required by law. Data will be retained as follows:

– Usage and Technical Data: Up to 12 months for analytics and diagnostics
– Account and Profile Data: Retained for the duration of the active account and up to 24 months thereafter
– Communication Data: Retained for up to 36 months for recordkeeping and dispute resolution
– Transaction Data: Retained for at least 6 years in accordance with tax and accounting obligations
– Preference Data: Retained until you withdraw your consent or update your preferences

We may anonymize data for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

9. Cookie Policy

We use cookies and similar technologies to enhance user experience, provide analytics, and personalize content. Cookies allow us to understand usage patterns and tailor services to user needs. We classify cookies into the following categories:

– Essential Cookies: Necessary for the operation of the Website and delivery of services (e.g., authentication, session maintenance).
– Functional Cookies: Enhance functionality and customization (e.g., remembering preferences, language selection).
– Analytics Cookies: Collect information on user behavior and usage metrics to help improve Website performance.
– Performance Cookies: Monitor the efficiency and reliability of our platform and measure load times and responsiveness.

10. Cookie Management and Compliance

In compliance with GDPR and CCPA, we provide users with tools to control cookie preferences at any time. Upon first visit to our Website, a cookie consent banner allows users to accept or reject non-essential cookies. You may also manage or delete cookies from your browser settings.

For California residents, cookies that may be considered as “selling” data under the CCPA can be disabled through the “Do Not Sell My Personal Information” link, when applicable.

You can update your cookie preferences or withdraw consent through our Cookie Settings page, available at any time via the Website footer or browser interface.

11. Children’s Privacy

We do not knowingly collect personal data from children under the age of 13. If you are under 13, please do not use this Website or provide any information to us. If a parent or guardian becomes aware that a child has provided information without their consent, they should contact us at [email protected], and we will take appropriate action to delete the data.

12. Policy Updates & User Notifications

We reserve the right to modify this Privacy Policy at our discretion and in response to legal, regulatory, or business developments. Any substantial changes to this Policy will be prominently communicated through our Website and, where appropriate, via individual notices.

Continued use of twinbrothersworldsapart.com after changes to this Policy implies acceptance of the revised terms.

13. Contact

If you have any questions about this Privacy Policy, our data practices, or wish to exercise your rights, you may contact our Data Protection Officer at:

Email: [email protected]
Subject Line: Privacy Request

We are committed to resolving your concerns transparently and in compliance with all applicable data protection laws.

—

This Privacy Policy is designed to comply with the obligations set forth under the GDPR, CCPA, and other applicable privacy regulations. We value your trust and remain dedicated to protecting your privacy at all stages of your interaction with twinbrothersworldsapart.com.