Privacy Policy
1. Introduction
At Journey Water Sports (“we,” “us,” or “our”), accessible via journeywatersports.com, we are committed to protecting the privacy and security of all users who visit our website and interact with our services. We recognize the importance of safeguarding personal data and are dedicated to handling your information responsibly, transparently, and in full accordance with applicable privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
This Privacy Policy describes how we collect, use, disclose, and protect your personal information. By using journeywatersports.com, you agree to the terms outlined in this Policy.
2. Scope and Data Controller
This Privacy Policy applies to all visitors and users of journeywatersports.com. Journey Water Sports is the data controller responsible for processing personal information under this policy. The data controller can be contacted at [email protected] for all privacy-related inquiries or concerns.
3. Categories of Data We Process
We collect and process the following categories of personal data:
a. Usage Data
Includes data automatically collected when you visit journeywatersports.com, such as IP address, browser type and version, time zone setting, pages visited, session duration, and interactions with the site.
b. Account Data
Includes personal details provided at registration or during bookings, such as your full name, billing and shipping address, email address, and phone number.
c. Profile Data
Includes information provided voluntarily or generated while interacting with journeywatersports.com, such as preferences, feedback, activity history, travel details, and past purchases.
d. Communication Data
Includes correspondence exchanged with us, including emails, support messages, inquiries, and complaint logs.
e. Technical Data
Includes technical information about the devices used to access our services, such as device model, operating system, system configuration, unique identifiers, and compatibility alerts.
f. Transaction Data
Includes payment and billing data (processed securely by third-party providers), booking confirmations, delivery instructions, and transactional history related to tours, rentals, or merchandise.
g. Preference Data
Includes marketing consents, communication preferences, and interests expressed in products, services, or promotions.
4. Legal Bases for Processing Your Data
We process your personal data only where permitted by law. The legal grounds on which we rely include:
– Consent: When you provide informed consent for specific purposes, such as subscribing to newsletters or accepting cookies.
– Contractual Obligation: Where data is necessary for fulfilling a contract with you, including bookings and purchases.
– Legitimate Interests: Where we use your data to improve website functionality, offer security, and deliver a personalized experience without overriding your privacy rights.
– Legal Obligation: Where processing is required to comply with applicable laws or respond to lawful requests by public authorities.
5. Your Rights
As a data subject, you have the following rights, subject to verification and certain limitations:
– Right to Access: You may request a copy of your personal data held by us.
– Right to Rectification: You may update or correct inaccurate or incomplete data.
– Right to Erasure: You may request deletion of your data, subject to lawful retention requirements.
– Right to Restriction: You may request limited use of your data under certain circumstances.
– Right to Data Portability: You may request that your data be provided in a structured format or transferred to another data controller.
To exercise any of the above rights, please submit a request to [email protected]. We endeavor to respond promptly and in accordance with applicable legal timelines.
6. Data Security Measures
We implement appropriate technical and organizational measures to ensure the security, integrity, and confidentiality of your data. These measures include:
– Encryption of data in transit and at rest;
– Secure servers and firewalls;
– User role-based access controls;
– Routine data backups and disaster recovery protocols;
– Staff training on data protection and confidentiality.
Despite these safeguards, no online platform can be guaranteed 100% secure, and users share information at their own risk.
7. International Data Transfers
We may transfer personal data across jurisdictions for processing, storage, or service provision. Where such transfers involve countries outside the European Economic Area (EEA) or other jurisdictions with differing data protection laws, we ensure adequate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission and appropriate due diligence on our service providers.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. Specific retention periods may include:
– Account Data: Retained for the lifetime of your account and up to 6 months following closure.
– Transaction Data: Retained for 7 years for legal and tax compliance.
– Communication Data: Retained for 2 years after last interaction.
– Preference and Marketing Data: Retained until you withdraw your consent or unsubscribe.
– Technical and Usage Data: Retained for up to 12 months for performance monitoring and analytics.
Data is securely deleted or anonymized upon expiration of the retention period.
9. Cookie Policy
We use cookies and similar technologies to facilitate website functionality, personalize content, and analyze usage. We categorize cookies as follows:
– Essential Cookies: Required to operate journeywatersports.com and enable key features like shopping cart functionality and secure login.
– Functional Cookies: Enable enhanced features and remember your preferences, such as region selection or language.
– Analytics Cookies: Help us understand user behavior through aggregated traffic data (e.g., Google Analytics).
– Performance Cookies: Improve website responsiveness and identify any technical issues.
10. Cookie Management and Compliance
Upon your first visit to journeywatersports.com, you are presented with a cookie consent banner that allows you to accept or manage cookie settings in compliance with the GDPR and CCPA. You may also modify your preferences at any time via your browser settings or by contacting us at [email protected].
Do Not Track (DNT) signals from browsers are respected to the extent technically feasible.
11. Children’s Privacy
Journey Water Sports does not knowingly collect or solicit information from persons under the age of 13. If you are a parent or legal guardian who believes that your child has provided us with personal data without your consent, please contact us immediately at [email protected], and we will take appropriate steps to remove the information.
12. Changes to This Policy
We reserve the right to modify this Privacy Policy at any time to reflect changes in technologies, legal requirements, or business practices. Substantial changes will be communicated via appropriate channels, which may include email notifications, on-site banners, or user dashboards.
13. Contact Us
For questions, requests, or concerns regarding this Privacy Policy, your personal data, or our data handling practices, please contact:
Journey Water Sports
Email: [email protected]
We are committed to compliance with data protection legislation and strive to ensure the privacy and security of all visitors at journeywatersports.com. If you believe your data rights have not been upheld, we encourage you to reach out so we may address your concerns appropriately.