Privacy Policy - American Note Company

1. Introduction

At American Note Company (“we,” “our,” or “us”), accessible at americannotecompany.com, we are deeply committed to preserving and protecting the privacy and personal data of our users, customers, and website visitors (“you” or “your”). We recognize the importance of maintaining the confidentiality, integrity, and accessibility of your personal information and are dedicated to upholding a high standard of privacy and data protection in accordance with applicable laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal data when you use or interact with our website and services. By visiting americannotecompany.com, you acknowledge and agree to the practices described in this policy.

2. Scope of Policy and Data Controller Role

This Privacy Policy applies to all personal data collected through our website, americannotecompany.com, and through any related digital platforms or communications. American Note Company acts as the data controller for personal data collected as described herein, determining the purposes and means of processing such data.

For inquiries regarding data protection, you may contact us at: [email protected].

3. Categories of Data Processed

Depending on your interactions with our website and services, we may process the following categories of personal information:

a. Usage Data: Includes information such as your IP address, browser type and version, time zone setting, browser plug-in types, operating system and platform, referral sources, length of visit, page views, and navigation paths collected through analytics tools.

b. Account Data: Personal details you provide when creating an account or placing an order, including your full name, billing and shipping addresses, email address, and telephone number.

c. Profile Data: Includes your product preferences, purchase history, and behavior on the site, which we use to customize your experience and offer personalized content.

d. Communication Data: Any communications including email content, support requests, feedback, and records of interactions with our customer service team.

e. Technical Data: Information collected automatically from your device, including device model, hardware ID, app/browser configurations, and connection information.

f. Transaction Data: Details relating to purchases you make through our website, including payment methods (e.g., tokenized credit card data through our payment providers), transaction amounts, and shipping details.

g. Preference Data: Marketing and communication preferences, as well as interests in specific products or content categories based on your interactions.

4. Legal Bases for Processing

We rely on the following legal bases for processing personal data under the GDPR:

– Consent: Where you have given explicit permission for processing, such as when subscribing to newsletters or accepting cookies.
– Contractual Necessity: Where processing is necessary for the performance of a contract, such as fulfilling orders or providing customer support.
– Legal Obligation: Where processing is required to comply with applicable law, such as tax or accounting requirements.
– Legitimate Interests: Where permitted by law, for purposes such as fraud prevention, security, business analysis, or improving user experience, provided your interests and fundamental rights do not override these interests.

5. Your Rights

You have the following rights, subject to applicable laws and legal limitations:

– Right of Access: You can request information about the personal data we hold about you.
– Right to Rectification: You may correct or update inaccuracies in your personal information.
– Right to Erasure: You may request deletion of your data under certain conditions.
– Right to Restrict Processing: You may request a limitation on our processing of personal data.
– Right to Data Portability: You may request to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another data controller.
– Right to Object: You may object to data processing where we rely on legitimate interests or where data is processed for direct marketing purposes.

To exercise any of your rights, please contact us at [email protected]. We may require verification of identity before fulfilling such requests.

6. Security Measures

We implement appropriate technical and organizational safeguards to protect your personal data, including but not limited to:

– Industry-standard encryption (SSL/TLS) for data in transit;
– Restricted internal access based on role and necessity;
– Regular system backups and recovery protocols;
– Ongoing employee training on privacy and data handling;
– Secure servers and firewall protection.

While no method of transmission or storage is completely secure, we strive to use commercially reasonable means to protect your information.

7. International Transfers

In providing our services, your personal data may be processed outside of your local jurisdiction, including in countries that may offer different levels of data protection. Where such transfers occur, we implement safeguards such as Standard Contractual Clauses approved by the European Commission or rely on other legal mechanisms to ensure an equivalent level of protection.

8. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected. Specific retention periods include:

– Account and Profile Data: retained for as long as your account is active;
– Transaction and Communication Data: retained for up to 7 years for compliance with financial and legal obligations;
– Technical and Usage Data: retained for up to 26 months for analytical and diagnostic purposes;
– Marketing and Preference Data: retained until you withdraw consent or object to processing.

Data may be retained longer where required by law or legal obligation.

9. Cookie Policy

We use cookies and similar technologies to improve website functionality, analyze usage, and enhance user experience. Cookies we use fall into the following categories:

– Essential Cookies: Necessary for website functionality, such as login and shopping cart operations.
– Functional Cookies: Enable enhanced features like remembering your preferences.
– Analytics Cookies: Help us understand how users engage with our website (e.g., Google Analytics).
– Performance Cookies: Monitor website performance and fix issues for smoother navigation.

10. Cookie Management and Compliance

You may control or disable cookies through your web browser settings. Our website displays a cookie consent banner upon your first visit, allowing you to manage your preferences in compliance with GDPR and CCPA requirements. Additionally, you may opt out of third-party analytics via tools such as the Network Advertising Initiative or the Digital Advertising Alliance.

Under the CCPA, California residents have the right to opt out of the sale of personal information. We do not sell personal information as defined under the CCPA. If this changes, we will provide a “Do Not Sell My Personal Information” link on our homepage.

11. Children’s Privacy

Our website and services are not intended for children under the age of 13. We do not knowingly collect or solicit personal data from anyone under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at [email protected] so we can take appropriate action.

12. Policy Updates and Notifications

We may revise this Privacy Policy periodically to comply with applicable laws or reflect changes to our practices. Any updates to the policy will be posted to this page. Users are encouraged to review this Privacy Policy periodically for any changes. Continued use of americannotecompany.com after changes to this policy constitutes your acceptance of the revised terms.

Where required by applicable law, we will notify you of material changes to this policy via email or other prominent means.

13. Contact

If you have any questions about this Privacy Policy, the handling of your personal data, or if you wish to exercise your privacy rights, please contact us:

Email: [email protected]

We are committed to upholding your privacy rights and complying with applicable data protection laws. If you believe we have not adhered to this policy or handled your personal data properly, you also have the right to lodge a complaint with your local data protection authority.

This Policy reflects American Note Company’s commitment to transparency, accountability, and responsible data management. We encourage you to reach out with any questions or concerns about your privacy.