Privacy Policy
1. Commitment to Privacy and Data Protection
The John Langan Band (“we”, “us”, or “our”) values your privacy and is committed to protecting your personal data in accordance with applicable data protection laws, including the European Union General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”), as amended by the California Privacy Rights Act (“CPRA”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at thejohnlanganband.com, or communicate with us through other channels.
We are dedicated to maintaining the confidentiality, integrity, and security of your personal information. Please read this Privacy Policy carefully to understand our practices regarding your data and how we will treat it.
2. Scope of Policy and Role as Data Controller
This Privacy Policy applies to personal data collected through thejohnlanganband.com and services related to it, including when you contact us via email or subscribe to our offerings. We are the data controller in relation to the personal data processed under this Privacy Policy, meaning we determine the purposes and means of processing your information.
Where our partners or third-party service providers process your data on our instruction, they act as data processors and are contractually bound to respect and protect your personal information.
3. Categories of Data We Process
We may collect and process the following categories of personal data, depending on your interactions with our site and services:
a. Usage Data
We collect information about your visits to the website, such as IP address, browser type, browser version, time zone setting, referring/exit pages, and browsing history. This also includes data about your interactions with site features and page response times.
b. Account Data
If you register for newsletters or make purchases, we may collect personal contact details such as your full name, shipping address, billing address, email address, and telephone number.
c. Profile Data
This includes your preferences, purchase history, behavioral data such as which content you engage with most, as well as any other demographic or lifestyle information you provide voluntarily.
d. Communication Data
We retain records of any communications you send to us — such as inquiries, support requests, or feedback — including your email, the content of the message, and subsequent correspondence.
e. Technical Data
Information about the device(s) you use to access the website, such as device model, operating system, screen resolution, and browser settings. This may also include hardware identifiers and diagnostic logs.
f. Transaction Data
Details of products or services you purchase, payment information (processed through secure third-party gateways), delivery information, and transaction history.
g. Preference Data
Marketing and communication preferences, including whether or not you consent to receive promotional emails, your interests in our products, and opt-in/opt-out choices.
We do not collect any sensitive data categories (such as health, biometric, or political data) unless expressly stated and consented to by you.
4. Legal Bases for Data Processing
We process your personal data in accordance with the lawful bases under GDPR:
– Consent – Where you have voluntarily given clear permission, such as subscribing to our newsletter or accepting cookies.
– Contract – When processing is necessary to perform a contract with you, including completing a purchase or responding to your inquiries.
– Legitimate Interests – When processing is required for our business operations (e.g., improving our website, detecting fraud, or marketing to current users), provided that such interests are not overridden by your rights.
– Legal Obligation – Where processing is required for compliance with a legal obligation.
5. Your Rights
Under the GDPR and CCPA/CPRA, you have a number of fundamental rights in relation to your personal data. These rights may include the following:
a. Right to Access
You may request a copy of the personal data we hold about you and information on how it is being processed.
b. Right to Rectification
You may ask us to correct inaccurate or incomplete personal data.
c. Right to Erasure (Right to Be Forgotten)
You may request the deletion of your data where we no longer have a legal basis to hold it.
d. Right to Restrict Processing
You can request that we limit the processing of your data under specific circumstances.
e. Right to Data Portability
Upon request, we will provide your personal data in a structured, commonly used, and machine-readable format so you can transfer it elsewhere.
f. Right to Object
You have the right to object to processing based on legitimate interest or for direct marketing purposes.
To exercise any of these rights or inquire further, please contact [email protected].
6. Security Measures
We implement appropriate technical and organizational security measures to protect your personal data:
– Encryption of data in transit and at rest;
– Access controls and authentication procedures;
– Regular backups and secure data storage protocols;
– Ongoing privacy and security training for personnel;
– Regular vulnerability assessments and incident response planning.
Although we take all reasonably necessary precautions, no system can guarantee absolute security and we encourage you to use caution online.
7. International Data Transfers
Your information may be transferred to and stored on servers located outside of your jurisdiction, including to countries that may not provide the same level of data protection. In such cases, we ensure:
– The use of Standard Contractual Clauses approved by the European Commission;
– Confirmation of adequacy decisions where applicable;
– Additional safeguards in line with GDPR;
– Full compliance with CCPA/CPRA international data transfer mandates.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal, contractual, and regulatory obligations.
– Account and Transaction Data: Retained for up to 7 years to comply with tax and accounting laws.
– Communication Data: Retained for 2 years following the last contact.
– Preference and Marketing Data: Retained until you withdraw consent or after 18 months of inactivity.
– Technical and Usage Data: Retained for a maximum of 26 months for analytics purposes.
Upon expiration of the retention period, data will be securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar tracking technologies on thejohnlanganband.com to enhance functionality and user experience. Categories include:
a. Essential Cookies
Required for core site functionality and access to secure areas.
b. Functional Cookies
Enable personalization features (e.g., remembering language preferences).
c. Analytics Cookies
Collect data on usage patterns and website performance to improve user experience.
d. Performance Cookies
e.g., Third-party cookies used for traffic analysis and content optimization.
You may review a detailed breakdown of the specific cookies used in our dedicated Cookie Banner or Privacy Preferences Center.
10. Cookie Management and Regulatory Compliance
By visiting our website, you are presented with the option to manage your cookie preferences in line with GDPR and CCPA/CPRA compliance requirements. You may:
– Accept or reject non-essential cookies;
– Withdraw consent at any time;
– Use browser settings to block or delete cookies;
– Access a link in the website footer to manage preferences.
We honor browser-based “Do Not Track” signals to the extent required under applicable law.
11. Special Protections for Children Under 13
Our website and services are not intended for children under the age of 13. We do not knowingly collect or process data from children without verified parental consent, in compliance with the Children’s Online Privacy Protection Act (COPPA). If we become aware that a child under 13 has provided us with personal data without verification of parental consent, we will delete such data promptly.
12. Policy Updates
We reserve the right to amend this Privacy Policy from time to time to remain consistent with changes in applicable laws and operational updates. Where material changes are made, we will notify registered users via email and/or place a prominent notification on thejohnlanganband.com. Continued use of the website after such changes constitutes your acknowledgment and acceptance of the updated policy.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:
Email: [email protected]
Website: https://thejohnlanganband.com
Compliance Assurance
We are committed to full compliance with GDPR, CCPA/CPRA, and other data privacy frameworks, and to providing transparency, accountability, and user empowerment. Your trust is of utmost importance to us. If you have any privacy-related questions or wish to exercise your rights, please don’t hesitate to reach out.