Privacy Policy for thepjpband.com

1. Introduction

The PJP Band (“we,” “us,” or “our”) is committed to safeguarding the privacy and personal data of individuals who visit and interact with our website (thepjpband.com). We fully recognize the importance of privacy and the sensitivity of personal information, and we are committed to protecting your data in accordance with applicable laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we collect, use, process, and safeguard your personal information, and demonstrates our dedication to a privacy-first approach in all of our operations.

2. Scope of Policy and Role of Data Controller

This Privacy Policy applies to all data collected through our website, thepjpband.com, and associated services, whether you are a casual browser, a customer, or a person interacting with the site’s features (e.g., newsletter sign-ups or online purchases). For purposes of GDPR and other applicable data protection laws, The PJP Band is the “data controller” responsible for determining the purposes and manner in which your information is processed.

3. Categories of Data Processed

We may collect and process the following categories of personal data:

a. Usage Data
Collected automatically when you access thepjpband.com. This may include your IP address, browser type, operating system, device identifiers, referring URLs, browsing timestamp, session duration, and interactions with the website’s features.

b. Account Data
If you create an account or make a purchase, we may collect your name, postal address, email address, phone number, and login credentials.

c. Profile Data
Information related to your preferences, purchase history, browsing behavior, and account settings, including music preferences and user-defined interests.

d. Communication Data
Records of communications between you and us, such as customer support inquiries, webform submissions, email correspondence, and support chat interactions.

e. Technical Data
System-related information, such as the device type, network provider, screen resolution, browser plug-ins, time zone settings, and platform details.

f. Transaction Data
Details tied to purchases made via the website, including order history, billing details, shipping addresses, and last four digits of payment methods processed through secure third-party services.

g. Preference Data
Marketing preferences, opt-in or opt-out status, product interest flags, and responses to promotional campaigns or surveys.

4. Legal Bases for Processing Personal Data

We process your personal data based on the following lawful bases under GDPR:

– Performance of a Contract: Where data is necessary to fulfill agreements with you, such as completing a purchase or delivering a product.
– Consent: Where you have expressly given consent, such as subscribing to a newsletter or accepting cookies.
– Legitimate Interest: Where processing is necessary for our legitimate interests in managing, analyzing, or improving our services, provided such interests are not overridden by your rights.
– Legal Obligation: Where we are required to process data for compliance with applicable legal obligations.

5. Your Rights

Under GDPR and other applicable privacy laws, you have the following rights concerning your personal information:

– Right of Access: Request a copy of the personal data we hold about you.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Ask us to delete your personal data in certain circumstances.
– Right to Restriction: Request the restriction of processing of your personal data.
– Right to Data Portability: Receive your data in a structured, commonly used format and/or transmit it to a third party.
– Right to Object: Object to processing carried out based on legitimate interest or for marketing purposes.

To exercise any of these rights, please contact us at: [email protected]

6. Security Measures

We employ industry-standard administrative, technical, and organizational security measures to ensure the confidentiality, integrity, and availability of your personal data. These include:

– Encryption of sensitive data both in transit and at rest.
– Access controls and multi-factor authentication for internal systems.
– Regular system audits, backups, and vulnerability management.
– Employee training on data protection and privacy obligations.

7. International Data Transfers

If personal data is transferred outside of the European Economic Area (EEA), appropriate contractual safeguards are in place, including the use of Standard Contractual Clauses adopted by the European Commission and other necessary mechanisms to ensure that your data is afforded equivalent protection.

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

– Usage and Technical Data: Retained up to 12 months for analytics and performance monitoring.
– Account and Profile Data: Retained as long as your account remains active and for up to 6 years for legal compliance.
– Transaction Data: Retained for a minimum of 7 years to comply with accounting laws.
– Communication Data: Retained for up to 3 years after resolution of the matter.
– Preference Data: Retained until you withdraw your consent or request deletion.

Where longer retention is required by law, we will comply accordingly.

9. Cookie Policy

We use cookies and similar technologies on thepjpband.com to enhance user experience, deliver personalized content, and analyze website traffic. Cookies fall into the following categories:

– Essential Cookies: Necessary for the operation of the site, such as page navigation or secure logins.
– Functional Cookies: Record user preferences and settings to improve usability.
– Analytics Cookies: Help us understand how visitors interact with the site so we can improve functionality and content delivery.
– Performance Cookies: Monitor system performance, load times, and user engagement metrics.

10. Cookie Management and Compliance with GDPR & CCPA

Upon first access to our site, we present a cookie banner allowing you to manage cookie preferences in compliance with GDPR and CCPA requirements. You may choose to accept or reject non-essential cookies. You may also modify cookie settings using your browser at any time.

Under CCPA, California residents have the right to opt out of the “sale” or “sharing” of their personal information (as defined under the CCPA). While we do not sell personal data, we provide clear consent options and instructions for managing data-sharing preferences.

11. Special Protections for Children Under 13

The services provided on thepjpband.com are not intended for children under the age of 13. We do not knowingly collect or solicit personal information from minors without appropriate parental or guardian consent. If we become aware that we have unknowingly collected data from a child under 13, we will take immediate steps to delete such information. Parents or guardians who believe their child has submitted personal data without their consent should contact us at [email protected].

12. Policy Updates and User Notifications

We reserve the right to update this Privacy Policy from time to time to reflect changes to our practices or legal obligations. Material changes will be communicated through appropriate notifications on the website or by email when required. We encourage all users to periodically review this page to stay informed of our current privacy practices.

13. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our handling of your personal data, please contact us at:

Email: [email protected]
Website: https://thepjpband.com

We are committed to full compliance with applicable data privacy laws and will promptly address all legitimate concerns related to your privacy and data protection rights.