Privacy Policy for Manx Road Club
1. Introduction
At Manx Road Club (“we,” “us,” or “our”), accessible via manxroadclub.com, we are committed to safeguarding your privacy and protecting your personal data. This Privacy Policy outlines how we collect, use, disclose, and secure your information. We are fully committed to ensuring compliance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act (“CCPA”) and to upholding the rights and privacy of all users who interact with our services, whether from the United Kingdom, the European Economic Area (EEA), the United States, or anywhere else globally.
We value transparency, and we encourage you to read this policy thoroughly to understand how your data is handled.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal information collected through the manxroadclub.com website, communication with us via email or otherwise, and any affiliated platforms or digital services we may provide. Manx Road Club acts as the data controller under GDPR, meaning we determine the purposes and manner in which your personal data is processed.
If you reside in California, you retain additional rights under the CCPA, which are detailed in this policy.
3. Categories of Data Processed
We may collect and process the following categories of personal data:
– Usage Data: Information about how you use our website, including browser type, IP address, pages visited, session duration, referring URLs, date/time stamps, and clickstream data.
– Account Data: Information you provide when creating an account or registering with us, such as your full name, address, email address, and phone number.
– Profile Data: Data regarding your preferences, purchase history, participation in events, and behavioral trends as you interact with our services.
– Communication Data: All correspondence with us, including support inquiries, contact form submissions, email conversations, and feedback.
– Technical Data: Details about your device, browser configurations, operating system, language settings, and system performance metrics.
– Transaction Data: Payment information (processed securely by third-party payment providers), delivery and billing addresses, and records of purchases or financial transactions.
– Preference Data: Marketing preferences, newsletter subscriptions, product interest areas, and opt-in/opt-out history for promotional messaging.
4. Legal Bases for Processing
We rely on the following lawful bases for processing personal data, as permitted under Article 6 of the GDPR and recognized equivalents under the CCPA:
– Consent: When you have given clear and affirmative consent for us to process your data for a specific purpose (e.g., subscribing to newsletters).
– Contractual Necessity: Where processing is necessary to enter into or perform a contract with you (e.g., processing your registration or purchases).
– Legitimate Interests: Processing for reasons such as improving the functionality of our website, fraud prevention, and marketing (where not overridden by your fundamental rights).
– Legal Obligations: When we are legally required to process your data to comply with applicable laws or enforce legal rights.
5. Your Rights
You have the following rights concerning your personal data:
– Right of Access: You may request confirmation of whether we hold personal data about you and receive a copy of that data.
– Right to Rectification: You may request correction of inaccurate or incomplete data.
– Right to Erasure: You may request that we delete your personal data under certain circumstances (e.g., withdrawal of consent).
– Right to Restrict Processing: You may request limitations on how we process your data.
– Right to Data Portability: You may receive your data in a structured, commonly used, and machine-readable format and have it transmitted to another controller.
– Right to Object: You may object to the processing of your data where it is based on our legitimate interests or for direct marketing purposes.
– Non-Discrimination: Under the CCPA, you have the right not to receive discriminatory treatment for exercising any of your privacy rights.
To exercise any of the above rights, please contact us via [email protected].
6. Security Measures
We have implemented a strong set of technical and organizational measures to protect your personal data:
– Data encryption (in transit and at rest)
– Role-based access control and multi-factor authentication
– Regular security audits and vulnerability assessments
– Data backup protocols and secure hosting environments
– Staff training in data privacy and security best practices
While no method of transmission over the Internet or method of electronic storage is entirely secure, we are committed to maintaining robust data protection protocols.
7. International Transfers
If you are located outside the United Kingdom or EEA, your data may be transferred to and processed in jurisdictions that do not provide the same level of protection. Where such international data transfers occur, we ensure adequate safeguards are in place, including:
– Use of European Commission-approved Standard Contractual Clauses
– Transfer to countries deemed to provide adequate levels of data protection by relevant authorities
– Implementation of additional contractual and technical safeguards when required
8. Data Retention
We retain personal data only as long as necessary for the purposes for which it was collected and pursuant to applicable laws. Retention periods typically include:
– Account and Profile Data: Retained for the duration of the account’s existence and up to 5 years following account closure
– Transaction Data: Retained for 7 years for tax and legal compliance
– Communication Data: Retained for 2 years for audit and quality assurance
– Usage, Technical, and Preference Data: Typically retained for 18–24 months unless aggregated or anonymized sooner
Where data is no longer required, it will be securely deleted or anonymized.
9. Cookie Policy
manxroadclub.com uses cookies and similar technologies to enhance your browsing experience. These include:
– Essential Cookies: Necessary for website functionality, including session tracking and security features
– Functional Cookies: Remembering your preferences and region, enabling personalization features
– Analytics Cookies: Helping us understand how users interact with our website, optimize performance, and gather usage statistics
– Performance Cookies: Ensuring optimal speed, error logging, and load-balancing
10. Cookie Management & GDPR/CCPA Compliance
Upon visiting manxroadclub.com, you will be presented with a cookie banner offering you clear options to accept, reject, or configure cookie preferences in compliance with GDPR and CCPA regulations.
You may change your cookie settings at any time via your browser or preferences panel on the site. Third-party cookies may also be present and are governed by the privacy policies of those vendors.
11. Protection of Children’s Privacy
Our website and services are not intended for children under the age of 13. We do not knowingly collect personal data from minors. If we learn that we have inadvertently gathered data from a child, we will take immediate steps to delete it.
If a parent or guardian believes we have collected personal data from a child, they should contact us at [email protected].
12. Policy Updates
We reserve the right to update this Privacy Policy periodically to reflect operational changes, regulatory developments, or improvements in privacy practices. Any material changes will be communicated prominently on manxroadclub.com. We encourage you to review the Privacy Policy regularly to stay informed.
Continued use of our website and services after a change constitutes your acceptance of the revised policy terms.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, you may contact us at:
Manx Road Club
Email: [email protected]
Website: manxroadclub.com
We are committed to addressing your data privacy concerns in a timely, transparent, and respectful manner.
Compliance Assurance
Manx Road Club is committed to the lawful, transparent, and fair processing of personal data in compliance with GDPR, CCPA, and other relevant privacy laws. For any concerns about your privacy or to exercise your data rights, please contact us at [email protected].