Privacy Policy
1. Introduction
At Nigel Martin-Smith (“we,” “us,” or “our”), accessible from https://nigelmartin-smith.com, we are deeply committed to respecting and protecting your privacy. We understand the importance of your personal data and the need for transparent, lawful, and secure data processing practices. This Privacy Policy outlines how we collect, use, store, and protect your personal information in alignment with the European Union’s General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable privacy laws.
2. Scope of this Policy and Data Controller Role
This Privacy Policy applies to all personal data obtained through your use of our website, nigelmartin-smith.com, and its associated services. For the purposes of the GDPR and CCPA, the data controller responsible for processing your personal data is Nigel Martin-Smith. We determine the purposes and means of processing your personal information. If you have any questions regarding this policy or your rights, please contact us at [email protected].
3. Categories of Data Processed
We may collect and process the following categories of personal data:
a. Usage Data
Information about how you use our website, including your browser type, IP address, referring URLs, time spent on pages, clickstream data, session duration, and other diagnostic data.
b. Account Data
When you create an account or engage with the site, we may collect your name, postal address, email address, telephone number, and other similar identifiers.
c. Profile Data
Information about your interactions with our services, such as user preferences, behavior on the site, order history, saved settings, and expressed interests.
d. Communication Data
Details of your communications with us, including customer support requests, inquiries, feedback, and correspondence sent via email or forms on our website.
e. Technical Data
Device-specific information such as operating system, device type, browser language, system configurations, network information, and mobile identifiers.
f. Transaction Data
Details pertaining to your purchases or orders, including billing and shipping addresses, payment method (excluding full card numbers), transaction IDs, and delivery status.
g. Preference Data
Records of your explicit opt-in preferences for receiving marketing communications, newsletter subscriptions, as well as your interests in particular products or services.
4. Legal Bases for Processing
We process personal data under the following lawful bases, depending on your interaction with our services:
– Consent – when you have given us explicit permission to process your data.
– Contractual Necessity – when processing is required to fulfill our obligations to you under a contract (e.g. order fulfillment).
– Legal Obligation – when necessary to comply with applicable law, such as tax or regulatory requirements.
– Legitimate Interests – when processing is necessary for our legitimate business purposes, provided these are not overridden by your rights.
5. Your Rights
Under applicable laws, you may have the following rights regarding your personal data:
– Right of Access – to obtain a copy of your personal data held by us.
– Right of Rectification – to correct any inaccurate or incomplete data.
– Right of Erasure – to request deletion of personal data where there is no lawful reason for its continued processing.
– Right to Restrict Processing – to limit the way we use your data in certain cases.
– Right to Data Portability – to receive your personal data in a structured, commonly used electronic format, including the right to request its transmission to another controller.
– Right to Object – to object to processing where it is based on legitimate interests.
– Right to Withdraw Consent – at any time, if processing is based on previously obtained consent.
To exercise these rights, contact us at [email protected]. We will respond in accordance with applicable data protection laws.
6. Security Measures
We implement appropriate technical and organizational measures to ensure a level of security commensurate with the risk, including:
– End-to-end encryption of sensitive data
– Role-based access control and data minimization
– Regular encrypted backups for disaster recovery
– Ongoing employee data protection training
– Firewalls, secure servers, and system monitoring
7. International Transfers
Some of your data may be processed in countries outside of the European Economic Area (EEA) or your jurisdiction. When we engage third-party service providers located outside these regions, we put in place legally approved mechanisms such as Standard Contractual Clauses or ensure the entity is based in a jurisdiction approved by relevant data protection authorities for safe data processing.
8. Data Retention
We retain personal data only as long as necessary for the purposes specified in this Privacy Policy, or as required by applicable law:
– Account Data: for as long as the account is active + 6 years for auditing purposes
– Communication Data: retained for 3 years from date of contact or last response
– Transaction Data: retained for 7 years in accordance with financial compliance laws
– Technical, Usage, and Preference Data: retained for 24 months for analytics and user experience optimization
– Marketing preferences: stored until consent is withdrawn or 2 years post last interaction
9. Cookie Policy
We use cookies and similar technologies on nigelmartin-smith.com to optimize the user experience. Depending on their purpose, cookies fall into the following categories:
– Essential Cookies – necessary for site functionality and core features (e.g., log-in security)
– Functional Cookies – support enhanced functionality such as remembering preferences
– Analytics Cookies – aid in analyzing web traffic and user behavior to improve service
– Performance Cookies – measure website performance, such as load times and UX
10. Cookie Management and Compliance
You can manage your cookie preferences through our cookie consent banner or by configuring your browser settings to reject non-essential cookies. We honor “Do Not Track” signals and provide users with opt-out options compliant with both GDPR and CCPA requirements. You may withdraw your consent to non-essential cookies at any time.
11. Protections for Children Under 13
Our website is not directed to, and we do not knowingly collect data from, children under the age of 13. If we become aware that data has been collected from a child under 13 without verifiable parental consent, we will take steps to delete such data promptly. Parents or guardians that believe we hold such information may contact us immediately at [email protected].
12. Policy Updates and User Notifications
We may update this Privacy Policy from time to time to reflect changes in legal requirements, technological advances, or our business practices. While material changes will be communicated clearly on our website or directly via email where feasible, we encourage users to review this policy periodically for the most up-to-date information.
13. Contact Us
If you have any questions, concerns, or requests relating to your personal data or this Privacy Policy, please contact us at:
Email: [email protected]
We are committed to complying with all applicable privacy regulations, including GDPR and CCPA, and to maintaining your trust through responsible data stewardship. Please do not hesitate to reach out with any privacy-related concerns.