Privacy Policy
1. Introduction
At Jonesy the Band (“we”, “our”, or “us”), accessible at jonesytheband.com, we are committed to protecting your privacy and upholding the highest standards of data protection. This Privacy Policy outlines how we collect, process, store, and protect your personal data. Our practices are fully aligned with the requirements of the European Union General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”), and demonstrate our commitment to a privacy-first approach.
2. Scope of Policy and Role as Data Controller
This Privacy Policy applies to all users and visitors to jonesytheband.com and outlines the personal data we collect, both online and offline. As the data controller, we determine the purposes and means of processing your personal data. If you have any questions or concerns about this policy or your data, please contact us at [email protected].
3. Categories of Data We Process
We may collect and process the following categories of personal data:
a. Usage Data
Includes data about your interactions with jonesytheband.com such as IP address, browser type and version, time zone setting, operating system, referral source, length of visit, page views, and website navigation paths.
b. Account Data
When you create an account or place an order, we collect your full name, shipping and billing address, email address, phone number, and other relevant credentials.
c. Profile Data
Includes your preferences, past purchases, browsing behavior, responses to surveys, and any other data you voluntarily submit to customize your user experience.
d. Communication Data
Comprises your inquiries, feedback, customer support interactions, and contact history submitted through email or website forms.
e. Technical Data
Encompasses device information used to access our services, including device type, unique device identifiers, operating system, and hardware configuration.
f. Transaction Data
Includes information about purchases and transactions you initiate with us, including order history, payment method, delivery information, and billing details.
g. Preference Data
Relates to your preferences regarding marketing communications, product interests, and your opt-in/opt-out status regarding data usage.
4. Legal Bases for Processing
We collect and process your data under the following legal bases:
– Legitimate Interests: To enhance and personalize site functionality, analyze metrics, and improve services.
– Contractual Necessity: To fulfill a contract with you, such as processing orders or delivering purchased goods.
– Legal Obligation: To comply with applicable laws and regulatory requirements.
– Consent: Where required, we seek your explicit consent, particularly for marketing or non-essential cookies.
5. Your Rights
You have the following rights under GDPR and, where applicable, CCPA:
– Right of Access: You can request a copy of your personal data held by us.
– Right of Rectification: If your data is incorrect or incomplete, you may ask for it to be corrected.
– Right to Erasure: Also known as the “right to be forgotten.” You can request deletion of your data under certain conditions.
– Right to Restriction: You may request that we limit the processing of your personal data.
– Right to Portability: You can request your data in a structured, commonly used format to transfer it to another controller.
– Right to Object: You can object to processing where your data is used for direct marketing or based on our legitimate interest.
To exercise these rights, please contact us at [email protected].
6. Security Measures
We employ a variety of robust technical and organizational measures to protect your personal data:
– Encryption of data at rest and in transit
– Role-based access control with strict authentication protocols
– Secure servers and firewalls
– Regular security training for staff
– Daily backups and breach monitoring mechanisms
Despite our efforts, no method of transmission over the Internet or electronic storage is completely secure. However, we strive to use industry best practices to ensure the integrity of your data.
7. International Data Transfers
Your data may be transferred and processed in countries outside your jurisdiction, including the United States. Where such transfers occur, we implement appropriate safeguards such as Standard Contractual Clauses or rely on adequacy decisions issued by the European Commission. These measures ensure that your data receives equivalent protection wherever it is transferred.
8. Data Retention
We retain your personal data only as long as is necessary for the purposes for which it was collected, and for compliance with applicable legal, accounting, or reporting obligations. Examples include:
– Usage and Technical Data: Retained for up to 18 months for website analytics
– Account and Transaction Data: Retained for a minimum of 7 years to comply with financial regulations
– Communication and Support Data: Retained for 2 years after last contact
– Marketing Preferences: Maintained until you opt out or withdraw consent
9. Cookie Policy
We use cookies and similar tracking technologies to enhance your browsing experience, analyze traffic, and provide core functionalities. The cookies used on jonesytheband.com fall into the following categories:
– Essential Cookies: Required for website functionality (e.g., cart management, login sessions)
– Functional Cookies: Improve site performance and user preferences (e.g., language selection)
– Analytics Cookies: Help us understand how visitors interact with our website (e.g., via Google Analytics)
– Performance Cookies: Monitor system stability and usage trends
10. Cookie Management and Compliance
Upon your first visit to jonesytheband.com, you are presented with a cookie consent banner in compliance with GDPR and CCPA regulations. You may change your cookie preferences at any time via the settings interface or through your browser options.
California residents may opt out of the sale or sharing of personal information. Although we do not sell personal data in exchange for money, CCPA defines “sale” broadly. To submit a Do-Not-Sell request, email [email protected].
11. Special Protections for Children Under 13
We do not knowingly collect or solicit personal data from children under the age of 13. If you are under 13, please do not use jonesytheband.com or submit any personal information. If we learn that we have collected data from a child under 13, we will take immediate steps to delete such information. Parents or guardians who believe their child has submitted personal data may contact us at [email protected].
12. Policy Updates
We may update this Privacy Policy from time to time in response to changing legal, regulatory, or operational requirements. Material changes will be communicated to you via prominent notices on jonesytheband.com, and continued use of the site after such changes indicates your acceptance of the revised policy.
13. Contacting Us
If you have any questions, concerns, or requests related to this Privacy Policy or data practices, please contact us at:
We are committed to resolving your concerns in a transparent and lawful manner.
Jonesy the Band strives to maintain full compliance with all applicable data protection laws and industry standards. We welcome your feedback and inquiries regarding this Privacy Policy and are here to support your privacy rights at all times.