Privacy Policy
1. Introduction
At The American Friend (accessible via theamericanfriend.com), we are deeply committed to protecting the privacy, integrity, and security of your personal data. This Privacy Policy outlines how we collect, process, store, and safeguard your information in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We prioritize transparency and strive to ensure that your data is handled respectfully and lawfully at all times.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data collected through theamericanfriend.com and related services. References to “we”, “our”, or “us” refer to the data controller, The American Friend. As the data controller, we determine the purposes and means of processing your personal data in line with regulatory requirements.
3. Categories of Data Processed
We may collect and process the following categories of personal data:
a. Usage Data — includes information such as IP address, browser type and version, device identifiers, referral URLs, date/time stamps, session duration, and interaction logs with the website.
b. Account Data — includes your name, email address, physical address, phone number, login credentials, and other identifiers provided during account creation or registration.
c. Profile Data — includes your preferences, reviews or submitted content, purchase history, browsing patterns, and behavioral data linked to how you use or interact with theamericanfriend.com.
d. Communication Data — includes your communication preferences, messages sent via contact forms, support inquiries, and correspondence history with our team.
e. Technical Data — includes details about your device, operating system, screen resolution, installed browser plugins, and system settings necessary to display content accurately.
f. Transaction Data — includes billing information, payment methods, delivery addresses, product purchases, order history, and transactional communication.
g. Preference Data — includes your explicit consents to receive marketing, newsletter subscriptions, and stated preferences regarding content delivery or special interest areas.
4. Legal Bases for Processing
We process your personal data lawfully on the basis of:
– Consent: Where you have provided clear permission for us to process your data for a specific purpose, such as marketing communications.
– Contractual Necessity: When processing is required to perform our obligations under a contract with you, such as delivering an order or managing your user account.
– Legal Obligation: Where we are legally required to retain or disclose certain data.
– Legitimate Interests: Where processing is necessary for our legitimate business interests and where such interests are not overridden by your data protection rights—such as fraud prevention, service improvements, or analytics.
5. Your Rights
In accordance with GDPR, CCPA, and other applicable privacy laws, you have the right to:
– Access: Request access to the personal data we hold about you.
– Rectification: Request that we correct inaccurate or incomplete personal data.
– Erasure (“Right to be Forgotten”): Request deletion of your personal information, subject to exceptions under applicable law.
– Restriction: Request limited processing of your personal data under certain circumstances.
– Portability: Receive your personal data in a portable format or request that we transfer it to a third party, where technically feasible.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement robust administrative, technical, and physical safeguards to protect your data, including but not limited to:
– Data encryption in transit and at rest;
– Role-based access controls and authentication protocols;
– Firewalls and intrusion detection systems;
– Regular backups and system monitoring;
– Staff training in data security and regulatory compliance.
Although no system is entirely invulnerable, we maintain high industry standards to prevent loss, misuse, or unauthorized access to your personal information.
7. International Transfers
If your personal data is transferred outside of the European Economic Area (EEA) or other jurisdictions with similar protections, we ensure that appropriate safeguards are in place. These may include standard contractual clauses approved by the European Commission or other legal frameworks permitting such transfers. Your data will be handled in accordance with all relevant privacy and data protection laws, regardless of the jurisdiction in which it is processed.
8. Data Retention
We retain your personal data only as long as necessary for the purposes outlined in this Privacy Policy:
– Usage and Technical Data: retained for up to 12 months for performance monitoring.
– Account and Profile Data: retained for the duration of your active account and up to 3 years after account closure.
– Communication Data: retained for up to 3 years after resolution or last interaction.
– Transaction Data: retained for up to 7 years in accordance with financial compliance.
– Preference Data: retained until you update or withdraw your preferences.
9. Cookie Policy
theamericanfriend.com uses cookies and similar technologies to enhance user experiences and enable website functionality. Types of cookies include:
– Essential Cookies: Required for basic site operations, account access, and secure authentication.
– Functional Cookies: Remember user preferences and settings to improve usability.
– Analytics Cookies: Collect aggregated data to understand how users interact with our site, aiding in performance improvements.
– Performance Cookies: Measure website responsiveness and user engagement to optimize content delivery.
10. Cookie Management and Compliance with GDPR & CCPA
Upon first visit to the website, you will be presented with a cookie consent banner. You may choose to accept or reject non-essential cookies or configure your preferences at any time. In compliance with GDPR and CCPA, you may also opt out from third-party tracking via browser settings or through available global opt-out tools such as the Global Privacy Control (GPC) signal supported by your browser.
11. Children’s Privacy
theamericanfriend.com is not directed to, and does not knowingly collect personal data from, children under the age of 13. If we become aware that we have collected data from a child without verifiable parental consent, we will take immediate steps to delete the data and terminate any associated services. Parents or guardians who believe their child may have provided us personal data should contact us at [email protected].
12. Policy Updates and User Notifications
We may update this Privacy Policy from time to time to reflect changes in our legal obligations, services, or data processing practices. Any material changes will be communicated via the website or by direct email notification when appropriate. Continued use of theamericanfriend.com after such updates constitutes your acceptance of the revised policy.
13. Contact
If you have any questions, requests, or concerns about this Privacy Policy or the handling of your personal data, please contact us at:
We are committed to maintaining full compliance with applicable privacy regulations and to honoring your rights as a data subject. Please do not hesitate to reach out with any privacy-related inquiries.