Privacy Policy
1. Introduction
At The American Friend (“we,” “us,” or “our”), we are committed to safeguarding the privacy and personal data of our users and visitors. Your privacy is a priority, and we implement robust technical, organizational, and legal safeguards to ensure your personal information is handled lawfully, fairly, and transparently. This Privacy Policy outlines how personal information is collected, used, stored, and transmitted when you interact with our website located at theamericanfriend.com, as well as any services or features associated with it.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all individuals who access or use theamericanfriend.com and any related digital services, whether as a casual visitor or a registered user. For the purposes of data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), The American Friend is the “data controller” of your personal data. This means we determine the purposes and means of processing your personal data.
3. Categories of Data Processed
We collect and process various categories of personal data based on your interactions with our website or services:
a) Usage Data
Including data about your browser type, IP address, geolocation, referring URLs, access times, pages viewed, and session duration. This data helps us understand user behavior and usage patterns on theamericanfriend.com.
b) Account Data
Includes your name, mailing address, email address, phone number, and other identifiers necessary to create and manage your account.
c) Profile Data
Encompasses information such as your preferences, order history, feedback, behavior on our platform, interests, and participation in promotional activities.
d) Communication Data
Covers messages you send us, such as inquiries, support requests, complaints, feedback, and the history of your interactions with our customer service team.
e) Technical Data
Information gathered from your device, including operating system, device type, screen resolution, language settings, and available system features necessary for providing a seamless experience.
f) Transaction Data
Involves payment card information (through secure third-party processors), order and delivery details, billing information, and receipts.
g) Preference Data
Includes your opt-in/opt-out settings related to marketing communications, newsletter subscriptions, and stated interests in particular types of products or services.
4. Legal Bases for Processing
Under GDPR and similar data protection frameworks, we only process your personal data when one or more of the following legal bases apply:
– Performance of a Contract: When processing is necessary to fulfill our obligations to you, such as to deliver goods or services you requested.
– Legitimate Interests: For example, improving our services, conducting analytics, and ensuring network security—provided such interests do not override your fundamental rights.
– Consent: For specific uses such as marketing communications and targeted advertising, we will always seek your express consent, which you may withdraw at any time.
– Legal Obligation: Where processing is necessary for compliance with legal or regulatory requirements.
5. Your Rights
Subject to applicable laws, you have the following rights with respect to your personal data:
– Right of Access – Obtain confirmation of whether we process your data and request a copy.
– Right to Rectification – Request correction of inaccurate or incomplete information.
– Right to Erasure – Request deletion of personal data, subject to certain exclusions.
– Right to Restriction – Request that we limit our use of your personal data under specific conditions.
– Right to Data Portability – Request to receive your data in a structured, commonly used format, or have it transmitted to another controller.
– Right to Object – Object to processing when based on legitimate interests or for direct marketing purposes.
– Right to Withdraw Consent – Where applicable, you may withdraw your consent at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, please contact us at: [email protected].
6. Security Measures
We implement appropriate physical, technical, and organizational precautions to protect your personal data from unauthorized access, disclosure, alteration, or destruction. These include:
– Data encryption in transit and at rest
– Multi-factor access controls
– Automated backups and disaster recovery protocols
– Regular staff training on data privacy practices
– Least-privilege access restrictions
Despite our efforts, no system is completely immune from cyber threats. We encourage you to maintain strong passwords and monitor your accounts for unusual activity.
7. International Transfers
We may transfer and store your personal data outside of your jurisdiction, including to countries that may not offer equivalent levels of data protection. Where this occurs, we ensure appropriate safeguards are in place, including reliance on:
– Standard Contractual Clauses (SCCs) approved by the European Commission
– Adequacy decisions by data protection authorities
– Other lawful transfer mechanisms under GDPR and CCPA
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or to comply with legal obligations. The retention periods vary by data category:
– Usage Data – up to 6 months
– Account Data – as long as the account is active or until deletion is requested
– Profile Data – 24 months from last activity
– Communication Data – 3 years from last interaction
– Technical Data – retained as per third-party logging and diagnostic cycles (typically 6–12 months)
– Transaction Data – 7 years for financial compliance
– Preference Data – until consent is withdrawn or updated
After these periods, data is securely deleted or anonymized.
9. Cookie Policy
Our website uses cookies and similar tracking technologies to optimize performance and user experience. Cookies categorize as follows:
– Essential Cookies: Required for website functionality (e.g., login sessions).
– Functional Cookies: Enhance usability by remembering settings and preferences.
– Analytics Cookies: Help us gather statistical insights to improve performance.
– Performance Cookies: Allow us to measure website responsiveness, loading times, and other operational metrics.
10. Cookie Management and Compliance
You can control cookie settings at any time via your browser’s settings or through our cookie consent banner, where applicable under GDPR and CCPA. The banner allows you to accept or reject non-essential cookies in accordance with your privacy preferences. For California residents, we honor “Do Not Sell or Share My Personal Information” requests and provide mechanisms to opt-out of tracking and sharing.
11. Children’s Privacy
The American Friend does not knowingly collect, solicit, or process personal data from children under the age of 13. If we become aware that we have inadvertently gathered information pertaining to a child under 13 without verified parental consent, we will delete such information promptly. Parents or guardians who believe that their child may have submitted personal data to us can contact: [email protected].
12. Policy Updates & Notifications
We may revise this Privacy Policy from time to time to reflect changes in applicable laws, technological advancements, or our data practices. If material changes are made, we will notify users via the website or by direct communication where appropriate. We encourage you to review this policy periodically to remain informed about how we protect your privacy.
13. Contact
For any queries, concerns, or requests in relation to this Privacy Policy or your personal data, please contact us at:
Email: [email protected]
Website: https://theamericanfriend.com
We are fully committed to safeguarding your personal data and maintaining compliance with all applicable privacy regulations, including the GDPR and CCPA. For concerns about data protection or if you wish to assert your legal rights, do not hesitate to contact us.
