Privacy Policy
Harlan Books (“we,” “us,” or “our”) is committed to safeguarding the privacy and personal data of all users of our website, harlanbooks.com (the “Website”). This Privacy Policy outlines how we collect, store, process, and protect your personal data in compliance with applicable privacy and data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We prioritize transparency, security, and user control over personal data.
1. Introduction: Our Commitment to Privacy and Data Protection
We recognize the importance of protecting your personal information and are dedicated to maintaining the confidentiality, integrity, and availability of all data we process. At harlanbooks.com, we implement stringent technical and organizational measures to ensure your data is used responsibly and lawfully. This Privacy Policy is designed to inform you of your rights and our obligations, giving you clear insight into how we handle your data.
2. Scope of Policy and Our Role as Data Controller
This Privacy Policy applies to all users of harlanbooks.com and any associated services we provide. Harlan Books is the data controller for any personal data collected through this Website. As data controller, we determine the purposes and manner in which your personal data is processed.
3. Categories of Data We Process
We may collect and process the following categories of personal data:
– Usage Data: Information about how you interact with the Website, including browser type, IP address, device identifiers, pages viewed, time spent on pages, and session information.
– Account Data: When you create an account or make a purchase, we may collect your name, postal address, email address, and phone number.
– Profile Data: Preferences, purchase history, saved items, wish lists, reading interests, book ratings, and user behavior on harlanbooks.com.
– Communication Data: Records of any communications you have with us, including inquiries, support tickets, chat logs, and email correspondence.
– Technical Data: Details about the device and system used to access our Website, including model, operating system, language settings, and browser configuration.
– Transaction Data: Payment information (processed securely via third-party processors), order details, billing/shipping addresses, and delivery tracking.
– Preference Data: Marketing consents, communication preferences, and product interest information derived from browsing and purchase activity.
4. Legal Bases for Processing
We rely on the following legal bases for processing your personal data:
– Contract: To fulfill our obligations in providing products or services you request.
– Consent: Where you have explicitly agreed to receive newsletters or marketing communications.
– Legitimate Interests: To analyze Website performance, improve usability, prevent fraud, and personalize content, provided such processing does not override your rights.
– Legal Obligation: To comply with legal and regulatory requirements.
5. Your Rights Under Data Protection Law
Depending on your jurisdiction, you may have some or all of the following rights:
– Right to Access: Obtain confirmation as to whether personal data is being processed and access to such data.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure (“Right to be Forgotten”): Request deletion of your data under certain circumstances.
– Right to Restriction: Request limited use of your personal data where accuracy or lawfulness is contested.
– Right to Data Portability: Receive your personal data in a structured and machine-readable format and transmit it to another controller.
– Right to Object: Object to specific types of processing including direct marketing or processing based on legitimate interests.
– Right to Non-Discrimination (CCPA): You will not be denied services or face discrimination for exercising your privacy rights.
To exercise any of your rights, please contact us at [email protected].
6. Security Measures
We have implemented a comprehensive range of security measures to protect personal data against unauthorized access, loss, or misuse, including but not limited to:
– Encryption of data in transit using TLS protocols
– Role-based access control and authentication
– Regular system and software updates
– Secure data backup and disaster recovery protocols
– Employee training in data protection best practices
7. International Data Transfers
Where data is transferred outside the European Economic Area (EEA) or other regions with data protection laws, we ensure such transfers are conducted in compliance with GDPR or other applicable standards. Appropriate safeguards include the use of Standard Contractual Clauses (SCCs), binding corporate rules, or verification of privacy framework certifications.
8. Data Retention
We retain personal data only as long as necessary to fulfill the purposes for which it was collected and to comply with legal, contractual, or regulatory obligations. Below are typical retention periods:
– Usage Data: up to 14 months
– Account Data: for the duration of your account and up to 6 years following account closure
– Profile and Preference Data: up to 2 years from last interaction
– Communication Data: up to 3 years
– Transaction Data: up to 7 years pursuant to tax regulations
– Technical Data: up to 12 months
9. Cookie Policy
We use cookies and similar technologies to enhance user experience, understand website performance, and serve relevant content. Categories of cookies include:
– Essential Cookies: Required for the operation of harlanbooks.com (e.g., login and shopping cart functionality)
– Functional Cookies: Used to remember preferences such as language or display settings
– Analytics Cookies: Help us measure how users engage with the Website
– Performance Cookies: Improve site responsiveness and troubleshoot issues
10. Cookie Management and Compliance with GDPR & CCPA
You can control or disable non-essential cookies through our Cookie Consent Manager or by adjusting browser settings. Upon visiting our Website, you will be presented with options to accept, reject, or customize cookie settings in accordance with GDPR. California residents may also opt out of the “sale” of their personal data via our designated “Do Not Sell My Info” link, as required under CCPA. For more information or to adjust your cookie preferences, please visit the footer of harlanbooks.com.
11. Children’s Privacy
Our Website is not intended for or directed at children under the age of 13. We do not knowingly collect personal data from anyone under 13. If you are a parent or guardian and believe we may have inadvertently collected data about your child, please contact us at [email protected] to request deletion.
12. Updates to This Privacy Policy
We may amend or update this Privacy Policy from time to time to reflect changes in legal requirements or operational practices. Where appropriate, we may notify users via email or prominent notice on harlanbooks.com. We encourage you to review this Policy periodically.
13. Contacting Us
If you have any questions, concerns, or complaints regarding this Privacy Policy or our handling of your personal data, please contact:
Email: [email protected]
We are committed to full compliance with all applicable privacy laws and regulations. For any inquiries or actions related to your personal data, please contact us as indicated above.