Privacy Policy for Little Rock Records
1. Introduction
At Little Rock Records, accessible via littlerockrecords.com, we are fully committed to safeguarding the privacy and personal data of our users. We understand the importance of privacy and data protection in an increasingly digital world. This Privacy Policy outlines the types of personal data we collect, how we process it, and the rights you have in relation to your personal information. We adhere strictly to applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), and endeavor to implement industry best practices in our data handling procedures.
2. Scope and Data Controller
This Privacy Policy applies to all data collected and processed through littlerockrecords.com and its affiliated services. For the purposes of applicable data protection legislation, Little Rock Records (hereinafter referred to as “we,” “our,” or “us”) acts as the data controller in relation to the personal data processed. If you have any queries about data protection or this Privacy Policy, you may contact us via email at [email protected].
3. Categories of Personal Data Collected
We may collect and process the following categories of personal data:
a. Usage Data
Information about how users engage with our website, including IP addresses, browser type and settings, device identifiers, pages visited, time and date of access, and session duration.
b. Account Data
Data provided when creating or managing an account, including your full name, email address, billing and shipping addresses, and phone number.
c. Profile Data
Information connected with user profiles such as order history, product preferences, language settings, and behavior related to website interactions.
d. Communication Data
Records of support requests, inquiries, and other correspondence between you and Little Rock Records.
e. Technical Data
Technical parameters related to your device such as operating system, device type, browser language, and configuration settings.
f. Transaction Data
Details concerning payments, order fulfillment, delivery addresses, and other activities related to purchase transactions.
g. Preference Data
Your expressed marketing and communication preferences, product interests, and survey or feedback responses.
4. Legal Bases for Processing
We process your personal data under one or more of the following legal bases, as permitted by applicable regulation:
– Consent: When you have given clear permission for us to process your personal data for specific purposes.
– Contractual Necessity: Where processing is necessary for the performance of a contract to which you are a party.
– Legitimate Interests: Processing required for our legitimate business purposes, which are not overridden by your rights or interests (e.g., fraud prevention, improving services).
– Legal Obligations: When required to comply with legal obligations or regulatory requirements.
5. Your Data Protection Rights
Pursuant to the GDPR and CCPA, you are entitled to exercise the following rights:
– Right of Access: Obtain confirmation as to whether your personal data is being processed and access to the related data.
– Right of Rectification: Request correction of inaccurate or incomplete personal data.
– Right to Erasure: Request deletion of your personal data, subject to legal obligations or overriding legitimate interests.
– Right to Restriction: Request restricted processing under certain conditions.
– Right to Data Portability: Receive a copy of your personal data in a structured, commonly used, machine-readable format for transmission to another controller.
– Right to Object: Object to specific forms of processing where applicable.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement a robust set of organizational and technical measures to protect personal data, including:
– Encryption of user data in transit and at rest
– Restricted access and role-based permissions
– Regular security audits and intrusion detection
– Secure data backups and disaster recovery systems
– Ongoing staff training in cybersecurity and data protection compliance
7. International Data Transfers
Your personal data may be transferred and processed in jurisdictions outside the European Economic Area (EEA) and the United States. In such cases, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission or adherence to recognized regional frameworks ensuring adequate data protection levels.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for satisfying legal, contractual, and regulatory obligations. Specific retention periods include:
– Account & Profile Data — retained while the account remains active and for up to 5 years thereafter
– Transaction Data — retained for 7 years for accounting compliance
– Technical & Usage Data — retained for up to 2 years for analytics purposes
– Communication Data — retained for up to 3 years to support user service history
When retention is no longer necessary, your data will be securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar tracking technologies to enhance user experience, provide essential functionality, and analyze usage data. Types of cookies include:
– Essential Cookies: Required for the basic functioning of littlerockrecords.com (e.g., shopping cart, login sessions).
– Functional Cookies: Enhance usability and remember preferences.
– Analytics Cookies: Help aggregate and analyze user interactions for service improvement.
– Performance Cookies: Enable measurement of website speed, responsiveness, and performance outcomes.
10. Cookie Management & Compliance
Upon first visiting our website, you will be presented with a cookie consent prompt. You may manage your preferences at any time using our cookie management tool. Visitors from jurisdictions subject to GDPR or CCPA may withdraw consent or opt-out of non-essential cookies at any time. We honor the Global Privacy Control (GPC) signal where technically feasible.
11. Children’s Privacy
Our website is not directed at children under the age of 13, and we do not knowingly collect personal data from this age group. If we discover that such data has been inadvertently collected, we will delete it promptly. Parents and legal guardians who believe their child has submitted data are encouraged to contact [email protected].
12. Updates to This Privacy Policy
We reserve the right to revise this Privacy Policy as needed to stay updated with legal, technical, or operational changes. Where changes are significant, we will notify users as dictated by applicable data protection regulations.
13. Contact Us
If you have any questions about this Privacy Policy, your data rights, or how your personal information is handled, please email us at:
[email protected]
We are dedicated to complying with GDPR, CCPA, and all relevant data protection obligations. We welcome your inquiries and will respond to your concerns in a timely and transparent manner.