Privacy Policy
At Shanghai Kelly’s (shanghaikellys.com), we are committed to protecting and respecting your privacy. This Privacy Policy outlines our policies regarding the collection, use, and disclosure of your personal data when you visit our website, interact with us, or use our services. We uphold robust data protection practices and adhere strictly to applicable privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
1. Introduction – Our Commitment to Your Privacy
Your privacy is of paramount importance to us. We recognize the significance of protecting your personal data and are dedicated to maintaining the confidentiality, integrity, and security of the information entrusted to us. This policy explains how we handle the data we collect, how we use and safeguard it, and how you can exercise control over your information.
2. Scope and Data Controller Responsibility
This Privacy Policy applies to all visitors, users, and others who access the services available via shanghaikellys.com. Shanghai Kelly’s is the data controller responsible for the processing of your personal data as described in this policy. If you have any questions about how your data is handled, you may contact us at [email protected].
3. Categories of Personal Data We Process
We process the following categories of personal data in the course of running our website and providing our services:
3.1 Usage Data
We collect information about how you use our website and services, including IP addresses, browser types, referring URLs, access dates and times, pages viewed, and interactions with site features.
3.2 Account Data
If you create an account or make a reservation or purchase via our website, we collect identifying data such as your name, home or billing address, email address, and phone number.
3.3 Profile Data
We may process information regarding your preferences, behavioral history across our services, past purchases, and interactions with our content to tailor our offerings to your needs.
3.4 Communication Data
This includes records of support requests, inquiries submitted via our contact form, email exchanges, and other interactions relevant to our communications with you.
3.5 Technical Data
Device information, system configuration details, operating system versions, and other diagnostic and troubleshooting data may be collected to improve our website functionality.
3.6 Transaction Data
We may collect and process payment-related information, such as billing details, limited payment card identifiers (via secure third parties), and delivery preferences or instructions.
3.7 Preference Data
We capture data related to your consent choices for marketing communications, product preferences, and participation in promotions or surveys.
4. Legal Bases for Processing Personal Data
We rely on several lawful grounds for processing your personal data, depending on the context in which we collect it:
– Consent: When you voluntarily provide data or actively consent to communications and cookies.
– Contractual Obligation: When processing is necessary for the performance of a contract with you, such as fulfilling a purchase.
– Legitimate Interests: For business purposes such as service improvement, fraud prevention, and website analytics, provided such interests are not overridden by your rights.
– Legal Compliance: To fulfill our legal obligations under applicable laws and regulations.
5. Your Data Protection Rights
Under GDPR and CCPA frameworks, you may exercise the following rights subject to applicable conditions:
– Right to Access: You may request a copy of the personal data we process about you.
– Right to Rectification: You may ask us to correct inaccurate or incomplete data.
– Right to Erasure: You may request the deletion of your personal data, where legally permitted.
– Right to Restriction: You may request the limitation of processing activities in certain circumstances.
– Right to Data Portability: You have the right to obtain and reuse your personal data with another provider.
– Right to Object: You may object to our processing when it is based on legitimate interests or for direct marketing.
– Right to Non-Discrimination (CCPA): We will not discriminate against you for exercising your California privacy rights.
To exercise any of the above rights, please contact us at [email protected].
6. Security Measures
We implement technical and organizational security measures to protect your personal data from unauthorized access, alteration, disclosure, misuse, or destruction. Our safeguards include, but are not limited to:
– Secure data transmission via TLS encryption.
– Role-based user access controls.
– Regular security audits and penetration testing.
– Encrypted storage and password hashing mechanisms.
– Employee training in data protection principles and awareness.
7. International Data Transfers
We may transfer personal data to countries outside of your jurisdiction, including the United States and other locations where our servers or third-party service providers are located. These transfers are conducted in accordance with applicable legal frameworks, using Standard Contractual Clauses (SCCs) or other approved mechanisms to ensure an adequate level of data protection.
8. Data Retention
We retain personal data only for as long as necessary for the purposes outlined in this policy, including compliance, legal obligations, and dispute resolution. Specific retention periods are as follows:
– Account and Transaction Data: Up to 7 years for tax and legal compliance.
– Communication Data: 2 years from the last recorded interaction.
– Technical and Usage Data: Up to 26 months for analytical review.
– Cookie Data: Based on type as described below (maximum 13 months).
– Marketing Preference Data: Until consent is withdrawn or updated.
9. Cookie Policy
Our website uses cookies and similar technologies for the following purposes:
– Essential Cookies: Required for basic site functionality and security.
– Functional Cookies: Enhance personalization and user experience.
– Analytics Cookies: Help us understand site usage and performance metrics.
– Performance Cookies: Allow us to test and optimize the site’s usability.
Some cookies are set directly by shanghaikellys.com, while others are set by third-party service providers like analytics platforms.
10. Managing Cookies – GDPR and CCPA Compliance
You have full control over the use of cookies. On your first visit to our website, you will be presented with a cookie banner to set your preferences. You may update these preferences at any time through our Cookie Settings panel or via your browser’s privacy controls.
We honor Do Not Track (DNT) signals and provide mechanisms to withdraw consent at any time, in line with GDPR and CCPA requirements.
11. Children’s Privacy
Shanghai Kelly’s does not knowingly collect or solicit personal data from individuals under the age of 13. If you are a parent or guardian and believe that your child has provided personal information through our website without appropriate consent, please contact us promptly at [email protected] so we may take appropriate action.
12. Changes to this Policy
We reserve the right to revise this Privacy Policy from time to time. Any material changes will be communicated through notices on our website or via contact details you have provided. We encourage you to review this policy periodically to remain informed about our data protection practices.
13. Contacting Us
If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal information, please reach out to us at:
Email: [email protected]
We take your privacy seriously and are committed to addressing your inquiries efficiently and transparently.
Shanghai Kelly’s is dedicated to full compliance with applicable privacy laws, and we remain available to assist you in understanding or exercising your rights concerning your personal data.