Privacy Policy for Kahn Wines

1. Introduction

Kahn Wines (“we,” “us,” or “our”) is firmly committed to safeguarding your privacy and protecting the personal data you entrust to us. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal information when you use our website at kahnwines.com (“Site”), and your rights relating to that information. We place a privacy-first approach at the core of our operations and comply with all applicable data protection laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).

2. Scope of Policy and Data Controller Role

This Privacy Policy governs the personal data collected through our Site and related communications. Kahn Wines is the data controller responsible for determining the purpose and means of processing your personal data. By accessing or using our Site, you acknowledge the processing of your data as described in this Policy.

3. Categories of Data Processed

We may process the following categories of personal data, depending on your interaction with our services:

a. Usage Data
Information about how you interact with our Site, such as your IP address, browser type and version, device information, pages visited, time and date of visit, and diagnostic data.

b. Account Data
Information you provide when creating or maintaining an account on kahnwines.com, including your name, billing and shipping address, email address, and telephone number.

c. Profile Data
Data related to your activity on the Site, including past purchases, product preferences, saved items, browsing history, and behavioral patterns.

d. Communication Data
Records of communications between you and Kahn Wines, including customer support queries, messages submitted through contact forms, and correspondence via email.

e. Technical Data
Device identifiers, system configuration data, and details about operating systems, hardware, and internet service providers used to access our services.

f. Transaction Data
Information regarding orders placed through the Site, including payment details (processed through secure third-party payment processors), delivery address, order history, and purchase invoices.

g. Preference Data
Your indicated preferences related to newsletter subscriptions, marketing communications, product interests, language preferences, and opt-in/opt-out choices for data collection and use.

4. Legal Bases for Processing

We rely on various legal grounds as permitted by law to process your personal data:

– Consent: Where required, we will seek your explicit consent before processing your personal data for purposes such as direct marketing or the use of non-essential cookies.
– Contractual Necessity: Processing is necessary for the performance of a contract with you, including fulfilling orders and providing customer support.
– Legitimate Interests: Processing activities required to operate and improve our services, prevent fraud, and ensure the security of the Site are conducted under our legitimate interest, provided these do not override your fundamental rights.
– Legal Obligation: We may process your information as required to comply with applicable legal and regulatory obligations.

5. Your Rights

Under applicable data protection laws, you may have the following rights with respect to your personal data:

– Right of Access: You may request confirmation on whether we process your data and obtain a copy of your personal data.
– Right to Rectification: You may request a correction of any inaccurate or incomplete personal data.
– Right to Erasure (“Right to be Forgotten”): You have the right to request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected or processed.
– Right to Restrict Processing: You may request the limitation or restriction of data processing under certain circumstances.
– Right to Data Portability: You are entitled to receive your personal data in a structured, commonly used, and machine-readable format and have the right to transmit that data to another controller.

To exercise your rights, please contact us via [email protected]. We may need to verify your identity before fulfilling your request.

6. Security Measures

We implement robust technical and organizational measures to safeguard your personal data. These include:

– Encryption of sensitive data in transit and, where applicable, at rest.
– Logical access controls with role-based permission systems.
– Routine backups and disaster recovery protocols.
– Regular security awareness training for staff.
– Monitoring and detection of unauthorized access or security breaches.

7. International Transfers

Your personal data may be transferred to, stored, or processed in countries outside of your jurisdiction, including locations that may not afford the same level of data protection. In such cases, we ensure appropriate safeguards, such as Standard Contractual Clauses (SCCs) approved by the European Commission or reliance on adequacy decisions, are in place to protect your data in compliance with GDPR and other legal frameworks.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

– Account and Transaction Data: Retained for the duration of your relationship with us and as long as necessary to comply with our legal and tax obligations.
– Communication and Support Data: Retained for a minimum of five years for record-keeping and service quality purposes.
– Marketing Data: Retained for as long as you remain subscribed or until you exercise your right to opt-out.
– Analytics and Technical Data: Retained for no longer than 26 months, unless required for security or legal obligations.

After the applicable retention period expires, we securely destroy or anonymize your personal data in compliance with regulatory guidelines.

9. Cookie Policy

Our Site uses cookies and similar tracking technologies to enhance user experience and analyze traffic patterns. The types of cookies we use include:

– Essential Cookies: Required for Site functionality such as user login and shopping cart behavior.
– Functional Cookies: Remember user preferences to provide a more personalized experience.
– Analytics Cookies: Collect aggregated information on user behavior to help us improve our offerings and usability.
– Performance Cookies: Track site performance metrics to aid in service optimization.

10. Cookie Management and Compliance

In compliance with GDPR and CCPA, we offer transparent cookie disclosures and consent mechanisms. Upon your first visit to kahnwines.com, you are presented with a cookie consent banner allowing you to:

– Accept or reject non-essential cookies.
– Customize your cookie preferences by category.
– Withdraw or change your consent at any time through your browser settings or via our cookie settings panel.

You may also manage cookies via your browser’s privacy settings. Disabling certain cookies may impact website functionality.

11. Special Protections for Children

Our services are not directed to children under 13 years of age. We do not knowingly collect or solicit personal data from minors. If we become aware that we have inadvertently received data from a child under 13, we will take immediate steps to delete such information. If you believe we have collected data from a child, please contact us at [email protected].

12. Policy Updates and User Notifications

We may revise this Privacy Policy from time to time to reflect changes in technology, legal requirements, or our data practices. Users will be notified of significant changes via notices on our Site or email, where applicable. Your continued use of kahnwines.com following such updates constitutes acceptance of the revised Policy.

13. Contact Information

Should you have any questions, requests, or concerns regarding this Privacy Policy or your personal data, please contact us at:

Email: [email protected]

We are committed to complying with all applicable data privacy regulations, including the GDPR and CCPA. For any privacy-related inquiries or to exercise your rights, you are encouraged to reach out anytime.