Privacy Policy for castrotheatresf.com
Castro Theatre is committed to safeguarding the personal and sensitive data of all users of our website, castrotheatresf.com. We recognize and respect your right to privacy and data protection and aim to ensure that all personal data is processed lawfully, transparently, and securely in compliance with applicable data protection laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
1. Introduction
At Castro Theatre, protecting your privacy is a core part of our business. This Privacy Policy explains how we collect, use, store, share, and safeguard your data when you interact with our website, castrotheatresf.com. We are deeply committed to upholding a privacy-first approach, ensuring that your personal data is handled responsibly and in full compliance with legal requirements.
2. Scope and Data Controller
This Privacy Policy applies to all personal data collected through your use of our website, castrotheatresf.com, and any associated services or communications. Castro Theatre is the data controller for any personal data collected through this website. As data controller, we determine the purposes and means of the processing of your personal data.
If you have any questions concerning your data or how it is used, you can contact us at [email protected].
3. Categories of Data We Process
We collect and process various categories of personal data, as outlined below:
a. Usage Data
Includes data collected automatically during your interactions with castrotheatresf.com such as IP address, browser type and version, device identifiers, referral sources, time zones, session durations, pages visited, and usage patterns.
b. Account Data
Information provided by users when registering for events, making purchases, or creating accounts, including name, address, email, and telephone number.
c. Profile Data
Includes demographic details, ticket purchasing history, seat preferences, content interactions, event attendance, behavioral data, and survey responses.
d. Communication Data
Records of correspondence with our support team or through online forms, emails, and phone calls, including contact history and support requests.
e. Technical Data
Details related to the devices used to access castrotheatresf.com, such as operating system, browser plugins, screen resolution, language settings, and system configurations.
f. Transaction Data
Includes data relating to purchases and donations, such as billing addresses, payment method identifiers, delivery addresses, and transaction timestamps.
g. Preference Data
Consists of choices relating to marketing communications, newsletter sign-ups, and stated interests in films, events, or other offerings.
4. Legal Bases for Processing
We process your personal data under the following legal bases as permitted under GDPR and CCPA:
– Consent: Where you have expressly provided consent (e.g., for marketing subscriptions).
– Contractual Necessity: When processing is required to fulfill a contract with you (e.g., ticket purchase delivery).
– Legitimate Interests: For purposes such as enhancing site functionality, analytics, or fraud prevention, provided these interests are not overridden by your rights.
– Legal Obligation: When required by law, regulation, or legal process.
5. Your Rights
You may exercise your rights under applicable data protection laws at any time. These include:
– Right of Access: Obtain a copy of personal data we hold about you.
– Right to Rectification: Request corrections to inaccurate or incomplete data.
– Right to Erasure: Ask for your personal data to be deleted under certain conditions.
– Right to Restriction: Request limitation of data processing in specific circumstances.
– Right to Data Portability: Obtain your data in a structured, commonly used format for transfer to another entity.
For CCPA residents, you also have the right to:
– Opt out of the sale or sharing of personal information.
– Know the categories and specific pieces of data we collect and disclose.
– Not be discriminated against for exercising any CCPA rights.
To exercise these rights, contact us at [email protected], and we will respond in accordance with applicable timeframes.
6. Security Measures
We employ industry-standard security measures to protect your data against unauthorized access, misuse, alteration, or loss. These include:
– SSL encryption for data transmission
– Role-based access controls for internal data management
– Physical and digital system backups
– Staff training in data protection best practices
– Monitoring and incident response protocols
7. International Data Transfers
Your data may be transferred to and processed in jurisdictions outside your own, including countries that may not have equivalent data protection laws. In such cases, we ensure that appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission, are used to protect your data consistent with applicable privacy standards.
8. Data Retention
We retain your personal data only as long as reasonably necessary for the purpose for which it was collected or as required under applicable law. Retention periods are outlined below:
– Usage and Technical Data: Retained for up to 12 months for performance analysis and security.
– Account Data and Profile Data: Retained for the duration of your relationship with us, and up to 5 years following inactivity for archival, legal, or fraud prevention purposes.
– Transaction Data: Retained for 7 years for accounting and audit purposes.
– Communication Data: Retained for a minimum of 3 years to ensure service continuity and resolve disputes.
– Preference Data: Retained until you withdraw consent or update your preferences.
9. Cookie Policy
Our website uses cookies and similar technologies to provide, evaluate, and improve user experience. Cookies may be categorized as:
– Essential: Necessary for basic website functions (e.g., login sessions, shopping carts).
– Functional: Enhance functionality such as saved preferences.
– Analytics: Help us understand site traffic and user behavior (e.g., Google Analytics).
– Performance: Support monitoring and improvement of website speed and error detection.
10. Cookie Management and Compliance
Upon visiting castrotheatresf.com, you will be prompted to consent to the use of non-essential cookies in accordance with GDPR and CCPA requirements. You can manage cookies through our cookie banner settings at any time or through your browser’s privacy settings. Disabling certain cookies may affect website functionality.
To opt out of analytics cookies or similar tracking under CCPA, you may use the “Do Not Sell or Share My Personal Information” link available on the site footer when applicable.
11. Children’s Privacy
We do not knowingly collect, solicit, or process data from children under the age of 13. If we discover or receive notice that data has been collected from a child under 13 in violation of applicable law, we will delete that information promptly. Parents or guardians who believe their child has submitted information to castrotheatresf.com may contact us at [email protected].
12. Policy Updates and Notifications
We reserve the right to modify this Privacy Policy at any time to align with changes in legislation or our practices. Any material changes will be communicated on castrotheatresf.com or through direct emails where appropriate. Continued use of our website after such changes constitutes your acknowledgment of the modified policy.
13. Contact Information
If you have questions, requests, or concerns regarding your personal data or this Privacy Policy, please contact us:
Email: [email protected]
We are committed to ensuring that your privacy rights are respected and that your data is handled in accordance with all applicable regulations. If you believe your privacy rights have been violated, or if you would like to raise a complaint, please get in touch using the contact information above. We are here to help.
This Privacy Policy reflects our dedication to privacy compliance and responsible data stewardship for users of castrotheatresf.com.