Albion Core Privacy Policy

Types of Personal Information Collected

We collect various types of information to provide and improve our services, including:

• Contact Details: Such as your name, email address, postal address, and phone number when you register for an account, make a purchase, or subscribe to our newsletters.
• Usage Data: Information about how you interact with our websites, applications, and services, including IP address, browser type, device identifiers, pages visited, and time spent.
• Purchase Information: Details related to your orders, including products purchased, payment methods (though we do not store full payment card details), and shipping information.
• Customer Support Interactions: Records of your communications with our support team, including emails, chat logs, and call recordings.

Methods of Data Collection

Your data is primarily collected through:

• Direct Interactions: When you provide information directly to us, for example, by filling out forms on our website, creating an account, or contacting customer support.
• Automated Technologies: Such as cookies, web beacons, and similar technologies that automatically collect usage data when you browse our website or use our services.
• Third-Party Sources: Occasionally, we may receive information from third-party partners (e.g., analytics providers, payment processors) in line with their privacy policies and applicable laws.

Purposes for Data Usage

We use the collected information for various legitimate purposes, including:

• To process your orders and deliver products and services.
• To communicate with you regarding your purchases, account, or inquiries.
• To improve and personalize your experience with our services and products.
• For marketing and promotional activities, where you have opted in.
• To ensure the security and integrity of our systems and prevent fraud.

Legal Basis for Data Processing

We process your personal data based on one or more of the following legal grounds, in accordance with the UK GDPR and other applicable data protection regulations:

• Consent: Where you have given clear consent for us to process your personal data for a specific purpose.
• Contractual Necessity: Where processing is necessary for the performance of a contract to which you are a party, or in order to take steps at your request prior to entering into a contract.
• Legal Obligation: Where processing is necessary for compliance with a legal obligation that we are subject to.
• Legitimate Interests: Where processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms.

Data Retention Periods

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. Generally, this means:

• Customer account information is retained as long as your account is active or as needed to provide you services.
• Purchase records are kept for the period required by tax and accounting laws.
• Marketing consent records are retained until you withdraw consent.

Once data is no longer needed, we securely delete or anonymize it.

Right to Access and Portability

You have the right to request a copy of the personal information we hold about you and to receive it in a structured, commonly used, machine-readable format. You also have the right to transmit that data to another controller.

Right to Correction

You have the right to request that we correct any inaccurate or incomplete personal information we hold about you.

Right to Deletion (Right to be Forgotten)

Under certain circumstances, you have the right to request the deletion of your personal data. This includes cases where the data is no longer necessary for the purposes for which it was collected, or where you withdraw consent.

Opt-Out of Marketing Communications

You can opt out of receiving marketing communications from us at any time by following the unsubscribe instructions in our emails or by contacting us directly.

Technical Security Measures

We employ cutting-edge technical safeguards, including:

• SSL/TLS Encryption: For secure data transmission over our websites and services.
• Access Controls: Strict role-based access to systems and data, ensuring only authorized personnel can access sensitive information.
• Regular Audits & Penetration Testing: To identify and remediate potential vulnerabilities in our infrastructure.
• Data Minimization: Only collecting and retaining data that is essential for operational purposes.

Administrative & Physical Safeguards

Our commitment extends beyond digital security:

• Employee Training: All Albion Core staff undergo regular data protection and privacy training.
• Confidentiality Agreements: Requiring all personnel to adhere to strict data confidentiality protocols.
• Physical Security: Secure facilities with restricted access for servers and data storage infrastructure.
• Incident Response Plan: A well-defined protocol to detect, respond to, and mitigate any potential data breaches promptly.