Privacy Policy

Tommy Dorsey Orchestra is committed to safeguarding the privacy and personal data of visitors and users of our website, tommydorseyorchestra.com (“Website”). We understand the importance of personal data protection and are dedicated to full compliance with applicable data privacy regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we collect, process, store, and protect your personal data and informs you of your rights as a data subject.

1. Commitment to Privacy and Data Protection

At Tommy Dorsey Orchestra, your privacy is of paramount importance. We handle all personal data with diligence, transparency, and care. This Privacy Policy is intended to explain the types of personal data we collect, the lawful bases for processing, and how such information is used and protected. We commit to collecting only the data necessary to perform our services and responsibilities while implementing comprehensive safeguards to maintain your trust and confidentiality.

2. Scope of This Policy and Data Controller Role

This Privacy Policy applies to all personal data obtained through your interaction with tommydorseyorchestra.com, including but not limited to browsing, submitting information through forms, purchasing products or services, and contacting us. Tommy Dorsey Orchestra is the data controller for the purposes of the GDPR and is responsible for determining the purposes and means of processing your personal data.

For any privacy-related inquiries or to exercise your legal rights, you may contact us at:

Email: [email protected]

3. Categories of Personal Data We Process

We may collect and process the following categories of personal data, depending on your interaction with our Website:

a. Usage Data:
Includes information such as your browser type and version, IP address, location, time zone setting, access times, visited pages, referring pages, and clickstream data.

b. Account Data:
Information submitted when creating an account, such as full name, billing/shipping address, email address, and phone number.

c. Profile Data:
Includes details like preferences, historical purchasing behavior, browsing activity, and responses to marketing content.

d. Communication Data:
Includes email correspondences, customer support interactions, feedback messages, inquiry history, and related metadata.

e. Technical Data:
Includes data from the device used to access our Website such as operating system, platform type, browser plugins, screen resolution, and device identifiers.

f. Transaction Data:
Comprises payment details (processed securely through third-party providers), delivery addresses, and order histories.

g. Preference Data:
Includes your expressed interests, marketing preferences, and communication consent statuses.

4. Lawful Bases for Data Processing

We rely on the following lawful grounds under GDPR and CCPA to collect and process your personal data:

– Consent: Where you have provided clear and proactive consent to process your data for specific purposes (such as subscribing to a newsletter).
– Contractual Necessity: Where processing is necessary for performing a contract with you (e.g., fulfilling your orders).
– Legitimate Interests: Where processing is necessary for our legitimate business purposes, provided that such interests do not override your data protection rights.
– Legal Obligation: Where we are required to process data to comply with applicable laws or regulatory obligations.

5. Your Rights Under GDPR and CCPA

As a data subject, you are entitled to the following rights:

– Right of Access: The right to request access to your personal data and obtain a copy.
– Right to Rectification: The right to request corrections to inaccurate or incomplete data.
– Right to Erasure: The right to request deletion of your data where lawful grounds exist.
– Right to Restriction of Processing: The right to limit how your data is used in certain circumstances.
– Right to Data Portability: The right to receive your personal data in a structured, machine-readable format or have it transmitted to another controller.
– Right to Object: The right to object to processing based on our legitimate interests or to direct marketing.

To exercise any of these rights, please email us at [email protected]. We will respond in accordance with the timeframes established by applicable law.

6. Security Measures

Tommy Dorsey Orchestra employs appropriate technical and organizational measures to ensure a level of security appropriate to the risk associated with the processing of personal data. Such measures include but are not limited to:

– Encryption of data during transmission and storage
– Access controls and authentication protocols
– Firewalls and intrusion detection systems
– Staff training in data protection principles
– Regular system monitoring and secure back-up procedures

7. International Transfers

Wherever data is transferred outside of the European Economic Area (EEA), we ensure that appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission or transfer to jurisdictions with adequate data protection frameworks recognized under GDPR.

If personal data is accessed from, or transferred to, the United States or other non-EEA jurisdictions (e.g., through cloud service providers), we ensure contractual and regulatory compliance with all regional frameworks.

8. Data Retention

We retain personal data based on the category of data and the purposes of processing:

– Account, Transaction, and Profile Data: Retained for up to 7 years after the last interaction for audit, legal, and tax purposes.
– Communication Data: Retained for up to 3 years from last contact.
– Preference and Marketing Consent Data: Retained until consent is withdrawn or 2 years after last interaction.
– Usage and Technical Data: Retained for 12 months from collection unless further analysis is needed for legitimate security or business continuity purposes.

Once retention periods expire, data is anonymized or securely deleted.

9. Cookie Policy

Our Website uses cookies and similar technologies to enhance your experience. We categorize our use of cookies as follows:

– Essential Cookies: Necessary for basic functions of the Website such as navigation, account login, and secure sessions.
– Functional Cookies: Enable personalization features such as remembering your preferences and settings.
– Analytics Cookies: Collect information about your interactions with the Website to help us improve usability and performance.
– Performance Cookies: Track general Website performance and user engagement data to optimize performance and loading speeds.

10. Cookie Management and Compliance

You have the ability to control your cookie settings via our cookie consent management solution that appears on your first visit. At any time, you may withdraw or modify your cookie preferences by accessing your browser settings or our cookie management tool provided on tommydorseyorchestra.com.

Under both GDPR and CCPA, you have the right to opt out of the sale of personal data, and we honor and facilitate such requests in a compliant and transparent manner.

11. Children’s Privacy

The Website and its services are not directed toward or intended for children under the age of 13. We do not knowingly collect or solicit personal data from children. If we become aware that we have inadvertently gathered personal data from a child under 13, we will take prompt steps to delete such data.

If you are a parent or guardian and believe your child has provided personal data to us, please contact us at [email protected] to request deletion.

12. Policy Updates and Notifications

We reserve the right to update or modify this Privacy Policy at any time. Changes will be reflected on this page, and you are encouraged to review the Policy periodically. When material updates are made, we may notify users directly through signage on the Website or email communication if consent has been provided.

13. Contact Us

For privacy-related inquiries, requests, or concerns, please contact us at:

Tommy Dorsey Orchestra
Email: [email protected]

We are fully committed to upholding your data privacy and maintaining compliance with all applicable data protection laws. Should you have any questions about this Privacy Policy or our data practices, we welcome your outreach.

Thank you for trusting tommydorseyorchestra.com with your personal information.