Privacy Policy
1. Introduction
At The Moon Oakland (“we”, “us”, or “our”), accessible via themoon-oakland.com, we are committed to protecting your privacy and safeguarding your personal information. Our mission is to ensure that the data you provide to us is handled responsibly, transparently, and in accordance with the highest standards of privacy and data protection, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
This Privacy Policy outlines how we collect, use, disclose, and protect your personal data when you visit our website, interact with us digitally, or engage with our products and services. We encourage you to read this Policy carefully to understand your rights and how we uphold our privacy obligations.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all users of our website, themoon-oakland.com, and to all personal data processed by us in the course of providing services, responding to inquiries, or administering accounts.
The Moon Oakland is the data controller for the personal data collected through this website. If you have any questions about how we handle your personal data, please contact us at: [email protected].
3. Categories of Personal Data Processed
We may collect, store, and use the following categories of personal data:
– Usage Data: Information about how you interact with our website, including IP address, browser type and version, time zone setting, referral source, pages viewed, and session data.
– Account Data: Information you provide when you create an account or make a reservation, such as your full name, physical address, email address, and phone number.
– Profile Data: Information you submit about your preferences, purchase history, behavior on our site, and other information that helps us tailor your experience.
– Communication Data: Content of inquiries, support messages, feedback, and any record of communication with our team.
– Technical Data: Includes device details, operating system, browser plugins, internet connection status, and other system configurations that assist in providing our services securely and effectively.
– Transaction Data: Details related to payments you’ve made to us or product/services you’ve ordered, including billing information, purchase logs, and delivery details.
– Preference Data: Your consents, opt-in/opt-out selections for marketing communications, notice selections, and product interests.
4. Legal Bases for Processing Personal Data
Under applicable data protection laws, we rely on the following legal bases to process your personal data:
– Consent: When you have provided clear affirmative consent for processing your personal data for a specific purpose, such as subscribing to marketing communications.
– Contractual Necessity: Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into such a contract.
– Legal Obligation: Where processing is required to comply with a legal duty to which we are subject.
– Legitimate Interests: Where processing is required for our legitimate business interests, provided that these interests are not overridden by your data protection rights or fundamental freedoms. These include improving our services, preventing fraud, and ensuring network and information security.
5. Your Data Protection Rights
Subject to applicable law, you have the following rights regarding your personal data:
– Right to Access – You are entitled to request a copy of the personal data we hold about you.
– Right to Rectification – If your personal data is inaccurate or incomplete, you have the right to request correction or completion.
– Right to Erasure (“Right to be Forgotten”) – You may request deletion of your personal data when there is no longer a legal or contractual obligation for us to keep it.
– Right to Restrict Processing – In certain circumstances, you may request that we limit the way we use your data.
– Right to Data Portability – You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transfer it to another data controller.
To exercise your rights, please contact us at: [email protected].
6. Security Measures
We implement appropriate technical and organizational measures to safeguard your personal data, including:
– Encryption of data at rest and in transit;
– Role-based access controls and password protections;
– Routine data backups and disaster recovery protocols;
– Employee training on privacy compliance and secure data handling practices.
7. International Data Transfers
If your data is transferred outside of the European Economic Area or California, we ensure that such transfers are protected by appropriate legal mechanisms, including the use of Standard Contractual Clauses approved by the European Commission and compliance with regional safeguards as required under applicable data protection frameworks.
8. Data Retention
We retain your personal data only for as long as is necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying legal, regulatory, tax, accounting, or reporting requirements.
– Usage and Technical Data: Retained for 12 months for analytics and troubleshooting.
– Account and Profile Data: Retained as long as your account is active, and up to 6 years post-closure.
– Transaction Data: Retained for 7 years to comply with financial and tax obligations.
– Communication Data: Retained for a maximum of 3 years to improve customer service.
– Preference Data: Retained until you withdraw consent or request erasure.
9. Cookie Policy
We use cookies on themoon-oakland.com to improve user experience and analyze site usage. Cookies are small text files stored on your device when you visit our website.
Types of cookies we use:
– Essential Cookies: Required for site functionality and security, such as session management and authentication.
– Functional Cookies: Enable enhanced personalization, such as remembering preferences or display settings.
– Analytics Cookies: Help us understand how users interact with our website through aggregate usage statistics.
– Performance Cookies: Track site performance metrics to identify and fix errors, and to enhance user experience.
10. Cookie Management and Regulatory Compliance
We honor your cookie preferences as required under the GDPR and CCPA regulations. Upon your first visit, a cookie banner will prompt you to accept or reject non-essential cookies. You may also change your choices at any time by accessing our Cookie Preferences section.
To manage cookies:
– Modify your browser settings to block or delete cookies;
– Use third-party cookie management tools;
– Contact us to exercise your rights under relevant privacy laws.
We do not sell your personal information and we ensure your data is not shared for cross-context behavioral advertising without your explicit consent, in accordance with CCPA guidelines.
11. Protection of Children’s Privacy
The services available at themoon-oakland.com are not intended for children under the age of 13. We do not knowingly collect or process personal data from children. If we become aware that personal information from a child under 13 has been collected in error, we will delete such data promptly. Parents or legal guardians who believe their child has submitted personal information may contact us at [email protected].
12. Policy Updates
We may revise this Privacy Policy from time to time to reflect changes in legal or regulatory obligations or in the way we handle personal information. Any material changes will be communicated through prominent notices on themoon-oakland.com. We encourage you to review this Policy periodically to stay informed.
13. Contact Us
If you have any questions about this Privacy Policy, your rights under applicable data protection laws, or if you wish to lodge a complaint or request regarding your personal data, please contact:
Email: [email protected]
Your trust is important to us. We are committed to ensuring that your personal data is protected, accessible, and handled with transparency in full compliance with GDPR, CCPA, and all applicable privacy regulations.