Privacy Policy
Legacy PLC (“we”, “our”, or “us”) is committed to safeguarding the privacy and personal data of visitors, users, and customers of our website, legacyplc.com (“Website”). This Privacy Policy outlines how we collect, use, disclose, and protect your personal information in compliance with all applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
We approach privacy with a principle of transparency, lawfulness, and respect for individual rights. Your trust is important to us, and we are dedicated to protecting your data accordingly.
1. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data processed through legacyplc.com. For purposes of data protection legislation, Legacy PLC is the data controller of any personal information provided or collected through our Website. This means we determine the purposes and means of processing your personal data.
If you are a California resident, this Privacy Policy also serves as our notice of collection in accordance with the CCPA.
2. Categories of Data Processed
We may collect and process the following categories of personal data:
a) Usage Data
Information such as your IP address, browser type and version, operating system, timestamp of access, geographical location, referral source, length of visits, and pages viewed—automatically collected through cookies, log files, and analytics software to improve user experience and website functionality.
b) Account Data
Data you provide when creating an account or making a purchase, including your name, postal address, email address, phone number, and login credentials.
c) Profile Data
Details and insights derived from your use of the Website and services, such as purchase history, preferences, feedback submissions, browsing behavior, and saved items.
d) Communication Data
Records of any correspondence with you, including support requests, inquiries via contact forms, and customer service interactions.
e) Technical Data
Device-specific information including hardware model, mobile network information, unique device identifiers, operating systems, and browser settings used to access legacyplc.com.
f) Transaction Data
Information related to financial transactions made on our Website, such as payment method, billing address, delivery status, order history, and purchase confirmations. Please note that payment details may be handled by third-party payment processors in accordance with their privacy terms.
g) Preference Data
Marketing, communication, and product preferences expressed via opt-in mechanisms or direct submissions, including newsletter sign-ups and participation in surveys or promotions.
3. Legal Bases for Processing
In compliance with GDPR, we process personal data under the following lawful bases:
– Performance of Contract: Processing necessary for executing a contract with you or to take pre-contractual steps at your request.
– Legitimate Interest: Processing necessary for our legitimate interests, provided that these are not overridden by your data protection rights.
– Consent: Processing based on your explicit and informed consent, which you have the right to withdraw at any time.
– Legal Obligation: Processing required to comply with legal or regulatory obligations to which we are subject.
4. Your Rights Under Data Protection Law
Subject to applicable laws, you have the following rights:
– Right of Access – You may request access to your personal data we hold.
– Right to Rectification – You can request correction of inaccurate or incomplete data.
– Right to Erasure – You may request deletion of your personal data under certain circumstances.
– Right to Restrict Processing – You may request that we limit the processing of your data.
– Right to Data Portability – You may request transfer of your data to another controller in a structured, commonly used, and machine-readable format.
– Right to Object – You may object to processing based on our legitimate interests or to direct marketing.
– Rights under CCPA – California residents have the right to request information about categories/types of personal data collected, request deletion of certain data, and opt out of sale of personal information (note: we do not sell personal data).
To exercise any of your rights, please contact [email protected] with your specific request.
5. Security Measures
We implement technical and organizational safeguards to protect personal data and ensure a high standard of data security. These include:
– SSL encryption and data transmission protocols;
– Role-based access controls and two-factor authentication;
– Secure server infrastructures and firewall protections;
– Regular data backups and disaster recovery protocols;
– Staff training in privacy awareness and secure data handling.
Despite these measures, no transmission or storage system can be guaranteed 100% secure. We encourage you to take appropriate steps to protect your personal information on your end as well.
6. International Transfers
Your personal data may be stored or processed outside of your country of residence, including in countries that may not provide the same level of data protection as your jurisdiction. In such cases, we rely on appropriate legal mechanisms, including:
– Standard Contractual Clauses approved by the European Commission;
– Adequacy decisions by relevant authorities;
– Other safeguards as required under international data protection regulations.
We ensure that all recipients uphold an equivalent level of protection consistent with this Policy and applicable law.
7. Data Retention
We retain your personal data only for as long as necessary for the purposes for which it was collected or as required under applicable laws. Retention periods are as follows:
– Usage and Technical Data: up to 12 months;
– Account, Transaction, and Communication Data: up to 7 years from the date of last interaction (for auditing and legal compliance);
– Profile and Preference Data: until user account deletion or withdrawal of consent;
– Marketing communications data: until unsubscribed.
After expiration of the retention period, data will be securely deleted or anonymized.
8. Cookie Policy
We use cookies and similar technologies on legacyplc.com to enhance your browsing experience and provide personalized services. Categories include:
– Essential Cookies: Required for basic functionality and security.
– Functional Cookies: Remember your preferences and login details.
– Analytics Cookies: Collect anonymized data on user behavior for statistical purposes.
– Performance Cookies: Help us improve website speed and responsiveness.
We may allow third-party cookies (e.g., Google Analytics) in accordance with this Policy. These third parties may use their own cookies subject to their personal privacy policies.
9. Cookie Management and Compliance
Upon first visit to legacyplc.com, you will be presented with a cookie consent banner allowing you to accept or customize your preferences in accordance with GDPR. You may modify your preferences at any time through the cookie settings on our site or via your browser options.
CCPA grants California users the right to know about and control data collected via cookies. You may opt out of the use of certain cookies by submitting a “Do Not Sell My Personal Information” request (note: we do not currently sell personal data).
10. Children’s Privacy
We do not knowingly collect or solicit personal information from children under the age of 13. If we become aware that information from a child under 13 has been collected without verifiable parental consent, we will take immediate steps to delete such data from our systems.
11. Updates to This Policy
We may periodically update this Privacy Policy to reflect legal, technical, or operational changes. Any material changes will be communicated promptly via prominent Website notices or direct communication where appropriate. Continued use of legacyplc.com after changes signifies acceptance of the updated terms.
12. Contact Us
If you have questions, concerns, or requests involving your personal data or this Privacy Policy, you may contact us by email at:
Our team is committed to responding promptly and transparently to all privacy-related inquiries.
We are fully committed to complying with applicable data protection regulations and maintaining the highest respect for your individual privacy rights. Please do not hesitate to contact us at [email protected] with any concerns you may have.
