PRIVACY POLICY
At Kohl’s Frozen Custard, accessible at kohls-frozencustard.com, we recognize the paramount importance of your privacy and are fully committed to protecting the personal data entrusted to us. This Privacy Policy outlines how we collect, use, disclose, and safeguard information within the context of regulatory standards such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Please read this policy carefully to understand our practices regarding your personal data and how we treat it.
1. OUR COMMITMENT TO PRIVACY AND DATA PROTECTION
We are committed to maintaining the highest level of confidentiality and integrity in managing our users’ information. Your trust is our priority, and we process personal data lawfully, fairly, and transparently. Our data protection practices are designed to uphold stringent international privacy standards and safeguard your personal data against unauthorized access and disclosure.
2. SCOPE AND DATA CONTROLLER
This Privacy Policy applies to all data collected through the use of our website, kohls-frozencustard.com, including all forms and communications made via the website. For the purposes of applicable data protection legislation, Kohl’s Frozen Custard is the data controller responsible for determining the purposes and manner in which your data is processed.
3. CATEGORIES OF PERSONAL DATA WE PROCESS
We collect and process the following categories of personal data:
– Usage Data: This includes information automatically collected when you access our website, such as your IP address, browser type, access times, geographic location, unique device identifiers, and browsing behavior.
– Account Data: Any information submitted during account registration or checkout, such as your full name, billing/shipping address, email address, and contact number.
– Profile Data: Including your purchase history, product preferences, survey responses, and behavioral patterns that help us better understand and serve your needs.
– Communication Data: This includes any correspondence sent to us through our support systems, contact forms, or customer service records.
– Technical Data: Device information including operating system, browser specifications, screen resolution, language settings, and hardware identifiers.
– Transaction Data: Information about product purchases such as order details, payment information (processed securely through third-party payment processors), and delivery updates.
– Preference Data: Marketing and communication preferences, newsletter subscription status, and consent records for promotional outreach.
4. LEGAL BASES FOR PROCESSING PERSONAL DATA
We process your personal data on the following lawful bases, as recognized under GDPR and CCPA:
– Contractual Necessity: When processing is necessary to fulfill our service obligations (e.g., fulfilling orders).
– Consent: Where we rely on your explicit permission (e.g., marketing communications), you have the right to withdraw consent at any time.
– Legitimate Interests: Processing based on our genuine business interests in maintaining and improving our services, provided this does not override your fundamental rights.
– Legal Obligation: Where processing is required for compliance with applicable laws or regulatory requirements.
5. YOUR RIGHTS UNDER GDPR AND CCPA
We fully support your privacy rights and provide you with the following entitlements:
– Right to Access: You may request a copy of the personal data we hold about you.
– Right to Rectification: You may request corrections to inaccurate or incomplete data.
– Right to Erasure (“Right to be Forgotten”): You may request deletion of your personal data, subject to legal or contractual obligations.
– Right to Restrict Processing: You may request limited use of your data under specific conditions.
– Right to Data Portability: You have the right to receive your data in a structured, machine-readable format and/or transmit it to another controller.
– Right to Object: You may object to processing where it is based on our legitimate interests or for direct marketing purposes.
– Right to Opt-Out (CCPA): California residents may opt out of the sale of personal information and have the right to know, delete, and access specific data categories collected.
To exercise any of your rights, please contact us at [email protected].
6. SECURITY MEASURES
We implement robust administrative, technical, and organizational measures to protect personal data, including:
– End-to-end encryption for data transmissions
– Access controls and user authentication protocols
– Routine data backups and disaster recovery strategies
– Regular privacy and security training for personnel with access to personal data
While we strive to use commercially acceptable means to protect your data, no method of transmission or storage is entirely secure.
7. INTERNATIONAL DATA TRANSFERS
If your data is transferred outside your country of residence, including to countries not deemed to provide adequate legal protection by the European Commission, we ensure appropriate safeguards such as:
– Standard Contractual Clauses (SCCs) approved by the European Commission
– Data transfer agreements with third-party service providers
– Compliance with cross-border data transfer frameworks
8. DATA RETENTION
We retain personal data for only as long as necessary to fulfill the purposes for which it was collected, including:
– Account and transaction data: 7 years (for tax/audit obligations)
– Communication data: 3 years from last contact
– Marketing consent records: Until withdrawal of consent
– Usage and technical data: 1 year, for analytics and site optimization purposes
After these periods, data will be securely erased or anonymized.
9. COOKIE POLICY
Our website uses cookies and similar tracking technologies to enhance user experience and performance.
– Essential Cookies: Necessary for core functionality such as navigation and access to secure areas.
– Functional Cookies: Remember user choices and settings to personalize experiences.
– Analytics Cookies: Collect anonymized statistics to improve site performance and user insights.
– Performance Cookies: Help us optimize load times and system interactions.
10. COOKIE MANAGEMENT
You may manage your cookie preferences through your browser settings or via any cookie consent mechanism available on kohls-frozencustard.com. In accordance with GDPR and CCPA, we obtain explicit user consent before enabling non-essential cookies. Users may withdraw consent or modify cookie settings at any time.
11. PROTECTION OF CHILDREN’S DATA
Our website and services are not directed to children under the age of 13. We do not knowingly collect or solicit personal data from minors. If we become aware that we have unintentionally gathered such data, we will promptly delete it. Parents or legal guardians who believe their child may have submitted personal information should contact us immediately at [email protected].
12. POLICY UPDATES
We reserve the right to update this Privacy Policy as required by applicable law or changes in our operations. Revisions will be reflected on this page. Where significant changes are made, we will notify users through appropriate channels.
13. CONTACT US
If you have any questions, concerns, or requests concerning this Privacy Policy, your personal data, or our data practices, you may contact us at:
Email: [email protected]
We are committed to full compliance with international privacy laws and encourage you to reach out with any questions or concerns regarding the collection, use, or protection of your data.