Legal

Privacy Policy

This Privacy Policy describes how Charmingsieve collects, uses, stores, and protects personal information when you visit our website or interact with our group cycling organization.

Last updated:

1. Data Controller Information

The data controller responsible for your personal information is Charmingsieve, located at 124 Clement St, San Francisco, CA 94118, USA. You may contact us regarding privacy matters by phone at +1 415-683-5654 or via email at assist@charmingsieve.world. We are committed to handling your data transparently and in accordance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable international privacy laws.

2. Scope of This Policy

This Privacy Policy applies to all personal data collected through the website charmingsieve.world, including data submitted via our contact form, cookie consent mechanisms, email correspondence, phone communications, and in-person interactions at our Clement Street office. It does not apply to third-party websites linked from our pages, and we encourage you to review the privacy policies of any external sites you visit.

3. Categories of Personal Data We Collect

We may collect the following categories of personal data depending on how you interact with our organization:

  • Identity data: full name, username, or similar identifiers you provide when contacting us or registering for programs.
  • Contact data: email address, telephone number, postal address, and preferred communication method.
  • Technical data: Internet Protocol (IP) address, browser type and version, time zone setting, browser plug-in types, operating system, device type, and other technology identifiers on the devices you use to access our website.
  • Usage data: information about how you use our website, including pages visited, time spent on pages, navigation paths, and referral sources.
  • Communication data: content of messages you send through our contact form or email, including inquiries about ride groups, seasonal challenges, and orientation sessions.
  • Consent data: records of your cookie preferences and GDPR consent selections.

4. How We Collect Personal Data

We collect personal data through several methods. Direct interactions occur when you fill out our contact form, send us an email, call our office, visit our Clement Street location, or register for group rides and seasonal programs. Automated technologies collect technical and usage data through cookies, server logs, and similar tracking technologies when you browse our website. We may also receive data from publicly available sources when relevant to organizational partnerships or community outreach activities.

4.1 Contact Form Data

When you submit our contact form, we collect your name, email address, message content, and GDPR consent confirmation. This data is used exclusively to respond to your inquiry and is not used for unrelated marketing purposes unless you have provided separate consent for such communications.

4.2 Cookie and Tracking Data

Our website uses cookies to maintain essential functionality and, with your consent, to analyze visitor behavior and deliver relevant content. Detailed information about our cookie practices is available in our Cookie Policy.

5. Purposes and Legal Bases for Processing

We process your personal data only when we have a lawful basis to do so. The table below outlines our primary processing purposes and corresponding legal bases under GDPR:

  • Responding to inquiries: We process contact form and email data to respond to your questions about ride groups, programs, and organizational services. Legal basis: legitimate interest in providing customer support and, where applicable, performance of a contract.
  • Program administration: We process registration data to manage your participation in group rides and seasonal challenges. Legal basis: performance of a contract and legitimate interest in organizational management.
  • Website functionality: We process technical data to ensure our website operates correctly and securely. Legal basis: legitimate interest in maintaining a functional digital platform.
  • Analytics: With your consent, we process usage data to understand how visitors interact with our content and improve our website. Legal basis: consent.
  • Marketing communications: With your consent, we may send informational updates about programs and events. Legal basis: consent.
  • Legal compliance: We may process data to comply with legal obligations, respond to lawful requests from authorities, or protect our legal rights. Legal basis: legal obligation and legitimate interest.

6. Data Sharing and Third Parties

We do not sell your personal data to third parties. We may share your data with trusted service providers who assist us in operating our website, processing communications, or administering programs. These providers include web hosting services, email delivery platforms, and analytics tools. All third-party processors are bound by contractual obligations to protect your data and process it only according to our instructions.

We may also disclose personal data when required by law, in response to valid legal process, to protect the rights and safety of our organization, participants, or the public, or in connection with a merger, acquisition, or sale of organizational assets, with appropriate notice provided where required by law.

7. International Data Transfers

Charmingsieve is based in the United States. If you access our website from the European Economic Area (EEA), United Kingdom, or other regions with data protection laws, your personal data may be transferred to and processed in the United States. We implement appropriate safeguards for international transfers, including standard contractual clauses approved by the European Commission, where applicable.

8. Data Retention Periods

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected. Specific retention periods include:

  • Contact form submissions: retained for twenty-four months after the inquiry is resolved, unless a longer period is required for ongoing program participation or legal compliance.
  • Program registration data: retained for the duration of your participation plus thirty-six months thereafter for administrative and legal purposes.
  • Cookie consent records: retained for twelve months from the date of consent, after which we request renewed consent.
  • Server logs and technical data: retained for ninety days unless required for security investigations.
  • Marketing consent records: retained until you withdraw consent, plus twelve months for compliance documentation.

When retention periods expire, we securely delete or anonymize your personal data.

9. Security Measures

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include HTTPS encryption for all website communications, access controls limiting data access to authorized personnel, regular security assessments of our systems, secure storage practices for physical and digital records, and staff training on data protection principles.

While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security but are committed to promptly addressing any data breach in accordance with applicable notification requirements.

10. Your Rights Under GDPR and Applicable Laws

Depending on your location, you may have the following rights regarding your personal data:

  • Right of access: You may request a copy of the personal data we hold about you.
  • Right to rectification: You may request correction of inaccurate or incomplete personal data.
  • Right to erasure: You may request deletion of your personal data in certain circumstances, such as when it is no longer necessary for the purposes for which it was collected.
  • Right to restrict processing: You may request that we limit how we use your data in specific situations.
  • Right to data portability: You may request your data in a structured, commonly used, machine-readable format where processing is based on consent or contract.
  • Right to object: You may object to processing based on legitimate interests or for direct marketing purposes.
  • Right to withdraw consent: Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of prior processing.
  • Right to lodge a complaint: You may file a complaint with a supervisory authority in your country of residence.

To exercise any of these rights, contact us at assist@charmingsieve.world or +1 415-683-5654. We will respond within thirty days of receiving a verifiable request.

11. California Consumer Privacy Rights

California residents have additional rights under the CCPA, including the right to know what personal information we collect, the right to delete personal information, the right to opt out of the sale of personal information (we do not sell personal data), and the right to non-discrimination for exercising privacy rights. To submit a CCPA request, contact us using the information provided in Section 1.

12. Children's Privacy

Our website and programs are not directed at individuals under the age of sixteen. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child without appropriate parental consent, we will take steps to delete that information promptly. Parents or guardians who believe their child has provided us with personal data may contact us to request deletion.

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or organizational structure. When we make material changes, we will update the date at the top of this page and, where appropriate, notify you via email or a prominent notice on our website. We encourage you to review this policy regularly.

14. Contact Information

For questions, concerns, or requests related to this Privacy Policy or our data handling practices, please contact:

Charmingsieve
124 Clement St, San Francisco, CA 94118, USA
Phone: +1 415-683-5654
Email: assist@charmingsieve.world
Website: charmingsieve.world