Purpose of Policy: This Privacy Policy outlines how Something Wicked, Inc. collects, uses, stores, and safeguards personal information. It applies to all interactions with our services, both online and offline, across all regions where we operate, including the United States, the European Union, the United Kingdom, and other North American countries.
Scope of Application: This policy applies to all clients, employees, partners, and users of Something Wicked, Inc. services.
2. Information Collection
Types of Information Collected: We collect various types of personal and business-related information, including but not limited to names, contact details, professional information, IP addresses, and usage data.
Methods of Collection: Data is collected through direct interactions (e.g., client consultations, contracts), through our website (e.g., forms, cookies), and occasionally from third-party sources.
3. Use of Information
Purpose of Data Collection: The collected data is used to provide and improve our services, communicate with clients and partners, comply with legal obligations, and for internal analysis.
Legal Basis for Processing: In compliance with GDPR, UK GDPR, CCPA, and other relevant laws, we process data based on contractual necessity, explicit consent, legitimate interests, and legal requirements.
4. Information Sharing and Disclosure
Third-Party Sharing: We may share information with subcontractors, legal authorities, or as part of business transactions.
International Transfers: Data may be transferred internationally, with adherence to legal frameworks like the EU-U.S. Privacy Shield or Standard Contractual Clauses.
5. Data Security
Security Measures: We implement robust security measures including encryption, access controls, and regular security assessments to protect data against unauthorized access or disclosure.
Data Breach Response: In case of a data breach, we have protocols to promptly assess the situation, mitigate damage, and notify affected parties as required by law.
6. Data Retention
Retention Period: Data is retained as long as necessary for the purposes it was collected, or as required by law.
Data Disposal: Once no longer needed, data is securely deleted or anonymized.
7. Rights of Data Subjects
Data Subject Rights: Individuals have the right to access, correct, delete, or transfer their data, and to object to its processing. In the EU and UK, individuals also have the right to withdraw consent.
Exercising Rights: Instructions for exercising these rights are provided, with contact details for our Data Protection Officer.
8. Policy Updates
Notification of Changes: We reserve the right to modify this policy. Updates will be communicated through our website and, where appropriate, direct communication. Please bookmark the URL of this page: (https//scre.me/privacy-policy/) for the most up-to-date posting of our privacy policy and practices.
9. Contact Information
Queries and Complaints: Contact details for privacy-related inquiries are provided, segmented by region.
10. Governing Law
Jurisdiction: This policy is governed under the laws of the State of Delaware, USA, and complies with relevant laws in the regions we operate.
11. Effective Date
Implementation: This policy is the most recent version of how we help manage the privacy of your data wherever we share interactive experiences, both physically and virtually, online and offline as of December 5, 2023.