Privacy Policy
1. Introduction
At Pitchfork Media (“we,” “us,” or “our”), accessible via https://pitchfork-media.com, we are committed to protecting your privacy and ensuring that your personal data is handled in a safe, transparent, and responsible manner. This Privacy Policy outlines how we collect, use, disclose, and secure your information in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Your privacy is of utmost importance to us, and we are dedicated to maintaining robust data stewardship across all our online interactions and services.
2. Scope of this Policy and Role of Data Controller
This Privacy Policy applies to all visitors, users, and customers who access or interact with our website at pitchfork-media.com and related services. Pitchfork Media is the data controller of the personal data collected through this website, meaning we determine the purposes and means of processing your personal data.
This Policy governs the collection, use, storage, sharing, and protection of data obtained through our website or via electronic communications with us. By using pitchfork-media.com, you acknowledge that you have read and understood this Privacy Policy.
3. Categories of Personal Data We Process
Depending on how you engage with pitchfork-media.com, we may collect and process the following categories of personal data:
a. Usage Data
Information about your interactions with our website, such as IP address, browser type and language, device type, URLs visited, time and date of website interaction, session duration, and navigation paths.
b. Account Data
Information provided when registering or setting up an account, including your full name, email address, postal address, and telephone number.
c. Profile Data
Information reflecting your preferences, interests, purchasing behavior, product reviews, or engagement with personalization features on our website.
d. Communication Data
Records of interactions with our customer support, including contact history, support messages, and any inquiries or feedback submitted.
e. Technical Data
Data automatically collected from your device or browser, including device identifiers, operating system, system configuration, screen resolution, and error logs.
f. Transaction Data
Details of payments made, order history, invoice information, shipping and billing addresses, and delivery tracking.
g. Preference Data
Marketing and notification preferences, cookie consent choices, and data related to product types or categories of interest.
4. Legal Bases for Processing
We ensure that all personal data processing is conducted in accordance with appropriate legal bases under the GDPR and CCPA:
– Consent: Where required by law, we seek and document your affirmative consent before collecting or processing personal data.
– Contractual Necessity: Certain data are required to fulfill our contractual obligations to you, such as processing orders or delivering products.
– Legal Obligation: We may process data to comply with legal requirements, including tax obligations, fraud prevention, or regulatory compliance.
– Legitimate Interests: We may process data to further our business interests in ways that do not override your rights and freedoms, such as improving our platform, detecting security incidents, or conducting usage analytics.
5. Your Rights
Subject to applicable regional laws, you have the following rights in relation to your personal data:
– Right of Access: You have the right to know what personal data we hold about you and to request a copy.
– Right to Rectification: You may request correction of inaccurate or incomplete personal data.
– Right to Erasure: You have the right to request deletion of your data under certain conditions, commonly referred to as the “right to be forgotten.”
– Right to Restriction: You may request that we limit the processing of your personal data under specific circumstances.
– Right to Data Portability: You have the right to receive your personal data in a commonly used and machine-readable format and transmit it to another controller, where technically feasible.
To exercise any of these rights, please contact us at [email protected]. We will respond in accordance with applicable legal timeframes.
6. Security Measures
We implement industry-standard technical and organizational safeguards to protect personal data from unauthorized access, disclosure, alteration, or destruction. These measures include:
– Encryption of data in transit via SSL/TLS
– Secure server environments and firewalls
– Role-based access controls and multi-factor authentication for internal systems
– Regular security audits, patching, and vulnerability scanning
– Staff training on data privacy and incident response
While we take every reasonable step to secure your information, no online transmission or storage system can be guaranteed to be 100% secure.
7. International Transfers
Your information may be processed and stored outside of your country of residence, including in jurisdictions that may not provide the same level of data protection as your home country. When we transfer data internationally:
– We rely on Standard Contractual Clauses or similar safeguards as approved by the European Commission and other regulatory authorities.
– For users in California and other U.S. jurisdictions, we ensure that data partner contracts adhere to CCPA-defined service provider requirements and do not allow unauthorized data selling.
We take additional compliance steps to ensure your data is protected regardless of its location.
8. Data Retention
We retain personal data for only as long as necessary to fulfill the purposes for which we collected it, including for legal, contractual, or regulatory obligations. Retention periods are determined as follows:
– Usage and Technical Data: Up to 12 months
– Account and Profile Data: While active and up to 3 years after last interaction
– Communication Data: Up to 3 years after last communication
– Transaction Data: 7 years for financial audit and compliance
– Preference Data: Until consent is withdrawn or account is deleted
We securely dispose of or anonymize data once retention periods expire.
9. Cookie Policy
Our website uses cookies and similar technologies to improve usability, personalize your experience, and analyze traffic. Cookies fall into the following categories:
– Essential Cookies: Necessary for site operation and use of core features such as account login.
– Functional Cookies: Enable enhanced functionality such as remembering user preferences.
– Analytics Cookies: Help us understand how visitors interact with our site, which guides improvements.
– Performance Cookies: Monitor site performance and identify technical issues.
For more detailed information, see our separate Cookie Notice available on pitchfork-media.com.
10. Cookie Management and Compliance with GDPR & CCPA
You can manage your cookie preferences at any time via our Cookie Consent Tool available on our website footer. Users may:
– Opt-out of non-essential cookies through our consent management interface
– Disable cookies via browser settings
– Withdraw consent to cookies by updating preferences at any time
Under CCPA, California consumers may exercise their right to opt out of data sales or sharing through our “Do Not Sell or Share My Personal Information” link, prominently displayed onsite.
11. Children’s Data Protection
We do not knowingly collect or process personal data from individuals under the age of 13. If we become aware that such information has been inadvertently collected, it will be deleted promptly. Parents or guardians who believe their child may have submitted data should contact us at [email protected].
12. Policy Updates
We may update this Privacy Policy from time to time to reflect legal, regulatory, or operational changes. Material changes will be communicated through appropriate channels, such as website banners or direct notifications where applicable. Continued use of pitchfork-media.com constitutes acceptance of any updates.
13. Contact Information
If you have any questions, concerns, or requests in relation to this Privacy Policy or your personal data, please contact our Privacy Team at:
Email: [email protected]
We are committed to handling your personal information with transparency and in full compliance with applicable privacy laws. You may reach out to us at any time to exercise your data rights or to raise a privacy concern.
Pitchfork Media maintains a strong commitment to compliance with GDPR, CCPA, and global data privacy standards.