Effective Date: January 1st, 2025

Welcome to Loreto.com. Protecting your privacy is important to us. This Privacy Policy explains how we collect, use, and protect your personal information when you use our website and outlines your rights under applicable laws, including the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA).


Who We Are

Our website address is: https://www.loreto.com. Loreto.com provides authentic information about Loreto, Baja California Sur, including attractions, tours, events, and community resources.


What Personal Data We Collect and Why

Comments

When visitors leave comments, we collect:

  • Data shown in the comments form.
  • Visitor’s IP address and browser user agent string (to detect spam).

Gravatar Integration:
An anonymized string from your email address (a hash) may be sent to the Gravatar service. After approval of your comment, your Gravatar profile picture becomes visible. Gravatar Privacy Policy.


Media

If you upload images to the site, avoid embedding location data (EXIF GPS). Visitors can extract this data from uploaded images.


Cookies

We use cookies for website functionality and a better user experience.

TypePurpose
Comments CookiesSave your name, email, and website for convenience when posting comments. These last one year.
Login CookiesMaintain session info for 2 days (or 2 weeks with “Remember Me”). Logout removes cookies.
Editing CookiesStore post-editing info for one day.

For more details, visit our Cookie Policy.


Embedded Content from Other Websites

Content on our site (e.g., videos or articles) may include embedded elements from third-party sites. These external sites may:

  • Collect your data.
  • Use cookies or other tracking tools.
  • Monitor your interactions with their content, including logged-in user activity.

Legal Basis for Collecting Data (GDPR Compliance)

If you’re accessing the website from the European Union, we process your personal data based on:

PurposeLegal Basis
To provide servicesNecessary for contract performance.
For analytics and improvementLegitimate interests in improving our site and services.
To comply with lawsNecessary for legal obligations (e.g., detecting fraud).
For consent-based activitiesYour explicit consent, such as when opting into cookies or newsletters.

Your Rights Under GDPR

If you are a resident of the EU, you have the following rights regarding your personal data:

  • Right to Access: Request details of the personal data we hold about you.
  • Right to Rectification: Correct inaccuracies in your personal data.
  • Right to Erasure: Request deletion of your data, subject to legal obligations.
  • Right to Restrict Processing: Limit the ways we use your data.
  • Right to Data Portability: Receive your personal data in a machine-readable format.
  • Right to Object: Opt-out of certain data uses, including marketing.

To exercise these rights, contact us at: [Insert Contact Email].


Your Rights Under CCPA

If you are a California resident, you have the following rights:

RightDetails
Right to KnowRequest details of the categories and specific pieces of personal data we’ve collected about you.
Right to DeleteAsk us to delete your personal information, subject to exceptions.
Right to Opt-OutOpt-out of the sale of your personal information (if applicable).
Non-DiscriminationWe won’t deny services or charge different rates for exercising your rights.

To submit a CCPA request, email us at: [Insert Contact Email].


Who We Share Your Data With

  • Spam Detection Services: Visitor comments may be checked through automated spam detection tools.
  • Service Providers: We may share data with third-party vendors (e.g., hosting providers) for operational purposes.
  • Legal Requirements: We may disclose your data to comply with legal obligations or protect our rights.

How Long We Retain Your Data

  • Comments: Retained indefinitely for moderation purposes.
  • Registered User Data: Stored until the user deletes their account or requests deletion.

Where Your Data Is Sent

We process data in compliance with local and international laws. Visitor comments may be checked through automated spam detection services, which may process data outside your jurisdiction.


Do Not Track Signals

Our website does not respond to “Do Not Track” browser signals.


Security of Your Data

We implement industry-standard measures to safeguard your data, including encryption, access controls, and secure servers. While we strive for 100% security, no online service is completely secure.


Updates to This Privacy Policy

We may revise this policy to reflect changes in our practices or legal requirements. Updates will be posted here with a revised Effective Date.


Contact Us

For questions or requests regarding your privacy, please contact us at:

Email: [email protected]

Thank you for trusting Loreto.com with your personal information.