Effective Date: January 1st, 2025
Welcome to Loreto.com. Protecting your privacy is important to us. This Privacy Policy explains how we collect, use, and protect your personal information when you use our website and outlines your rights under applicable laws, including the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA).
Who We Are
Our website address is: https://www.loreto.com. Loreto.com provides authentic information about Loreto, Baja California Sur, including attractions, tours, events, and community resources.
What Personal Data We Collect and Why
Comments
When visitors leave comments, we collect:
- Data shown in the comments form.
- Visitor’s IP address and browser user agent string (to detect spam).
Gravatar Integration:
An anonymized string from your email address (a hash) may be sent to the Gravatar service. After approval of your comment, your Gravatar profile picture becomes visible. Gravatar Privacy Policy.
Media
If you upload images to the site, avoid embedding location data (EXIF GPS). Visitors can extract this data from uploaded images.
Cookies
We use cookies for website functionality and a better user experience.
Type | Purpose |
---|---|
Comments Cookies | Save your name, email, and website for convenience when posting comments. These last one year. |
Login Cookies | Maintain session info for 2 days (or 2 weeks with “Remember Me”). Logout removes cookies. |
Editing Cookies | Store post-editing info for one day. |
For more details, visit our Cookie Policy.
Embedded Content from Other Websites
Content on our site (e.g., videos or articles) may include embedded elements from third-party sites. These external sites may:
- Collect your data.
- Use cookies or other tracking tools.
- Monitor your interactions with their content, including logged-in user activity.
Legal Basis for Collecting Data (GDPR Compliance)
If you’re accessing the website from the European Union, we process your personal data based on:
Purpose | Legal Basis |
---|---|
To provide services | Necessary for contract performance. |
For analytics and improvement | Legitimate interests in improving our site and services. |
To comply with laws | Necessary for legal obligations (e.g., detecting fraud). |
For consent-based activities | Your explicit consent, such as when opting into cookies or newsletters. |
Your Rights Under GDPR
If you are a resident of the EU, you have the following rights regarding your personal data:
- Right to Access: Request details of the personal data we hold about you.
- Right to Rectification: Correct inaccuracies in your personal data.
- Right to Erasure: Request deletion of your data, subject to legal obligations.
- Right to Restrict Processing: Limit the ways we use your data.
- Right to Data Portability: Receive your personal data in a machine-readable format.
- Right to Object: Opt-out of certain data uses, including marketing.
To exercise these rights, contact us at: [Insert Contact Email].
Your Rights Under CCPA
If you are a California resident, you have the following rights:
Right | Details |
---|---|
Right to Know | Request details of the categories and specific pieces of personal data we’ve collected about you. |
Right to Delete | Ask us to delete your personal information, subject to exceptions. |
Right to Opt-Out | Opt-out of the sale of your personal information (if applicable). |
Non-Discrimination | We won’t deny services or charge different rates for exercising your rights. |
To submit a CCPA request, email us at: [Insert Contact Email].
Who We Share Your Data With
- Spam Detection Services: Visitor comments may be checked through automated spam detection tools.
- Service Providers: We may share data with third-party vendors (e.g., hosting providers) for operational purposes.
- Legal Requirements: We may disclose your data to comply with legal obligations or protect our rights.
How Long We Retain Your Data
- Comments: Retained indefinitely for moderation purposes.
- Registered User Data: Stored until the user deletes their account or requests deletion.
Where Your Data Is Sent
We process data in compliance with local and international laws. Visitor comments may be checked through automated spam detection services, which may process data outside your jurisdiction.
Do Not Track Signals
Our website does not respond to “Do Not Track” browser signals.
Security of Your Data
We implement industry-standard measures to safeguard your data, including encryption, access controls, and secure servers. While we strive for 100% security, no online service is completely secure.
Updates to This Privacy Policy
We may revise this policy to reflect changes in our practices or legal requirements. Updates will be posted here with a revised Effective Date.
Contact Us
For questions or requests regarding your privacy, please contact us at:
Email: [email protected]
Thank you for trusting Loreto.com with your personal information.