Privacy Policy for Herbarium Archives

This Privacy Policy describes how Herbarium Archives ("we," "us," or "our") collects, uses, and discloses your information when you use our online platform, which serves as a comprehensive resource for botanical knowledge and herbal studies, offering access to rare book collections, botanical guides, herbal remedy research, educational workshops, and digital archiving services.

We are committed to protecting your privacy and handling your personal data in a transparent and lawful manner in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Information We Collect

We collect various types of information, including personal data, to provide and improve our services. This includes:

• Information you provide to us directly: This includes information such as your name, email address, postal address (for workshop registrations or physical mail), and any other information you voluntarily provide when registering for an account, subscribing to newsletters, signing up for workshops, making inquiries, or participating in surveys.
• Information collected automatically: When you access and use our site, we may automatically collect certain information about your device and usage patterns. This may include your IP address, browser type, operating system, referring URLs, pages viewed, and the dates/times of your visits. This data helps us understand how our site is used and to improve its functionality.
• Information from third parties: In certain circumstances, we may receive information about you from third-party services, such as payment processors for workshop fees, or analytics providers, always in compliance with their privacy policies and applicable laws.

2. How We Use Your Information

We use the information we collect for various purposes, including:

• To provide and maintain our services: This includes granting access to our digital archives, managing workshop registrations, and delivering requested botanical guides.
• To improve and personalize your experience: We use data to understand user preferences, optimize our content, and tailor educational workshop offerings.
• For communication: To send you newsletters, updates, workshop confirmations, and respond to your inquiries.
• For research and analytics: To analyze trends, track usage, and measure the effectiveness of our programs and resources.
• For security and fraud prevention: To protect our site, our users, and our intellectual property.
• To comply with legal obligations: To meet legal, regulatory, or judicial requirements.

3. Legal Basis for Processing Personal Data (GDPR)

We process your personal data based on the following legal grounds:

• Consent: Where you have given clear consent for us to process your personal data for a specific purpose (e.g., subscribing to a newsletter).
• Contractual Necessity: Where the processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract (e.g., workshop registration).
• Legitimate Interests: Where the processing is necessary for our legitimate interests or the legitimate interests of a third party, and those interests do not override your fundamental rights and freedoms (e.g., improving our services, ensuring website security).
• Legal Obligation: Where the processing is necessary for compliance with a legal obligation to which we are subject.

4. Sharing Your Information

We do not sell your personal data. We may share your information in the following circumstances:

• Service Providers: We may share your information with trusted third-party service providers who assist us in operating our website, conducting our business, or providing services to you (e.g., web hosting, email service providers, payment processors, analytics providers). These service providers are obligated to protect your information and use it only for the purposes for which it was disclosed.
• Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court order or government agency).
• Business Transfers: In the event of a merger, acquisition, or asset sale, your personal data may be transferred as part of the transaction. We will notify you of any such event and inform you of your choices regarding your information.
• With Your Consent: We may share your information with third parties when we have your explicit consent to do so.

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

6. Your Data Protection Rights (GDPR)

Under GDPR, you have the following rights regarding your personal data:

• The right to be informed: About how your personal data is processed.
• The right of access: To request copies of your personal data.
• The right to rectification: To request that we correct any information you believe is inaccurate or incomplete.
• The right to erasure ("right to be forgotten"): To request that we erase your personal data, under certain conditions.
• The right to restrict processing: To request that we restrict the processing of your personal data, under certain conditions.
• The right to object to processing: To object to our processing of your personal data, under certain conditions.
• The right to data portability: To request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
• The right to withdraw consent: Where our processing is based on your consent, you have the right to withdraw that consent at any time.

To exercise any of these rights, please contact us using the details provided below.

7. Security of Your Information

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, disclosure, alteration, or destruction. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

8. International Data Transfers

As Herbarium Archives operates from Ireland, your data is primarily processed within the European Economic Area (EEA). If we transfer your personal data outside the EEA, we will ensure that appropriate safeguards are in place to protect your privacy rights, as required by GDPR, such as using Standard Contractual Clauses approved by the European Commission.

9. Cookies and Tracking Technologies

Our site uses cookies and similar tracking technologies to enhance your browsing experience, analyze site usage, and support our services. You can manage your cookie preferences through your browser settings. Please refer to our Cookie Policy for more detailed information.

10. Links to Other Websites

Our site may contain links to other websites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

11. Children's Privacy

Our services are not intended for individuals under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16 without verifiable parental consent, we will take steps to remove that information from our servers.

12. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "last updated" date. We encourage you to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

13. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:

• Address: Herbarium Archives, Tom Clarke Bridge, Dublin, Dublin, Ireland

14. Right to Lodge a Complaint

Should you be unsatisfied with our handling of your privacy concerns, you have the right to lodge a complaint with the relevant data protection supervisory authority in Ireland, which is the Data Protection Commission (DPC).