In this policy, “Personal Information” means any information that can be used alone or in combination to identify an individual who engages with the Site or otherwise becomes a customer of products offered for sale on the Site, such as name, address, email, telephone number, or credit card information.Unless otherwise required by law, by accessing or using the Site you consent to the policies contained herein, which together with the Terms and Conditions form a single agreement (“Agreement”).
1. COLLECTION AND USE OF NON-PERSONAL INFORMATION
2. COLLECTION OF PERSONAL INFORMATION
Automated collection. We automatically receive and store certain types of information when you visit our Site, such as the name of the domain and host from which you access the Internet; the IP address of the computer you are using and the browser and operating system you are using; the date and time you access our Site; the Internet address of the website from which you linked to our Site; any search terms you used to find our Site; the device identifiers and mobile and network information, and your actions on our Site. Our web servers may collect “log data.” Log data provides aggregate information about the number of visits to different pages on our Site. We use log data for troubleshooting purposes and to track which pages people visit in order to improve our Site. Third-party service providers may also collect aggregate log data independently from us.
Information We Collect Through Cookies and Other Technologies. Please review our cookies policies for our respective websites.
Tracking Images. We may use tracking images (such as GIFs), which are small image files that we embed into our e-mail newsletters or blasts, to learn whether you opened or forwarded the communication or clicked on any of the content. This information tells us about our e-mail communications’ effectiveness and helps us ensure that we're delivering information that you find interesting.
Local Storage. We may use local storage (such as HTML5 or Flash) for frequency capping purposes and to provide you with relevant advertising.
Location-based services. We may collect information about your location and your mobile device (such as operating system, device type and information and time stamp). We will also track information about how you use the Site, and combine that information to any other information that we have about you (which may include, without limitation, information about your website usage). Depending on your device's settings and permissions and your choice to participate in certain programs, we may collect the location of your device by using GPS signals, cell phone towers, Wi-Fi signals, Bluetooth, or other technologies.
Advertisements. We may use third-party service providers to serve and host our advertisements. These third parties may use persistent cookies to track the number of times our Site is accessed and whether the Site was accessed from the advertisement. The cookies may remain on your hard drive three or more years unless you delete them. We may also use targeted behavioral advertising with a number of third-party advertising partners, including Facebook and Google. If you do not want Personal Information about you used for this purpose, you may be able to opt-out by following the procedure described herein. Note, however, that where we use a third party to provide advertising, email marketing or similar services, each such third party will have its own opt-out process, which it will manage and control. You will need to follow those procedures to opt-out of the services they provide.
Account and personal profiles. We may collect and maintain Personal Information about you to create a personal profile containing shopping preference and other information that you voluntarily provide to us when you create an account with us or with the third-party e-commerce providers with whom we partner (“Account”). Those who create Accounts (“Account Holders”) may be required to provide their name, address, and email. This profile may also include information we have obtained from other sources. Creating and completing an Account allows you to make purchases more easily and also allows us to optimize our Site for you.
Gift recipients. We also collect information about gift recipients provided by the giver. You represent and warrant that you are authorized to provide us with such information for the purpose of fulfilling your transaction.
Note that the information collected with the above technologies will be treated as Personal Information only if we combine or link it to any of your identifying information discussed above, or if otherwise required by law. Otherwise, this information constitutes Non-Personally Identifiable Information.
3. USE OF YOUR PERSONAL INFORMATION
We may use the information we collect about you (unless otherwise restricted by law) to:
- Facilitate your purchases and provide the services you request,
- Confirm and track your order,
- Compare and review your information for errors, omissions and accuracy,
- Prevent and detect fraud or abuse,
- Provide and improve our services and product offerings, and develop new ones,
- Identify your product and service preferences,
- Understand our customer demographics, preferences, interests, and behavior,
- Respond to your comments, inquiries and requests,
- Improve marketing and promotional efforts, and overall visitor experience,
- Develop and display third-party content and advertising tailored to your interests on the Site,
- Offer you personalized content, including, without limitation, by providing customized content and advertising, which may be on our Site, other websites, mobile devices or applications, or other channels (whether online or offline),
- Understand our visitor and customer demographics, preferences, interests, and behavior,
- Administer and fulfill our contests and other promotions,
- Contact you regarding products and services (of our affiliates, subsidiaries or business partners) that we believe may be of interest to you,
- Comply with applicable legal requirements and our policies and procedures,
- Create, maintain, or update your profile and/or Account,
- Optimize your experience with us,
- Manage our business, and
- Other uses with your consent.
We may combine the information you provide to us over time and we may combine such information with information that which is publicly available, collected through cookies and other technologies, and information that we receive from our business partners, affiliates, and other third parties. We may use that combined information to better provide you our Site and to better provide you personalized content, customized content, and advertising.
We may, and we may authorize third parties to, create aggregate records from Personal Information by excluding information that makes the information identifiable. We may use and disclose, and authorize third parties to use and disclose, aggregate Non-Personally Identifiable Information at our discretion.
You have the opportunity at any time to remove yourself from our communications by responding to the opt-out information provided on our Site or in our emails, or by contacting us using the contact information provided below.
4. INFORMATION THAT WE MAY SHARE WITH OTHERS
We may share your information, including, without limitation, Personal Information, as follows:
Affiliates: We may share your Personal Information with our affiliates.
Service Providers: We use third-party service providers to perform certain services on our behalf, including, without limitation: shipping, payment processing, billing and collections, data storage/management, webhosting, fulfillment, assembly, marketing and data enhancement, mailing, and emailing as well as various customer, tech and operational support. These entities have their own privacy policies for which we are not responsible and whose terms may apply to you. Please be sure to review them at the links provided or as otherwise possible.
Our storefronts are hosted on Shopify, Inc. (“Shopify”). They provide us with the online e-commerce platform that allows us to sell our products to you. Purchaser data is stored through Shopify's data storage, databases, and the general Shopify application. Shopify (or its third party payment processing vendors) stores purchaser data on a secure server behind a firewall. Please note that we do not ourselves directly process or store the debit/credit card data that purchasers submit. If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase payment transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase payment transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
Special Events: If you choose to participate in a special event (for example, a promotion, contest, or sweepstakes), we may share your information with those organizations participating in the applicable event.
You may opt out of receiving personalized advertisements from advertising companies that are members of the Network Advertising Initiative or who subscribe to the Digital Advertising Alliance's Self-Regulatory Principles for Online Behavioral Advertising by visiting http://www.networkadvertising.org/choices and http://www.aboutads.info/choices.
Compliance with Law and Fraud Protection: We will disclose your information: (1) when we believe in good faith that it is necessary to comply with any applicable law, regulation, legal process, or governmental request, such as lawful requests by public authorities, including, without limitation, to meet national security or law enforcement requirements; (2) in order to investigate, prevent, or take action regarding potential illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, or situations involving potential violations of our Terms and Conditions or other policies; (3) to other companies and organizations for fraud protection and risk reduction; and (4) to enforce any agreement we have with you.
Business Transfer: Your information will be disclosed as part of any merger, sale of company assets or acquisition, as well as in the event of an insolvency, bankruptcy or receivership (or in due diligence leading up to any acquisition), in which case information would be transferred as one of our business assets.
Aggregated Information: We may, and we may authorize third parties to, create aggregated records from Personal Information by excluding information that makes the information identifiable. We may use and disclose, and authorize third parties to use and disclose, aggregated non-Personal Information at our discretion.
We do not knowingly collect Personal Information from minors and the Site and any products or services offered thereby are not directed to minors but are intended for adults over the age of 18 or the age of majority in your jurisdiction. Consistent with applicable law, we do not knowingly collect personal information from minors without the consent of their parent or guardian. If we learn that we have inadvertently obtained information in violation of applicable laws prohibiting collection of information from minors without such consent, upon proper notice, authority, and necessary confirmation of such, we will take steps to promptly delete it.
7. DATA RETENTION
We may transfer your Personal Information from the United States to other countries or regions in connection with storage and processing of data, fulfilling your requests, and operating our business, or we may authorize third parties to do so for these purposes. By providing any information to us, you consent to such transfer, storage, and processing.
We utilize a combination of reasonable, generally-accepted physical and electronic security technologies, procedures, and organizational measures to help protect your Personal Information from unauthorized access, use or disclosure. While we strive to safeguard your Personal Information, no security measures are perfect or impenetrable and no method of data transmission can be guaranteed against any interception or other type of misuse, and we cannot guarantee or warrant the security of any information you disclose or transmit to us.
WE WILL NOT HAVE ANY LIABILITY WHATSOEVER FOR ANY DATA BREACH OR UNAUTHORIZED ACCESS TO USER CONTENT OR OTHER INFORMATION ON OR SUBMITTED THROUGH THE SITE.
If we become aware of a security systems breach, we may attempt to notify you electronically so that you can take appropriate protective steps. For example, we may send you an email or post a notice to a public forum.
Except as otherwise required by law, any information submitted by you on the Site or in connection with your use of the Site, is not considered and will not be treated as confidential.
9. MARKETING CHOICE/OPT-OUT
Where permitted by applicable law, we want to communicate with you on our marketing initiatives, but only if you want to continue to hear from us.
To opt out of receiving email promotions that we send you, you may contact us as indicated below. To opt out of telephone promotions, you can tell us when we call you or you can send us a postal request. To opt out of postal mail promotions, please send us a postal request. Opting out of communication with us does not affect our communications with you via telephone or email related to your orders with us or other transactional emails.
Where required by law, we obtain your prior opt-in consent at the time of data collection for the processing of (i) Personal Information for marketing purposes and (ii) Personal Information deemed sensitive pursuant to applicable law.
9. INFORMATION CHOICES
If you want to view your Personal Information, or delete or modify such information that is inaccurate, you may do so by contacting us as indicated below. If you are an Account Holder, you may update your information by logging into your Account.
In making modifications you must provide only truthful, complete, and accurate information. We may limit your right to make changes to Personal Information where the burden or expense of providing access would be disproportionate to the risks to your privacy or where the legitimate interests of other persons may be violated.
Please note that notwithstanding your request to change or delete Personal Information, we may be required to keep this information and not modify or delete it, or to keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements. When we delete any information, it will be deleted from the active database, but may remain in our archives. In some instances, however, Personal Information that you requested to be removed may be retained in certain files for a period of time in order to troubleshoot problems. In addition, some types of Personal Information may be stored indefinitely on back-up systems or within log files due to technical constraints or financial or legal requirements. Therefore, you should not always expect that all of your Personal Information will be completely removed from our databases in response to your request.
In addition to deleting Personal Information, where you have previously opted-in to receiving email newsletters, promotions or any other email communications from us, you may opt-out of receiving future such communications by following the unsubscribe instructions included in the communications, or by contacting us as described below. All promotional emails from us include an opt-out link which can be processed within 24-hours. You may also opt-out of promotions by sending us an email in response with “unsubscribe” or “opt-out” in the subject line of the email. Opting out of promotional communications does not affect our communications with you via telephone or email related to any business we may have with you or other transactional emails.
We reserve the right to verify the identity of any person making a request to opt-out or to delete or modify incorrect Personal Information, to charge you a fee before providing access and to deny such requests, except as prohibited by law; provided, however, that we will have no liability of any kind resulting from false or erroneous requests or any change or deletion we make for any reason.
11. INTERNATIONAL VISITORS
12. YOUR EUROPEAN UNION PRIVACY RIGHTS
If you are a resident of the European Union, you may have certain additional rights with respect to your Personal Information under the General Data Protection Regulation (Regulation (EU) 2016/679) (the “GDPR”), including, without limitation, the following:
- The right of access to your Personal Information.
- The right to rectify your Personal Information if it is incorrect or incomplete.
- The right to have your Personal Information erased (“right to be forgotten”) if certain grounds are met.
- The right to withdraw your consent to our processing of your Personal Information at any time (if our processing is based on consent).
- The right to object to our processing of your Personal Information (if processing is based on our legitimate interests) provided that we may retain your Personal Information for certain compelling purposes such as legal, auditing, accounting, and billing purposes.
- The right to object at any time to our processing of your Personal Information for direct marketing purposes, including, without limitation, for profiling purposes to the extent that it is related to direct marketing. If you object to processing for direct marketing purposes, we will no longer process your Personal Information for such purposes.
- The right to receive your Personal Information from us in a structured, commonly used and machine-readable format, and the right to transmit your Personal Information to another controller without hindrance from us (data portability).
The following terms shall also apply to our collection, use and retention of the Personal Information of European Union residents:
Basis for collection. As set out above, we collect and process Personal Information for which you have given your express consent at the time of collection. For example, we collect Personal Information when you elect to participate in one of our promotions. We also collect and process Personal Information in order to improve our services, to deliver services and perform obligations under contracts we have with you, and to comply with our own legal obligations.
Sensitive data. We do not collect sensitive data, for example, biometric data, health data, or data revealing racial or ethnic origin, from visitors to our Site.
Authorized transfer. We also may disclose Personal Information for other purposes or to other third parties when you have consented to or requested such disclosure. Please be aware that we will disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We are not liable for appropriate onward transfers of Personal Information to third parties.
Data processors. We may retain third parties to process or analyze Personal Information we collect from our Site. For example, a site may be maintained or hosted by a third party service provider or a promotion may be administered by a sales promotion agency. These suppliers and other third parties who provide services for us are contractually obligated not to use Personal Information about you except as we authorize.
Profiling. We may analyze Personal Information we have collected about you to create a profile of your interests and preferences so that we can contact you with information that is relevant to you. We may make use of additional information about you when it is available from external sources to help us do this effectively. We may also use Personal Information about you to detect and reduce fraud and credit risk.
Your rights. Your rights include: (a) a right to withdraw your consent to the processing of Personal Information about you to which you have previously given consent; (b) a right to object to processing of Personal Information about you for the purpose of direct marketing; and (c) a right to have incorrect Personal Information about you corrected or removed.
If you request to have incorrect Personal Information removed, we may retain some of your Personal Information as necessary for the purposes of our legitimate business interests or in furtherance of public interests in accordance with applicable laws. Any Personal Information you have shared publicly with others may continue to be publicly visible on the Site.
You also have the right to obtain a copy of the Personal Information we have about you, although we reserve the right to charge a fee for this depending on the nature and frequency of your request(s) and our cost to provide the information.
If you are located in the European Union and you are or have been our customer, we may send you marketing communications based on our legitimate interests, subject always to your right to opt out of such communications. Further, if you are located in the EU, we will not share your Personal Information with a third party for such third party's marketing purposes, unless you have specifically consented to us doing so.
You may contact us as indicated below to exercise any of the above rights. We may request specific information from you to confirm your identity, and in some circumstances we may charge a reasonable fee for access to your Personal Information. We are not obligated to make a data access or data portability disclosure if we cannot verify that the person making the request is the person about whom we collected information, or is someone authorized to act on such person's behalf. Any Personal Information we collect from you to verify your identity in connection with your request will be used solely for the purposes of verification.
If you believe that our processing of your Personal Information is inconsistent with your data protection rights under the GDPR and we have not adequately addressed your concerns, you have the right to lodge a complaint with the data protection supervisory authority of your country.
For purposes of the GDPR, we are a “controller” and you are a “data subject.”
13. YOUR CALIFORNIA PRIVACY RIGHTS
If you are a California resident you have the following rights under the California Consumer Privacy Act (CCPA):
Right to Know. You have the right to know and see what data we have collected about you over the past 12 months, including:
- The categories of Personal Information we have collected about you;
- The categories of sources from which the Personal Information is collected;
- The business or commercial purpose for collecting your Personal Information;
- The categories of third parties with whom we have shared your Personal Information; and
- The specific pieces of Personal Information we have collected about you.
Right to Delete. You have the right to request that we delete the Personal Information we have collected from you (and direct our service providers to do the same).
Other Rights. You can request certain information about our disclosure of Personal Information to third parties for their own direct marketing purposes during the preceding calendar year. This request is free and may be made once a year. You also have the right not to be discriminated against for exercising any of the rights listed above.
Certain information may be exempt from such requests under applicable law. For example, we need certain types of information so that we can provide our Site to you. If you ask us to delete it, you may no longer be able to access or use our Site.
To exercise your rights under the CCPA, please contact us as indicated below. Please provide your full name and e-mail address so that we may respond to your request as quickly as possible. You will be required to verify your identify before we fulfill your request. To do so, you will need to provide us with certain Account information, such as your full name and email address. You can also designate an authorized agent to make a request on your behalf. To do so, you must provide us with written authorization for the agent to act on your behalf. You will still need to verify your identity directly with us.
We collect the following categories of Personal Information:
- Identifiers (e.g., your name, Account number, email address, IP address)
- Commercial/transactional information (e.g., your purchase information)
- Internet or other electronic network activity information (e.g., information about your website or app usage)
- Geolocation data (e.g., your physical location)
- Visual information (e.g., any photographs you upload on your Account)
- Inferences (e.g., analytics and preferences)
We use and disclose these categories of information to enable use of our websites, services, and products, to communicate with you, to understand how our users interact with our Site, to facilitate purchases, and to improve our offerings as otherwise described in this Policy.
California law requires certain disclosures about Personal Information we “sell,” which for the purposes of the California Consumer Privacy Act, means making Personal Information available to third parties in exchange for valuable consideration, which some may claim includes allowing advertising companies to collect unique cookie IDs through our sites when you use our Site. Under that interpretation, we may “sell” Personal Information to advertise our products to you. In the preceding 12 months, we may have “sold” the following categories of Personal Information to the following categories of third parties:
- Categories: The specific pieces of Personal Information we have collected about you.
- Third Parties: Interest-based advertising partners.
“Do not track”: Section 22575 of the California Business & Professions Code requires website and online service operators to disclose whether they honor web browser “Do Not Track” settings. Some browsers incorporate a “Do Not Track” (DNT) feature that, when turned on, signals to websites and online services that you do not wish to be tracked. Because there is not yet an accepted standard for how to respond to browser DNT signals, we do not currently respond to them. For more information about Do Not Track, please visit www.allaboutdnt.org.
“Shine the Light” law: Effective January 1, 2005, under California Civil Code Section 1798.83, if an individual who is a California resident has provided Personal Information to a business in connection with a business relationship that is primarily for personal, family, or household purposes, and if that business has within the immediately preceding calendar year disclosed such an individual’s Personal Information to a third party and knows or should have known that such third party used the information for its own direct marketing purposes, then that business is obligated to disclose in writing to such individual upon request, what Personal Information was shared and with whom it was shared.
Any request for a disclosure required under this California law should be sent to us as indicated below in the Contact Us section below.
Please note that under this law, we are not required to respond to your request more than once in a calendar year, nor are we required to respond to any request that is not sent to the email or mailing address designated above.
14. NEVADA RESIDENTS
We do not “sell” personal information as defined under Nevada’s consumer privacy law (SB 220). As an added assurance to individuals who entrust their personal data to us, they may sign up for a Do Not Sell My Information Log that we maintain. To do so, please email us as indicated below, and include the reference line “Nevada Do Not Sell”. We may contact you for additional information in order to process your request.
15. HOW TO CONTACT US
By Email: firstname.lastname@example.org
By Email: email@example.com
Last updated 10 October 2022