What personal information do we collect from the people that visit our blog, website, or app?
When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, mailing address, phone number, credit card information, or other details to help you with your experience.
When do we collect information?
We collect information from you when you place an order or enter information on our site. We also collect customer data through a network of partners who act as our customer data processors:
Rezdy for the customer data collection and payment processing.
Zoho as our CRM platform.
How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways: • To quickly process your transactions, provide services that you requested and otherwise fulfill the purposes for which you provided the information. • To send periodic emails regarding your order or other products and services, but you can opt-out by clicking “unsubscribe” link in the body of the email. • To follow up with you after correspondence (e.g., live chat, email or phone inquiries)
To notify you about changes to our site or any services we offer or provide though it.
To carry out our legal obligations and enforce our rights.
In any other way we may describe when you provide the information.
How do we protect your information?
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible. We use regular Malware Scanning. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user places an order enters, submits, or accesses their information to maintain the safety of your personal information.
All transactions are processed through a gateway provider and are not stored or processed on our servers.
However, we cannot guarantee the absolute security of your personal information transmitted to our site because any transmission of information over the Internet has its inherent risks. You are responsible for keeping your login credentials, if any, confidential.
Do we use ‘cookies’?
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since each browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.
If you turn cookies off, some of the features that make your site experience more efficient may not function properly. It won’t affect the user’s experience that makes your site experience more efficient and may not function properly.
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when it’s release is appropriate to comply with the law, enforce our site policies, or protect our or others’ rights, property, or safety. We may disclose PII to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of the site’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal information about our site users is among the assets transferred.
However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
We do not include or offer third-party products or services on our website.
We have implemented the following: • Remarketing with Google AdSense • Demographics and Interests Reporting
We, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website.
Opting Out: Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt-out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt Out Browser add on.
California Online Privacy Protection Act
How does our site handle Do Not Track signals? We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
Does our site allow third-party behavioral tracking? It’s also important to note that we allow third-party behavioral tracking
Our site is not directed to children under the age of 16. We do not knowingly collect any personal information about children under the age of 16. If we obtain actual knowledge that we have collected personal information about a child under the age of 16, that information will be promptly deleted from our database, unless it is necessary to retain it for legal purposes.
If a parent believes that his or her child has submitted personal information to us, he or she can contact us via e-mail. We will promptly delete the information upon learning that it relates to a child under the age of 16. Please note that it is possible some of this information may remain archived in weblogs and back-up archives after we delete the information from our active database.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur: • Notify data subject within 1 business day
We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations. We collect your email address in order to: • Send information, respond to inquiries, and/or other requests or questions • Process orders and to send information and updates pertaining to orders. • Send you additional information related to your product and/or service • Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.
To be in accordance with CANSPAM, we agree to the following: • Not use false or misleading subjects or email addresses. • Identify the message as an advertisement in some reasonable way. • Include the physical address of our business or site headquarters. • Monitor third-party email marketing services for compliance, if one is used. • Honor opt-out/unsubscribe requests quickly. • Allow users to unsubscribe by using the link at the bottom of each email.
If at any time you would like to unsubscribe from receiving future emails, you can email us at firstname.lastname@example.org and we will promptly remove you from ALL correspondence.
Your information, including Personal Information, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.
If you are located outside the United States and choose to provide information to us, please note that we transfer the information, including personal information, to the United States and process it there, if there is a legal basis for us to do it. YOUR USE OF OUR SERVICE FOLLOWED BY YOUR SUBMISSION OF PERSONAL INFORMATION REPRESENTS YOUR AGREEMENT TO THAT TRANSFER.
EU users’ rights
Your GDPR rights to be informed, to access, rectify, erase or restrict the processing of your personal information. You have the right to receive free information about what personal data we have obtained about you, where it is stored, for how long, for what purposes it is used, to whom it was disclosed. You have the right to require that we, without undue delay, rectify of inaccurate personal data concerning you. That means you can request we change your personal data in our records, or have you incomplete personal data completed. You have the “right to be forgotten,” i.e. to have us delete your personal information, without undue delay, if the data is no longer necessary in relation to the purposes for which it was collected. However, GDPR gives us the right to refuse erasure if we can demonstrate compelling legitimate grounds for keeping your information.
GDPR gives you the right to restrict the processing if any of the following applies: if you contest the accuracy of your personal data, we will restrict processing it for a period enabling us to verify its accuracy.
ii. The processing is unlawful and you oppose its erasure and request instead of the restriction of its use.
iii. We no longer need your personal data for the purposes of the processing, but you require us to restrict processing for the establishment, exercise, or defense of legal claims.
iv. You have objected to processing pursuant to Article 21(1) of the GDPR pending the verification whether our legitimate grounds override yours.
Right to data portability. Upon request, we will provide you your personal data in our possession, in a structured, commonly used, and machine-readable format. You have the right to transmit that data to another controller if doing so does not adversely affect the rights and freedoms of others.
Right to object. You can object, on grounds relating your particular situation, at any time, to processing of your personal information, if based on point (e) or (f) of Article 6(1) of the GDPR. We will then have to stop processing unless we can demonstrate compelling legitimate grounds for the processing. If you object to the processing for direct marketing purposes, we will have to stop processing for these purposes.
Right to withdraw consent. GDPR grants you the right to withdraw your earlier given consent, if any, to processing of your personal data at any time.
Rights related to automated decision making. As a responsible business, we do not rely on any automated decision making, such as profiling.
We retain your personal data for as long as your account is active or for as long as we need it to fulfill the purposes for which we have initially collected it unless otherwise permitted or required by law. We will retain and use information as necessary to comply with our legal obligations, resolve disputes, and enforce our rights. We will cease to retain your personal data or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes.