Effective July 1, 2018.
Residents of the European Economic Area (“EEA”), which includes the member states of the European Union (“EU”), should consult the sections of this policy relating to the “Rights of EEA Residents” and “International Data Transfers” for provisions that may apply to them.
Personal Data That We Collect and How We Use It
We may collect certain Personal Data about you when you visit the Site, establish an account, make a purchase, contact us, participate in certain special offers, purchase a gift card, subscribe to our newsletter or publications or otherwise avail yourself of our Services. “Personal Data” is information that may be used to directly or indirectly identify you, including your name, e-mail address, physical address, phone number, geographical information or other information about you. The majority of such Personal Data is collected when you register for or use our Services. Some of the Personal Data that we collect is required if you wish to partake in certain Services that we provide. In general, the type of Personal Data we collect includes, but is not limited to: Personal Data necessary to use the Services you have requested; Personal Data to contact you to promote our Services or alert you to special offers or features; Un-identifiable or aggregated Personal Data pertaining to your Site visits that help us maintain the appropriate features, functionality and user experience
We use this Personal Data to: (i) add you to our e-mail lists; (ii) register you for an account; (iii) provide the Services you have requested, including processing orders; (iv) guard against potential fraud; (v) contact you or send you offers; (vi) provide answers to your inquiries or questions; and (viii) maintain regular communication with you as may be necessary to inform you about our Services.
Please note that we will only collect your credit card or other payment information if you choose to purchase our products online via the Site. If you do make such an online purchase, our payment processing partner will collect your payment information and process your payment. We do not store any credit card information or share it with anyone other than our payment processor. We also do not have access to your full credit card number.
Privacy in Submitted Materials
If you submit product reviews or comments to us, such reviews or comments may be displayed on the Site. By submitting such materials, you forego any privacy rights in such materials. We may share product reviews and postings submitted by you with third parties. We will not include any Personal Data with the product reviews that we share with such third parties, but may include your first name with the contents of the review or posting. Please consult the Terms of Service relating to submission of Personal Data to the Site.
Non-Identifiable Data and Aggregated Personal Data
We or our service providers may also collect web surfing data related to your use of the Site. Such information may include: your Internet Protocol (IP) address, browser type, and internet service provider (ISP); your operating system; which of our web pages you access and how frequently you access them; referral or exit pages; click stream data; and the dates and times that you visit the Site. This data may be collected using cookies, web beacons, page tags or similar tools. As with cookies, the web surfing information is anonymous, "click stream" transactional data that is not associated with any users as individuals.
Web surfing data and similar information may be aggregated for administrative and analytic purposes. We may, for example, use this aggregated information in the administration of the Site or share it with third parties to improve its usability and to evaluate the success of marketing and advertising campaigns, search engine optimization strategies, operation and effectiveness of pages on our website, and other marketing activities. We also use it to help optimize the Site based on the needs of our users.
We may engage certain third-party ad network service providers, such as Google Adwords or Criteo, to serve advertisements on our behalf across the Internet and to provide analytics services. These entities may utilize Cookies or other technology (including within the ads) to collect information from you such as your IP address, web browser, pages viewed, time spent on pages, how you use our Website, items you put in your basket, any links you click on, and conversion information. This information may be used by us and others to, among other things, analyze and track data, determine the popularity of certain content or products, measure the effectiveness of ad campaigns, determine the proper amount of repeat views of a given ad, and deliver advertising and content targeted to your interests on our Sites and other websites (also known as “interest-based advertising”).
How and When Your Information Is Shared With Other Parties
We will not disclose, rent or share your Personal Data with other parties, except as disclosed below. We work with a number of trusted partners who may perform vital functions as part of our operations. We do not share your Personal Data unless it is necessary to fulfill our responsibilities, including providing information or Services to you.
Additional Sharing of Information
We may engage third parties to help us carry out certain other internal functions such as account processing, client services, or other data collection relevant to our business. For example, we may share information with our payment processors, although we do not store your payment card information in full. Personal Data is shared with these third parties only to the extent necessary for us to process the transactions you initiate or perform other specific services.
We may share your Personal Data with law enforcement or other government agencies as required by law or for the purposes of limiting fraud. We reserve the right to disclose your Personal Data when we believe that disclosure is necessary to protect our rights or to comply with a judicial proceeding, court order or legal process. We further reserve the right to disclose any of your Personal Data that we believe, in good faith, appropriate or necessary to take precautions against liability, to investigate and defend against any third-party claims or allegations, to assist government enforcement agencies, to protect the security or integrity of the Site or our services, or to protect the rights, property or personal safety of us, our users, issuers, or others.
We may share or disclose information that we collect from you, including Personal Data, if we are acquired as a result of a transaction such as a merger, acquisition or asset sale or if our assets are acquired by a third party in the event we go out of business or enter bankruptcy. We will not share your Personal Data if such sharing is prohibited by applicable privacy and data protection law, including, without limitation, the EEA’s General Data Protection Regulation effective May 25, 2018.
From May 25, 2018, all processing of Personal Data of EEA Residents is performed by us in accordance with the General Data Protection Regulation (2016/679) of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons regarding the processing of Personal Data and on the free movement of such data (“GDPR”).
Under the GDPR, we are both the controller and a co-processor of the Personal Data of EEA Residents. Our purpose for collecting and processing Personal Data from EEA Residents is to provide them with information regarding our Services. We do not, however, ship our products outside the United States from our Site. The legal basis for collecting Personal Data is your consent to obtain information about our Services. You may withdraw consent from receiving marketing and promotional communications by clicking the “Unsubscribe” link on the communication or contacting us at email@example.com. If EEA Residents do not provide Personal Data to us or withdraw consent for processing such Personal Data, we may not be able to provide such residents with information regarding our Services. You may still be able to obtain information regarding our products or purchase products through one of the sites run by our authorized distributors.
EEA Residents may obtain information about the Personal Data that we hold about them by contacting us at firstname.lastname@example.org.
International Data Transfers
If you are resident outside the United States, including in the EEA, we transfer Personal Data provided to you for processing in the United States. Under the GDPR, we are considered a “controller” and a “co-processor” of the Personal Data of EEA Residents. By providing Personal Data to us for the purpose of obtaining information about our Services, you consent to the processing of such data in the United States. The transfer of your Personal Data to the United States is necessary for the performance of a contract between you and us for obtaining Services. You may always discontinue consent for obtaining information about our products, as outlined in the following section.
Please note that the United States does not have data protection laws equivalent to those in the EEA and other jurisdictions.
Notifications and Communications from Our Website/Opt-Out Rights
Communications Regarding Our Services We will send you email notifications and free newsletters from time to time. Some notifications are communications relating to us and our Services. You may “opt-out” from receiving such communications by following the “Unsubscribe” instructions provided in the e-mail.
Account and Order Communications If you purchase Services, including courses or applications, we may send you confirmations of the purchase and updates as to its status. Generally, you may not opt out of such emails.
Deleting Your Information If you want us to delete your Personal Data and your account, please contact us at email@example.com with your request. We will take steps to delete your information as soon as we can, but some information may remain in archived/backup copies for our records or as otherwise required by law.
Personal Data Retention
Links to Other Sites
We take commercially reasonable steps to protect our customers’ Personal Data against unauthorized disclosure or loss. However, no data transmission over the Internet can be guaranteed to be 100% secure. Therefore, while we strive to protect user information we cannot ensure or warrant the security of any information you transmit to us or from the Site. You engage in such transmissions at your risk.
If you believe your Personal Data is being improperly used by us or any third party, please immediately notify us via email at firstname.lastname@example.org.
Children Under 13
Our Sites are restricted to the use of adults over the age of majority in their place of residence. No portion of the Sites is directed to children under the age of 13. Consequently, we do not knowingly collect personal identifying information from any person we know is a child under the age of 13. In the event that we learn that we have collected personal information from a child under age 13 we will delete that information as quickly as possible. If you are a parent or guardian of a child under 13 years of age and you believe your child has provided us with Personal Information, please contact us at email@example.com.
Do Not Track
Although some browsers currently offer a “do not track (‘DNT’) option,” no common industry standard for DNT exists. We therefore do not currently commit to responding to browsers’ DNT signals.
Your California Privacy Rights
Under certain circumstances, California Civil Code Section 1798.83 states that, upon receipt of a request by a California customer, a business may be required to provide information regarding how that business has shared personal information of customers with third parties for direct marketing purposes. If you have any questions regarding the disclosure of your personal information to third parties, please contact us at firstname.lastname@example.org.
Your Rights and Obligations
We ask that you keep the Personal Data that you provide to us current and that you correct any information you have provided us by contacting us at email@example.com. You represent and warrant that all Personal Data you provide us is true and correct and relates to you and not to any other person.
If you are a resident of the EEA and wish to access or correct the Personal Data that we have about you or have any questions relating to the processing of your Personal Data, please contact us at firstname.lastname@example.org with the subject line “GDPR Data.”
If you use the Site, you are responsible for maintaining the confidentiality of your account and for restricting access to your computer or device, and you agree to accept responsibility for all activities that occur under your account.