Last Revised October 2019
SECTION 1 – TYPES OF DATA WE COLLECT
“Personal Data” means data that allows someone to identify or contact you, including, for example, your name, address, telephone number, e-mail address, as well as any other non-public information about you that is associated with or linked to any of the foregoing data, such as information associated with the account you maintain with us, and billing information that you provide to us.
“Anonymous Data” means data, including aggregated and de-identified data, that is not associated with or linked to your Personal Data; Anonymous Data does not, by itself, permit the identification of individual persons. We collect Personal Data and Anonymous Data, as described below.
(a) Information You Provide to Us.
〈 We may collect Personal Data from you, such as your first and last name, gender, e-mail and mailing addresses, professional title, company name, and password when you submit that information into the Site.
〈 When you purchase products from our online store, we will collect all information necessary to complete the transaction, including your name, mailing address, credit card information, and billing information. Shopify Inc. provides us with the online e-commerce platform that allows us to sell our products and services to you. Your Personal Data relating to your purchase of products through our Site is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall. If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers. For more insight, you may also want to read Shopify’s Terms of Service here or Privacy Statement here.
〈 If you provide us feedback or contact us via e-mail, we will collect your name and e-mail address, as well as any other content included in the e-mail, in order to send you a reply.
〈 When you participate in one of our surveys, we may collect additional profile information.
〈 We may also collect Personal Data at other points in our Site that state that Personal Data is being collected.
You may also provide information to be published or displayed (“posted”) on public areas of the Site, or transmitted to other users of the Site or third parties (collectively, “User Contributions”). Your User Contributions are posted on and transmitted to others at your own risk. Please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Site with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.
(b) Information Collected via Technology. As you navigate through and interact with our Site, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions and patterns, including:
〈 Information Collected by Our Servers. To make our Site and Services more useful to you, our servers (which may be hosted by a third party service provider) collect information from you, including your browser type, operating system, Internet Protocol (“IP”) address (a number that is automatically assigned to your computer when you use the Internet, which may vary from session to session), domain name, and/or a date/time stamp for your visit.
〈 Log Files. As is true of most websites, we gather certain information automatically and store it in log files. This information includes IP addresses, browser type, Internet service provider (“ISP”), referring/exit pages, operating system, date/time stamp, and clickstream data. We use this information to analyze trends, administer the Site, track users’ movements around the Site, gather demographic information about our user base as a whole, and better tailor our Services to our users’ needs. For example, some of the information may be collected so that when you visit the Site or the Services again, it will recognize you and the information could then be used to serve advertisements and other information appropriate to your interests.
〈 Pixel Tags. In addition, we use “Pixel Tags” (also referred to as clear Gifs, Web beacons, or Web bugs). Pixel Tags are tiny graphic images with a unique identifier, similar in function to Cookies, that are used to track online movements of website users. In contrast to Cookies, which are stored on a user’s computer hard drive, Pixel Tags are embedded invisibly in Web pages. Pixel Tags also allow us to send e-mail messages in a format users can read, and they tell us whether e-mails have been opened to ensure that we are sending only messages that are of interest to our users. We may use this information to reduce or eliminate messages sent to a user. We may tie the information gathered by Pixel Tags to our users’ Personal Data.
〈 Response to Do Not Track Signals. We do not currently respond to “do not track” signals or other mechanisms that might enable Users to opt out of tracking on our site.
〈 Flash LSOs. When we post videos, third parties may use local shared objects, known as “Flash Cookies,” to store your preferences for volume control or to personalize certain video features. Flash Cookies are different from browser Cookies because of the amount and type of data and how the data is stored. Cookie management tools provided by your browser will not remove Flash Cookies. To learn how to manage privacy and storage settings for Flash Cookies, click here: http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html.
(c) Location Information. If you have enabled location services on your phone, we collect your location information to make a map available to the recipients of your messages showing your location. If you do not want this information collected by us, you can disable location services on your phone.We do not collect Personal Data automatically, but we may tie the information that we collect automatically to Personal Data about you that we collect from other sources or that you provide to us.
SECTION 2 – WHAT DO WE DO WITH YOUR INFORMATION?
(a) General Use. In general, Personal Data you submit to us is used either to respond to requests that you make, or to aid us in serving you better. We use your Personal Data in the following ways:
• facilitate the creation of and secure your account on our network;
• identify you as a user in our system;
• provide improved administration of our Site and Services;
• provide the Services you request, to carry out our obligations arising from any contracts we enter into with you, and to perform any related administrative activities necessary for us to provide you those Services or to carry out those obligations;
• improve the quality of experience when you interact with our Site and Services;
• send you a welcome e-mail to verify ownership of the e-mail address provided when your account was created;
• send you administrative e-mail notifications, such as security or support and maintenance advisories;
• respond to your inquiries related to employment opportunities or other requests;
• in any other way we may describe when you provide the Personal Data;
• send newsletters, surveys, offers, and other promotional materials related to our Services and for our other marketing purposes; and • to notify you about changes to our Services, in part due to our legitimate interest in keeping you informed about our Services;
• share your Personal Data with third parties that carry out certain activities on our behalf that involve the processing of Personal Data (to achieve our legitimate interest in improving the Services); for example, we share cookie and other information with entities such as Google and Facebook in order to make our Services and advertising more relevant to you;
• when required by law, such as when we respond to subpoenas, court orders or legal process or to protect the rights, property or safety of ourselves, our customers, affiliates or others (or to comply with our legal obligations); and
• when we believe it is necessary in order to investigate, prevent, or take action regarding illegal or improper activities, suspected fraud, potential threats to the rights, property or safety of ourselves, our customers, affiliates or others (to achieve our legitimate interests in protecting such entities and persons against these legal or commercial threats).
(b) Marketing Activities. We may use your Personal Data to contact you about our own and third parties’ goods and services that may be of interest to you. If you do not want us to use your information in this way, please send us an email at email@example.com.
(c) How Long We Keep Personal Data. We keep your Personal Data only for as long as is necessary for the purposes for which we are using it. The period for which we keep your Personal Data is determined by a number of criteria, including the purposes for which we are using the information, the amount and sensitivity of the information, the potential risk from any unauthorized use or disclosure of the information, and our legal and regulatory obligations.
(d) User Testimonials and Feedback. We solicit and receive testimonials, survey results, and comments from users who have had experiences with our Services. We occasionally publish such content. When we publish this content, we may identify our users by their first and last name and may also indicate their home city. By providing testimonials, survey responses, and comments, you consent to our publishing of this content on our website and in our marketing materials and communications. If you make any comments on a blog or forum associated with our Site, you should be aware that any Personal Data you submit there can be read, collected, or used by other users of these forums, and could be used to send you unsolicited messages. We are not responsible for the Personal Data you choose to submit in these blogs and forums.
(e) Creation of Anonymous Data. We may create Anonymous Data records from Personal Data by excluding information (such as your name) that makes the data personally identifiable to you. We use this Anonymous Data to analyze request and usage patterns so that we may enhance the content of our Services and improve Site navigation. We reserve the right to use Anonymous Data for any purpose and to disclose Anonymous Data to third parties without restriction.
SECTION 3 – CONSENT
SECTION 4 – DISCLOSURE
(a) Third Party Service Providers. We may share your Personal Data with third party service providers to: provide you with the Services that we offer you through our Site; to conduct quality assurance testing; to facilitate creation of accounts; to provide technical support; and/or to provide us with other services. Certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions. For these providers, we recommend that you read their privacy policies so you can understand the manner in which your Personal Data will be handled by these providers. In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located. As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
(f) Other Disclosures. We may also disclose your Personal Data, to fulfill the purpose for which your provide it; for any other purpose disclosed by us when you provide it; or with your consent.
SECTION 5 – THIRD-PARTY WEBSITES
SECTION 6 – YOUR CHOICES REGARDING INFORMATION
You have several choices regarding the use of your information with respect to our Services:
(b) Cookies. If you decide at any time that you no longer wish to accept Cookies from our Service for any of the purposes described above, then you can instruct your browser, by changing its settings, to stop accepting Cookies or to prompt you before accepting a Cookie from the websites you visit. Consult your browser’s technical information. If you do not accept Cookies, however, you may not be able to use all portions of the Service or all functionality of the Service. If you have any questions about how to disable or modify Cookies, please let us know at the contact information provided below.
(c) De-Linking SNS. If you decide at any time that you no longer wish to have your SNS account (e.g., Facebook) linked to your account, then you may de-link the SNS account in the “preferences” section in your account settings. You may also manage the sharing of certain Personal Data with us when you connect with us through an SNS, such as through Facebook Connect. Please refer to the privacy settings of the SNS to determine how you may adjust our permissions and manage the interactivity between the Services and your social media account or mobile device.
(d) Changing or Deleting Your Personal Data. All users may review, update, correct or delete the Personal Data in their user account by contacting us or editing their profile via the Services. We will use commercially reasonable efforts to honor your request. We may retain an archived copy of your records as required by law or for legitimate business purposes.
SECTION 7 – SECURITY
To protect your Personal Data, we take reasonable precautions and follow industry standard practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. Unfortunately, no data transmission over the internet or electronic storage system is 100% secure; therefore, we are unable to guarantee its absolute security.
SECTION 8 – AGE OF CONSENT
By using the Site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use the Site.
We do not intentionally gather Personal Data from visitors who are under the age of 13. If a child under 13 submits Personal Data to us and we learn that the Personal Data is the information of a child under 13, we will attempt to delete the information as soon as possible. If you believe that we might have any Personal Data from a child under 13, please contact us at firstname.lastname@example.org.
SECTION 9 – CALIFORNIA CONSUMER PRIVACY ACT OF 2018
If the California Consumer Privacy Act of 2018 (the “CCPA”) applies to our use of any of your Personal Data, the CCPA provides you with the following rights in relation to that Personal Data:
• to know what Personal Data is being collected about you and from what sources;
• the right to request the specific categories of information a business collects upon verifiable request;
• to know what categories of your Personal Data is sold or disclosed and to whom;
• the business or commercial purpose for collecting or selling your Personal Data;
• to say “no” to the sale of your Personal Data;
• to access your Personal Data;
• to request a business delete any Personal Data about you collected from you; and not be discriminated against for exercising your privacy rights.
You can exercise these rights at any time by contacting us at any time using the details in the section of this privacy statement headed “QUESTIONS AND CONTACT INFORMATION” or by clicking “Do not sell my personal information” or by clicking “Request to know my personal information” or by clicking “Request to delete my personal information”.
SECTION 10 – USERS OUTSIDE OF THE UNITED STATES
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any Personal Data we have about you, register a complaint, or simply want more information, contact our Privacy Compliance Officer at email@example.com or by mail at:
Earthly Treats, Inc.
Attn: Privacy Compliance Officer
100 Passaic Ave, Suite 100,
Fairfield, NJ, 07004