We are committed to respecting and protecting the confidentiality and security of your personal information when visiting our website (the “Website”) and using our products and services.
GDPR COMPLIANCE (European Union and European Economic Area)
For the purposes of complying with GDPR for customers residing in or carrying on business in locations where GDPR applies and/or local legislation implementing GDPR applies, we will be the “Processor” and our customers will be the “Controller” as these terms are defined in the GDPR with respect to any Personal Information collected on behalf of our customers through use of the Services. We will comply with our obligations as Controller under the GDPR with regard to any Personal Information collected on our own behalf.
INFORMATION WE COLLECT
You are under no obligation to provide Personal Information to us. However, certain Personal Information is essential for the use and quality of your experience using the Website and/or the Services. Information we collect may include some or all of the following:
- Voluntary information. If you visit our Website, request or subscribe to marketing materials, download content, contact us, or purchase, register or subscribe to any of the Services, we will collect any Personal Information that you voluntarily provide to us (that may include your IP address, name, title, address, email address and telephone number, and contact preferences) in order to respond to your request or enquiry.
- Device information. We may collect specific types of connection details and information with regard to your device, software or hardware that may identify you, such as your device’s unique identifiers (e.g. UDID, IMEI, MAC address), IP address and geo-location data.
- Technical information. In order to enhance the functionality of our Website and to provide you with a better user experience, we may collect technical information transmitted by your device, including certain software and hardware information (e.g. your language preference, the type of browser and operating system your device uses, access time, the domain name of the website from which you linked to our Services, etc.).
- Analytics information. We collect information about your use of our Services, such as log files, user activity (e.g. pages viewed, the amount of time spent on particular pages, online browsing, clicks, actions), time stamps, alerts, etc. This information is collected for, among other things, troubleshooting errors and bugs, as well as for research, profiling and analytics purposes about your use of our Website and Services, and providing you with tailored marketing and personalized products and Services.
PURPOSES FOR COLLECTING INFORMATION
We collect, use and disclose Personal Information for the following purposes:
- to develop, manage, deliver and support our products and Services;
- to ensure high standards of service to customers;
- to contact our customers with regard to the Services, as well as administrative or account-related information;
- to respond to enquiries and fulfill requests, such as sending requested materials or documents regarding our Services;
- to provide marketing and promotional communications (where this is in accordance with applicable law), and to determine the effectiveness of marketing and promotional campaigns;
- to verify a customer’s identity;
- to process transactions;
- to perform data analysis, audits, fraud monitoring and prevention, develop new products, improve or modify our Services, and identify usage trends;
- to identify and disclose any suspected unlawful, fraudulent, or other improper activity connected with our Website and Services;
- to comply with applicable laws, comply with any legal or regulatory processes, enforce our terms and conditions, and protect our operations, rights, safety or property.
LEGAL BASIS FOR COLLECTING INFORMATION
Our legal basis for collecting, using and disclosing Personal Information will depend on the Personal Information concerned and the specific context in which we collected it, including:
- Where you have given us consent. We collect, use and share your Personal Information for the purpose of marketing to you, where you have given us consent to do so. At any time you can withdraw your consent to us marketing to you by following the unsubscribe instructions provided in the email or other communication that you receive from us.
- Where the processing is necessary for the performance of Services you have engaged in with us. We collect, use and share your Personal Information where such information is essential to provide Services to you. You are under no obligation to provide such Personal Information to us. However, you might not be able to access and/or use some or part of the Services if you choose to withhold Personal Information that is required for those Services.
- Where the processing is necessary for us to comply with our legal obligations. In some circumstances, we are legally required to collect, use and share your Personal Information. For example, in connection with the prevention, detection or investigation of a crime or fraud. Where we process your Personal Information in order to comply with our legal obligations, we may need to retain such information in order to demonstrate that we have complied with our legal obligations.
- Where the processing is necessary for a task carried out in the public interest. We collect, use and share your Personal Information where such processing is necessary for the purposes of the prevention or detection of an unlawful act, or is necessary for the exercise of a protective function (such as protecting members of the public against dishonesty or other improper conduct). We may rely on this as a legal basis for processing and/or sharing data relating to criminal convictions or offenses.
SHARING PERSONAL INFORMATION
- We share Personal Information with our affiliates, employees, contractors, consultants, service providers, business partners, charitable partners, and other parties who require such information to assist us with providing you with the Services.
- We use third party service providers in order to advertise and market to you and manage our database and advertising activities. Your Personal Information may be shared with these third parties in order for them to provide such services to us.
- We may use and disclose aggregated and anonymous or de-identified information to third parties, including the general public. For example, we may analyze and publish reports on usage trends or statistics from across our customer base for information or marketing purposes, but only after we have removed any identifying Personal Information. This type of aggregated and anonymous or de-identified data can help us improve our products, Services and advertising, and to better understand trends in the industry.
We use certain types of cookies on the Website. “Cookies” are small text files containing small amounts of information which are downloaded to your device when you visit a website, so that the website can remember some information about your browsing activity on the website, either for the duration of your visit or for repeat visits. The cookies are then sent back to the originating website on each subsequent visit, or to another website that recognizes that cookie. Cookies are useful because they allow a website to recognize a user’s device. They do many different jobs, like letting you navigate between pages efficiently, remembering your preferences, and generally improving your user experience. In general, cookies make the interaction between you and websites faster and easier. The following describes the types of cookies that we currently use or may in the future use on our Website:
- Session Cookies. These are temporary cookies that expire when you close your browser. A session cookie assigns a randomly-generated, unique identification number to your device when you access the Website. Assigning your device a number facilitates the proper functioning of the features of our Website by permitting us to maintain a persistent “state” for your session, including information relating to transactions you might make. We also use session cookies to collect anonymous information (i.e. information that does not identify you personally) about the ways users use the Website, such as which pages they visit, which links they use, and how long they stay on each page. We analyze this information (known as “click-stream information”) to better understand our users’ interests and needs and to improve the content and functionality of the Website.
- Persistent Cookies. Unlike a session cookie, a “persistent cookie” does not expire when you close your browser, it stays on your device until the expiration date set in the cookie (for example, at the end of a calendar month), or until you delete it. Persistent cookies can be used to “tag” your device so that the next time you visit (or someone using your device visits), our server will recognize you, not by name, but by the “tag” on your device. This will enable us to provide you with a personalized experience even if we do not know who you are. It will also allow us to collect more accurate information about the ways people use the Website, for example, how people use the Website on their first visit and how often they return. Using persistent cookies permits us to provide you with a more personalized experience and, in some cases, may save you the trouble of re-entering information already in our database.
- Strictly necessary cookies. These cookies are essential for the running of our Website. Without these cookies, parts of our Website would not function. They enable you to move around the Website and use its features, such as accessing secure areas. These cookies do not track where you have been on the Internet and do not gather information about you.
- Performance cookies. These cookies are used to monitor the performance of our Website, for example, to determine the number of page views and the number of unique users the Website has. Web analytics services may be designed and operated by third parties on our behalf. The information provided by these cookies allows us to analyze patterns of user behavior, and we use that information to enhance user experience or identify areas of the Website that may require maintenance. These cookies do not collect information that identifies a visitor. All information collected through these cookies is aggregated and therefore anonymous.
- Functional cookies. These cookies allow the Website to remember choices you make (such as your preferences, language or the region you are in) and provide enhanced, more personal features. These cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customize. The information these cookies collect may be anonymized, and they cannot track your browsing activity on other websites.
- Targeting or advertising cookies. These cookies, which may be placed on your device by us or our trusted third party service providers, remember that you have visited a website and use that information to provide you with advertising which is tailored to your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign. They remember that you have visited a website and this information is shared with other organizations such as advertisers. Without these cookies, online advertising you encounter will be less relevant to you and your interests.
- Web Beacons. When you visit our Website, your device may receive one or more “web beacons” in order to assist us with delivering cookies, to collect anonymous information about the use of the Website by our users, and to deliver customized or targeted content to you on the Website and through our partners. Web beacons (also referred to as “tracking pixels,” “1×1 gifs,” “single-pixel gifs,” “pixel tags,” or “action tags”) are graphic images, usually no larger than a 1×1 pixel, placed at various locations on the Website. They also help us identify browser types, search terms that bring users to our Website, and the domain names of websites that refer traffic to us. We also utilize web beacons to provide us with more information on any emails we send out. In particular, a web beacon in an email communication will send us information to let us know that you have received, opened, or acted upon an email you have chosen to receive from us.
Some people find the idea of a website storing information on their device intrusive. If you would prefer to opt out of cookies, it is possible to manage them by changing the cookie settings on your device in your browser settings. Existing cookies that have already been set can be deleted from your hard drive. You can also block some or all cookies. However, you should be aware that you might lose some features and functionality of our Website or Services if you do so.
THIRD PARTY LINKS
Our Website may contain links to third party sites, including the websites of our partners, and we recommend and encourage you to read the privacy policies posted on those third party sites. We are not responsible for and have no control over information that is submitted to, or collected by, these sites.
We will retain your Personal Information for as long as necessary to fulfill the purposes for which it was collected, or to comply with applicable legal, tax or regulatory requirements. After this time, any Personal Information you have provided to us will be deleted or made anonymous.
You have a number of rights with regard to your Personal Information, which are detailed below. Some of these only apply in specific circumstances and are qualified in several respects by exemptions in data protection legislation. We will advise you in our response to your request if we are relying on any such exemptions.
- Accuracy and Correction. We will make reasonable efforts to ensure that the Personal Information collected and used by us is accurate, complete and up-to-date to meet the purposes for which it is collected and used. We do not routinely update Personal Information unless it is necessary to meet the purposes for which it is collected and we therefore rely on you to maintain the accuracy of your Personal Information. You have the right to request correction to your Personal Information in the event it is inaccurate, incomplete or out of date.
- Access. You have the right to access your Personal Information. This includes (a) identification of and access to any or all of your Personal Information under our custody or control; (b) an explanation of how that Personal Information is or was collected, used or disclosed by us; and (c) the names of any individuals and organizations to which your Personal Information has been disclosed.
- Deletion. You can request that we erase your Personal Information where there is no compelling reason for us to continue processing it.
- Restriction of processing. You have the right in certain circumstances to request that we suspend processing of your Personal Information. Where we agree to suspend our processing of your Personal Information, we will still be permitted to store your Personal Information, but any other processing of this information will require your consent, subject to certain exemptions.
- Objection to processing. You have the right to object to our use of your Personal Information, where it is processed on the basis of our legitimate interests. However, we may continue to process your Personal Information, despite your objection, where there are compelling legitimate grounds to do so or we need to process your Personal Information in connection with any legal claims.
- Withdrawal of consent. Where we have relied upon your consent to process your Personal Information, you have the right to withdraw that consent.
Any request to exercise your rights with respect to your Personal Information must be made in writing by email to firstname.lastname@example.org and provide sufficient detail to identify the Personal Information and the action being sought.
SAFEGUARDING PERSONAL INFORMATION
We will make reasonable security arrangements and use appropriate technical and organizational measures to protect all Personal Information under our control (regardless of the format in which it is held) against unauthorized access, loss, theft, collection, use, disclosure, duplication, modification, disposal or similar risks, by both individuals outside, as well as within. The types of security safeguards that we use vary, depending on the nature and sensitivity of the Personal Information, the harm that might result from its improper use or loss, and how it is stored (e.g. in paper or electronically). Our security safeguards to protect against unauthorized access include, but are not limited to, logins, passwords, restricted servers, firewalls, encryption, tokenization and secure socket layering, as well as contractual requirements for service providers to provide comparable security measures.
We will use appropriate security measures when disposing of and destroying Personal Information, such as shredding documents and deleting electronically stored information, in order to prevent unauthorized access.
USE BY CHILDREN
We are concerned about the safety of children when they use our Website. We are committed to the identification and elimination of information that is determined to be unsuitable for children to view. Consistent with the terms and conditions of the Children's Online Privacy Protection Act, we will never knowingly request personally identifiable information from anyone under the age of 13. If you are under the age of 13, you must ask a parent or guardian to use our Website on your behalf. If we become aware that any person submitting information to the Website is under the age of 13, we will delete the account and any related information as soon as possible. If you believe that we have mistakenly or unintentionally collected a minor’s Personal Information, please contact us immediately at email@example.com.
Under the California Consumer Privacy Act (the “CCPA”), California residents have certain rights regarding their Personal Information. If you would like to exercise these rights on or after January 1, 2020, please contact us at firstname.lastname@example.org. For your own privacy and security, at our discretion, we may require you to prove your identity before providing the requested information. It may take us some time to respond to your request, but we will do so within the requirements of the CCPA.
In accordance with the terms and conditions of the CCPA,
- We do not sell your personal information.
- Upon a verifiable request, made by contacting us via email at email@example.com, we will disclose to you the items listed below:
- the categories of personal information we have collected about the you;
- the categories of sources from which the personal information was collected;
- the business purpose behind collecting the personal information;
- the categories of third parties with whom we have shared the information; and
- the specific pieces of Personal Information we have collected about you.
- You have the right to request deletion of your Personal Information. Upon receiving a verifiable request, we will delete your Personal Information and direct our service providers to delete your personal information from their records, to the extent provided by the CCPA.
- You have the right to be free from discrimination. We will not discriminate against you for exercising any of your rights under the CCPA.
We will continually review and update our security policies and controls as technology changes to ensure ongoing Personal Information security.
We may change this Policy from time to time, so be sure to check back periodically. If we make any changes to this Policy that materially affect our practices with regard to the personal information we have previously collected from you, we will endeavor to notify you in advance of such change, by highlighting the change on the Sites or by sending an email to you at the email address that you have registered with us. Your continued use of the Services after any changes or revisions to this Policy will indicate your agreement with the terms of the revised Policy.
Any questions or concerns regarding GDPR compliance can be directed to our data protection officer at firstname.lastname@example.org.