Personal Information does not include your Personal Information that has been deidentified, pseudonymized, anonymized, aggregated, and/or otherwise processed so as to be unidentifiable in such a way that the data can no longer be attributed to a specific individual (by reasonable means) without the use of additional information, and where such additional information is kept separate and under adequate security to prevent unauthorized re-identification of a specific individual such that one could not, using reasonable efforts, link such information back to a specific individual (collectively, all of the foregoing in this sentence being referred to as“De-Identified Personal Information”).
We do not knowingly collect, solicit or maintain Personal Information from anyone under the age of 18 or knowingly allow such persons to register for or use our Services. If you are under 18, please do not send anyPersonal Information about yourself (such as your name, address, telephone number, or email address) to us.In the event that we learn that we have collected Personal Information from a child under age 18 without verification of parental consent, we will use commercially reasonable efforts to delete that information from our database. Please contact us if you have any concerns.
Behavioral Tracking. We do not allow personalized third-party behavioral tracking, though we may use De-Identified Personal Information to track users’ click or browsing patterns.
The information we collect automatically is statistical data and may include Personal Information, and we may maintain it or associate it with Personal Information we collect in other ways or receive from third Services, including, but not limited to, by enabling us to: estimate our audience/visitor size and usage patterns, store information about your preferences, allowing us to customize and improve our Website, speed up your searches, and/or, recognize you when you return to our Website.
Cookie Notice and Policy. The technologies we use for this automatic data collection may include cookies, local storage cookies, web beacons, pixel tracking, GIF, IP address, and other technologies. Each of these is discussed below.
Browser cookies are small files placed on the hard drive of your computer or mobile device. They may contain certain data, including, but not limited to: the name of the server that has placed it there, an identifier in the form of a unique number, and, an expiration date (some cookies only). Browser cookies are managed by the web browser (Internet Explorer, Firefox, Safari, Google Chrome, etc.) on your computer or mobile device.Different types of cookies which have different purposes are used on our Website.
Essential cookies are essential to allow you to browse our Website and use its functions. Without them, services such as shopping baskets and electronic invoicing would not be able to work.
Performance cookies collect information on the use of our Website, such as which pages are consulted most often. This information enables us to optimize our Website and simplify browsing. These cookies do not collect any information which could be used to identify you. All the information collected is aggregated, and therefore anonymous.
Functionality cookies enable our Website to remember the choices you have made when browsing. For example, we can store your geographical location in a cookie so that the Website corresponding to your area is shown. We can also remember your preferences, such as the text size, font and other customizable aspects of the Website. Functionality cookies also may be able to keep track of the products or videos consulted to avoid repetition. The information collected by these cookies cannot be used to identify you and cannot monitor your browsing activity on sites which do not belong to us.
It is possible that you will come across third-party cookies on some pages of sites that are not under our control.
Local Storage Cookies
Certain features of our Website may use local stored objects (to collect and store information about your preferences and navigation to, from and on our Website. Local storage cookies are not managed by the same browser settings as are used for browser cookies.
Web Beacons. Pages of our Website and our emails may contain small electronic files known as web beacons(also referred to as clear gifs, pixel tags and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
Pixel Tracking. In addition to using cookies, the Website may employ “pixel tracking”, a common process which may be used in connection with advertisements on other sites. Pixel tracking involves the use of pixel tags that are not visible to the user and consist of a few lines of computer code. Pixel tracking measures the effectiveness of advertisements and compiles aggregate and specific usage statistics. A “pixel tag” is an invisible tag placed on certain pages of websites that is used to track an individual user’s activity. We may access these pixel tags to identify activity and interests that may allow us to better match our Services with your interests and needs. For example, if you visit our Website from an advertisement on another website, the pixel tag will allow the advertiser to track that its advertisement brought you to the Website. If you visit ourWebsite, and we link you to another website, we also may be able to determine that you were sent to and/or transacted with a third-party website. This data is collected for use in our marketing, research, and other activities.
GIF. We may use tiny images known as clear GIFs to track behavior of users, including statistics on who opens our emails.
IP Address. Our servers (or those of our service providers) automatically record certain log file information reported from your browser when you access the Website. These server logs may include information such as which pages of the Website you visited, your internet protocol (“IP”) address, browser type, and other information on how you interact with the Website. These log files are generally deleted periodically.
Information We Collect from Third Parties
We may collect information that others provide about you when you use the Website, or obtain information from other sources and combine that with information we collect through the Website.
Some content or applications, including advertisements, on the Website are served by third parties, including advertisers, ad networks and servers, content providers and application providers. First-party or third-party cookies may be used alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our Website. A first-party cookie is a cookie set by the domain name that appears in the browser address bar. A third-party cookie is a cookie set by (and on) a domain name that is not the domain name that appears in the browser address bar. It might be set as part of a side resource load(image, JS, iframe, etc., from a different hostname) or an AJAX HTTP request to a third-party server. The information that first-party and third-party cookies collect may be associated with your Personal Information or they may collect information, including Personal Information, about your online activities over time and across different websites and other online services (i.e., tracking such activities). They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.5We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. More information on how to opt-out of third-party advertiser tracking mechanisms here.
Google reCAPTCHA. We use Google reCAPTCHA, which identifies bots by collecting hardware and software information and sending that data to Google for analysis. More about Google reCAPTCHA is available here.
Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics OptOut Browser add-on.
We use information that we collect about you or that you provide to us, including any Personal Information, for one or more of the following purposes:
We may use your Personal Information you provide us and which we obtain from other sources to better understand your interests so we can try to predict what other products, services and information you might be most interested in. This practice involves making automated decisions about you based on this information in order to better enable us to tailor our interactions with you to make them more relevant and interesting. You may object to our doing this at any time by contacting us (see Contact Information/User Rights below).
We may or do disclose your Personal Information, in whole or in part, to the following types of third parties, and for one or more of the following purposes:
Disclosures to Service Providers. We may share your Personal Information with third party service providers which perform services on our behalf (“Service Providers”), such as, but not limited to, data hosting and storage service providers. If we engage Service Providers for any of the foregoing, use of your PersonalInformation will be bound by obligations of confidentiality and their use of Personal Information will be restricted to providing their services to us. We may store Personal Information in locations outside our direct control (for instance, on servers or databases located or co-located with hosting Service Providers).
We will attempt to notify you, where practicable, about these requests unless: (i) providing notice is prohibited by the legal process itself, by court order we receive, or by applicable law, or (ii) we believe that providing notice would be futile, ineffective, create a risk of injury or bodily harm to an individual or group, or create or increase a risk of fraud upon us, our users, our Website, or our Services. In instances where we comply with legal requests without notice for these reasons, we will attempt to notify that user about the request after the fact if we determine in good faith that we are no longer legally prohibited from doing so and that no risk scenarios described in this paragraph apply.
No Sale of Personal Information. We do not disclose or share your Personal Information with any third parties for which we receive any monetary or other valuable consideration. In other words, we do not sell your Personal Information, period.
Disclosure of De-Identified Personal Information. We may share De-Identified Personal Information with third parties for any purpose. De-Identified Personal Information or non-Personal Information may be aggregated for system administration and to monitor usage of the Website. It may be utilized to measure the number of visits to our Website, average time spent, number of pages viewed and to monitor various otherWebsite statistics. This monitoring helps us evaluate how visitors use and navigate our Website so we can improve the content. We may share De-Identified Personal Information or anonymous information (including, but not limited to, anonymous usage data, referring/exit pages and URLs, IP address, platform types, number of clicks, etc.) with interested third parties in any way we choose and for any purpose.
Your Consent to Disclosure/Transfer/Sale of Your Personal Information. You consent to our disclosure of your Personal Information, De-Identified Personal Information, and other information you provide to us (collectively, “Transferred Information”) to a potential or actual buyer or acquirer of our company or other successor for the purpose of considering or undergoing a merger, divestiture, restructuring, reorganization, dissolution, change in control, or sale or transfer of some or all of our assets (each of the foregoing referred to as a “Transfer”), whether as a going concern or as part of bankruptcy, liquidation or other court proceeding, in which Personal Information held by us is among the assets transferred. You agree to and do hereby consent to(and shall not object to) our assignment, conveyance, transfer, and/or license (whether by contract, merger, or operation of law) as part of a Transfer, of any or all of our rights, in whole or in part, in or to TransferredInformation and your consents, with or without notice to you and without your further consent. We cannot make any representations regarding the use or transfer of Transferred Information that we may have in the event of our bankruptcy, reorganization, insolvency, receivership, or an assignment for the benefit of creditors. By providing any Personal Information, you expressly agree and consent to the use and/or transfer of TransferredInformation or other information in connection with a Transfer. Furthermore, except as required by law, we are not and will not be responsible for any breach of security by any third parties or for any actions of any third parties that receive any of the Transferred Information that is disclosed to us
We have implemented measures designed to secure your Personal Information from accidental loss and from unauthorized access, use, alteration and disclosure. Your Personal Information is contained behind secured networks and a firewall and is only accessible by our personnel and by a limited number of Service Providers who have special access rights to our systems, and who are required to keep the information confidential. OurWebsite and software are scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our Website and use of our software safe.
The safety and security of your information also depends on you. You should maintain good internet security practices. Where you have password-protected access to an account or certain parts of the Website or Services, you are responsible for keeping this password confidential. You should not share your password with anyone. You must prevent unauthorized access to your account and Personal Information by selecting and protecting your password appropriately and limiting access to your computer or mobile device and browser by signing off after you have finished accessing your account. If your email account or Facebook account is compromised this could allow access to your account with us if you have given up those details and/or permitted access through those accounts. If your email account is compromised it could be used to ask us to reset a password and gain access to your account with us. If you think that any of your accounts have been compromised you should change your account credentials with us, and in particular make sure any compromised account does not allow access to your account with us. The information you share in public areas may be viewed by other users. We will never email you to ask for your password or other account login in formation. If you receive such an email, please send it to us so we can investigate.
You hereby release and forever discharge us and our affiliates, subsidiaries, officers, directors, employees, and agents, and their respective successors and assigns, and you will indemnify, defend and hold us harmless, from and against any liability, claim, or cost (including attorneys’ fees), arising directly or indirectly from any failure by you to maintain the security of your email or other accounts that directly or indirectly results in an unauthorized third party having access to such email or accounts or causes us to transfer funds based on instructions purporting to have originated from you (i.e., “wire transfer fraud” or “business email compromise”events).
Unfortunately, the transmission of information via the internet is not completely secure. Although we do use security measures designed to protect your Personal Information, we cannot guarantee the security of yourPersonal Information transmitted to us or which we obtain. Any transmission of Personal Information is at your own risk. Unauthorized entry or use, or hardware or software failure, and other factors, may compromise the security of user information at any time. We are not responsible for circumvention of any privacy settings or security measures contained on the Website or used with our Services.
The time period for which we retain your Personal Information depend on the purposes for which we use it. We will retain your Personal Information for as long as your account is active, or as long as you are a customer or user of our Services or for as long as we have another business purpose to do so (such as, but not limited to, for business, tax, or legal purposes) and, thereafter, for no longer than is required or permitted by law, or our records retention policy, reasonably necessary for internal reporting and reconciliation purposes, or to provide you with feedback or information you might request. This period of retention is subject to our review and alteration.
We may retain De-Identified Personal Information for as long as we deem appropriate.
Through your user account settings page, you may access and, in some cases, edit, or delete certain information you have provided to us, such as name and password, email address, address, user profile information, etc. The information that you can view, update, and delete may change as the Website, Services, or our practices change. If you have any questions about viewing or updating information we have on file about you, please contact us.
The following in this section applies only to California residents
California Online Privacy Protection Act (“CalOPPA”; Calif. Bus. & Prof. Code § 22575-22578, available here): CalOPPA applies only to companies which collect Personal Information of California residents.
How We Respond to Do Not Track Signals.
CalOPPA requires us to let you know how we respond to web browser Do Not Track (“DNT”) signals. DNT is a privacy preference you can set in your web browser to indicate that you do not want certain information about your webpage visits collected across websites when you have not interacted with that service on the page. For details, including how to turn on DNT, see here. Because there currently isn’t an industry or legal standard recognizing or honoring DNT signals, we don’t respond to them at this time. We await the result of work by the privacy community and industry to determine when such a response is appropriate and what form it should take.
Visitors can visit our Website anonymously by adjusting the settings in your browser.
Third-Party Behavioral Tracking. We do not allow third-party behavioral tracking of Personal Information,though we may use De-Identified Personal Information to track users’ click or browsing patterns.
By providing us with your email address you consent to our using the email address to send you Service-related notices by email, including any notices required by law (e.g., notice of data privacy or security incidents), in lieu of communication by postal mail. You also agree that we may send you notifications of activity regarding our Services, Website, your Personal Information, or any aspect of our relationship, to the email address you give us, in accordance with any applicable privacy settings. We may use your email address to send you other messages or content, such as, but not limited to, newsletters, additions or changes to features of the Service, or special offers. If you do not want to receive such email messages, you may opt out by emailing us your opt-out request or, where available, by clicking “unsubscribe” at the bottom of our e-newsletter. Opting out may prevent you from receiving email messages regarding updates, improvements, special features, announcements, or offers. You may not opt out of Service-related emails. Please note that if you have opted not to receive legal notice emails from us (or you haven’t provided us with your email address),those legal notices will still govern your use of the Services, and you are still responsible for reading and understanding them.
You can add, update, or delete information as explained above. When you update information, however, we may maintain a copy of the unrevised information in our records. You may request deletion of your account by emailing us. It is your responsibility to maintain your current email address with us.
We have our headquarters in the United States. The Personal Information we or our service providers collect may be stored and processed in servers within or outside of the United States and wherever we and our service providers have facilities around the globe, and certain information may be accessible by persons or companies outside of the United States who provide services for us. You consent to our and our service providers’ transmission and/or transfer of your Personal Information to, or access it in, jurisdictions that may not provide equivalent levels of data protection as your home jurisdiction. We will take reasonable steps to ensure that your Personal Information receives an adequate level of protection in the jurisdictions in which we process it
If you are a resident or citizen of the UK, European Economic Area (“EEA”), or Switzerland, please see the section below on GDPR compliance.
If you are a citizen or resident of the UK, EEA, Switzerland, or other regions with laws governing data collection and use that may differ from the laws in the United States, please note that we may transfer your information to a country or jurisdiction that does not have the same data protection laws as your jurisdiction. We may do so to process your information by staff operating outside the these countries who work for us or for one of our service providers.
If you are a resident of a country other than the United States, you acknowledge and consent to our collecting, transmitting, processing, transferring, and storing your Personal Information out of the country in which you reside.
We provide adequate protection for the transfer of Personal Information to countries outside of the UK, EEA, orSwitzerland through a series of inter company agreements based on or incorporating the Standard ContractualClauses, or we rely on the European Commission’s adequacy decisions about certain countries, as applicable, and/or obtain your consent for these data transfers from Europe to the United States to other countries. We also may need to transfer your information to other group companies or service providers in countries outside the EEA. This may happen if our servers or suppliers and service providers are based outside the UK, EEA, orSwitzerland, or if you use our Services while visiting countries outside these areas.
Our Legal Basis for Processing Personal Data (UK, EEA, and Swiss Visitors Only)
If you are a visitor using our Website from the UK, EEA, or Switzerland, our legal basis for collecting and using the Personal Data described above will depend on the Personal Data concerned and the specific context in which we collect it. However, we will normally collect Personal Data from you only where we need the PersonalData to perform Services for you for which you have contracted with us, or where the processing is in our legitimate interests or rely upon your consent where we are legally required to do so and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we also may have a legal obligation to collect Personal Data from you or may otherwise need the Personal Data to protect your vital interests or those of another person.
The collection and processing of your personal information may be necessary for the purposes of our legitimate interests. Such legitimate interest purposes may include:
Your Data Rights Under GDPR
What is the legal basis?
We collect and process your personal information in compliance with the GDPR and the applicable EU laws.
Collection and processing is based on your consent: Art. 6(1)a GDPR, Art. 4(11) GDPR
We will always ask for your consent to collect and process your personal information for the aforementioned specific purposes, unless the collection and processing of your personal information is permitted by statutory laws. Where you have provided us with your consent to the collection and processing of your personal information for the aforementioned specific purposes, you have the right to withdraw your consent at any time.
Collection and processing is necessary for taking steps prior to enter into a contract: Art. 6 (1)b GDPR
The collection and processing of your personal information may be necessary for the performance of a contract to which you may be a party. Prior to entering into such contract, the collection and processing of your personal information also may be necessary in order to take steps at your request. This applies for installation and the use of our extension as well as any payment processing in connection with donations.
Collection and processing is necessary for compliance with a legal obligation to which the Controlleris subject: Art. 6 (1)c GDPR
Collection and processing of your personal information may be necessary for compliance with a legal obligation to which we are subject under EU laws or the laws of a EU Member State.