GENERAL PRIVACY NOTICE
We may process and collect personal data from you when you visit this website, register on the site, place an order, enter a contest, respond to a communication such as e-mail, or otherwise provide us with information. We may also obtain information from other sources such as social media platforms linked to our website. We understand that you are aware of and care about your own personal privacy interests, and we take that seriously.
WHAT INFORMATION DO WE COLLECT?
The information we collect may include the following:
Personal data that you provide: contact information, name, address, telephone number, e-mail address, credit card and debit card number and related information, logins and passwords. You can view this website without providing this information, unless you choose to place an order. We may obtain personal data from you through this website, offline such as when you call us, or from other sources, such as public databases, social media platforms or other third parties, to the extent permitted by law.
Personal data obtained through or generated on our website: IP address, your browsing behavior on our website such as information on your first visit, previous visit and current visit, the visited pages, and the manner in which you navigate the website.
SOCIAL MEDIA PLATFORMS
WHAT DO WE USE YOUR PERSONAL DATA FOR?
We use your personal data for a variety of purposes. These include:
- To personalize your site experience and to allow us to deliver the type of content and product offerings in which you are most interested.
- To allow us to better service you in responding to your customer service requests.
- To quickly process your transactions.
- To administer a contest, promotion, survey or other site feature. Some of these activities may have additional rules, which may contain additional information about how we use and disclose your personal information. We suggest you read such rules carefully, as you will be bound by them if you choose to participate.
- To inform you about our services, products and special promotions.
- To investigate and respond to inquiries and complaints.
- To improve and secure our website.
- To produce aggregated data that does not identify you, which helps us generate statistics about our website users and products, the demographic distribution of visitors to our website, and the effectiveness of our marketing and promotion activities, which in turn helps us to analyze and improve the website, the user experience, and our products and services.
- Fraud monitoring and prevention.
- To provide customers that sign-up for our email list advance notice of sales, new arrivals, sample sale dates and other Eberjey news. We respect your privacy rights and will not sell, trade or rent your email address or other personal information to other companies. If you would like to unsubscribe from our email list, please refer to the “How can you opt-out, remove or modify information you have provided to us?” section below.
- Uses we believe to be necessary or appropriate under applicable law and regulations to comply with legal processes, respond to requests from governmental authorities, protect our business, protect our rights and to allow us to pursue available remedies or limit the damages we may sustain.
HOW DO WE COLLECT PERSONAL INFORMATION
We and our third party providers may collect information in a variety of ways, including:
- Through your browser or device: Certain information is collected by most browsers or automatically through your device, such as your Media Access Control (MAC) address, computer type (Windows or Macintosh), screen resolution, operating system name and version, device manufacturer and model, language, Internet browser type and version. We use this information to ensure that the website functions properly.
- Through your use of the Website: When you use the website, we and our service providers may track and collect usage data, such as the date and time the App on your device accesses our servers, and what information and files have been downloaded to the App based on your device number.
- Using pixel tags and other similar technologies: We may use pixel tags (also known as web beacons and clear GIFs) to track the actions of users of the website, measure the success of our marketing campaigns, and compile statistics about usage of the website.
- IP Address: Your IP address is a number that is automatically assigned to the computer that you are using by your Internet Service Provider. An IP address may be identified and logged automatically in our server log files whenever a user accesses the Services, along with the time of the visit and the page(s) that were visited. Collecting IP addresses is standard practice and is done automatically by many websites, applications and other services. We use IP addresses for purposes such as calculating usage levels, diagnosing server problems, and administering the website. We may also derive your approximate location from your IP address.
- Physical Location: We may collect the physical location of your device by, for example, using satellite, cell phone tower, or WiFi signals. We may use your device's physical location to provide you with personalized location-based services and content. You may be permitted to allow or deny such uses of your device's location, such as through your device settings. If you do, we may not be able to provide you with the applicable personalized services and content.
- From you: Information such as your preferred means of communication is collected when you voluntarily provide it.
- By aggregating information: Aggregated personal information does not personally identify you or any other user of the website. For example, we may aggregate personal information to calculate the percentage of our users who live in a particular geographic region.
WHAT ARE OUR LEGAL GROUNDS FOR PROCESSING YOUR PERSONAL INFORMATION?
The primary legal grounds we rely on to process personal information are:
- Consent: You will always have the right to withdraw any consent that you given to process your personal data. If you do choose to withdraw your consent, the withdrawal will not affect the lawfulness of processing your personal data prior to your withdrawal.
- By Agreement: We will process your personal data if and to the extent necessary to enter into or to perform a contract.
- Legal Obligation: We will process your personal data to the extent that we are required to do so by law. We reserve the right to release specific personal information about you if required by law, governmental request or court order.
- To Protect Your Vital Interests: We will process your personal data if we determine that it is necessary to do so to protect your vital interests.
- A Legitimate Interest: We may also process your personal data if we have a legitimate interest to do so, and do not disproportionately infringe on your privacy.
HOW DO WE PROTECT PERSONAL DATA?
We take the security of your personal data seriously. We have put in place appropriate technical and organizational measures, including internal policies and controls, to:
- Protect your information, for example to backup and protect the integrity of our electronic communications and data storage systems;
- Limit access to your personal information to those employees, agents, contractors and other third parties on a need to know basis. They may only process your personal information on our instructions, they are subject to a duty of confidentiality and are obliged to keep it secure;
- Prevent your personal information from unauthorized or unlawful use or disclosure and against unintended access, loss or destruction, or damage; and
- Deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
We implement a variety of security measures to maintain the safety of your personal information. Your personal information is maintained in private files on our secure web server and on our internal systems. All sensitive/credit card information you supply is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our databases for utmost security.
HOW LONG DO WE RETAIN PERSONAL DATA?
Your personal data will not be kept longer than necessary and will be deleted, as soon as reasonably possible in view of the purposes for processing your personal data (see What do we Use your Personal Information for?), unless we have an ongoing legitimate reason to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements).
When we have no ongoing legitimate business need or no other legitimate reason to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal data has been stored in backup archives and/or it is technically impossible and/or economically impractical), we will securely store your personal data until deletion is possible.
If you have questions about, or need further information concerning, our data retention periods, please contact us. (See “How do you Contact us?”, below)
DO WE USE "COOKIES"?
DO WE SHARE PERSONAL DATA WITH OUTSIDE PARTIES?
We respect your privacy rights and will not sell, trade or rent your personal data to other companies. However, we sometimes need to share your personal data with third parties. Those include:
- Service Providers. We may use service providers (processors) to help us provide our services (e.g., maintenance, analysis, audit, payments, fraud detection, marketing and development). They will have access to your information as reasonably necessary to perform these tasks on our behalf and are obligated to not to disclose or use it for other purposes. The processors may solely process your personal data based on our instructions. For example, we work with service providers offering hosting services. We may also hire IT service providers to support the safe and stable operation of our systems. If we engage a third party to handle personal information, we shall perform a thorough background check on such third party and exercise proper supervision over such third party to ensure the safe management of personal information. We will conclude a data processor agreement with our data processors, which meets the requirements laid down in the GDPR.
- Legal Authorities. We may need to share your data when we believe it's required by law or to protect your and our rights and security. It is possible that we will need to disclose information about you when required by law, subpoena, or other legal process or if we have a good faith belief that disclosure is reasonably necessary. We will attempt to notify visitors about legal demands for their personal data when appropriate in our judgment, unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority.
HOW DO YOU OPT-OUT, REMOVE OR MODIFY INFORMATION YOU HAVE PROVIDED TO US?
- Withdrawal of Consent: You can withdraw your consent to the processing of your personal data at any time. To modify your e-mail subscriptions, unsubscribe from our email list, or update or remove your personal data from our system, please log in to www.eberjey.com and click My Account.
- Removal of Information. At your request, we will delete your personal data from our systems as soon as possible, but please note that due to pre scheduling of email campaigns, you may receive another email before you are completely removed
- Information Access and Correction: You have the right to receive information about the type and contents of the personal data that we store or process and to request the correction of and/or change to any incorrect or incomplete personal data that we hold.
- Objection to Use: You may object to our use of your personal data or request to limit our use of your personal data.
- Data Portability: You may request a copy of your personal data that we store and the transfer of the personal data to another party.
- Profiling: You may object to decisions made solely based on automated processing, including profiling.
- Requests and Complaints: All requests or complaints made with regard to our processing and store of your personal data can be sent to us as described below under “How do you Contact us?”
NOTICE TO CITIZENS OF THE EUROPEAN ECONOMIC AREA
We comply with the General Data Protection Regulation (GDPR). For the purposes of the GDPR, we have the status of being a data controller. Please note that personal data that you provide to us or that we otherwise collect will be kept in areas located outside the European Economic Area. Specifically, this website is hosted in the United States.
USE OF THE WEBSITE BY MINORS
Our website is not directed to individuals under the age of 18 and we request that they not provide personal information to us without express parental consent.
We ask that you not send to us, and not disclose, any sensitive personal information such as social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, sexual orientation, health, biometrics or genetic characteristics, criminal background or trade union membership.
HOW DO YOU CONTACT US?
CHANGES TO OUR POLICY?
This policy was last modified on August 27, 2018.