Effective Date: December 15, 2013, revised November 5, 2015, August 31, 2016, November 16, 2016, January 17, 2017, January 30, 2018, September 6, 2019, December 23, 2019
- I. INFORMATION WE COLLECT ABOUT YOU
- II. HOW WE USE YOUR INFORMATION
- III. LINKS TO OTHER WEBSITES
- IV. INFORMATION SECURITY
- V. DATA RETENTION
- VI. HOW WE WILL CONTACT YOU
- VII. YOUR CHOICES
- VIII. ACCESSING, CORRECTING, OR DELETING YOUR INFORMATION
- IX. NOTICE TO CERTAIN RESIDENTS
- X. CHILDREN’S INFORMATION
- XII. HOW TO CONTACT US
I. INFORMATION WE COLLECT ABOUT YOU
We may collect the following types of information about you which are described in more detail below: (A) information you provide to us, (B) information we may automatically collect, and (C) information we may receive from third parties. All of the information listed in (A)-(C) above, are detailed below, and hereinafter referred to as "Information".
A. Information You Provide to Us:
In using our Services, you may provide us with Information, including, without limitation:
- Contact information such as name, email address, postal address and telephone number(s);
- Demographic information such as birth date or gender;
- Account information and log in credentials, including unique identifiers such as username and password;
- Payment and transaction information including credit or bank card information;
- Preferences for communications, shopping, and products;
- Communications and opinions in chat rooms, message boards, forums, surveys, polls, and online forms;
- Access to your geo-location (including through our mobile app) or to other data held on social media platforms and other software (for example, access to your contacts, calendar or photos);
- Photos and/or videos;
- Information about your guests or family for events; and
- Additional information as otherwise described to you at the point of collection or pursuant to your consent.
B. Information We May Automatically Collect About You:
Our Services may automatically collect certain Information about you. We use this Information to help us design our Services to better suit our users' needs. This Information may include:
- IP address, which is the number associated with the service through which you access the Internet, like your ISP (Internet service provider), or your company;
- Date and time of your visit or use of our Services;
- Domain server from which you are using our Services;
- Type of computer, web browsers, search engine used, operating system, or platform you use;
- Data identifying the web pages you visited prior to and after visiting our website or use of our Services;
- Your movement and activity within the website and Services, which is aggregated with other information;
- Geo-location information through the use of any of our mobile applications;
- Mobile device information, including the type of device you use, operating system version, and the device identifier (or "UDID"); and
- Mobile application identification and behavior, use, and aggregated usage, performance data, and where the application was downloaded from.
1. Cookies & Technologies Used to Collect Information About You
b. Flash Cookies. We may use local shared objects, also known as Flash cookies, to store your preferences such as volume control or display content based upon what you view on our site to personalize your visit. Third parties, with whom we partner to provide certain features or to display advertising based upon your browsing activity, use Flash cookies to collect and store information. Flash cookies are different from browser cookies because of the amount of, type of, and how data is stored. Cookie management tools provided by your browser will not remove Flash cookies.
c. Web Beacons. Website pages may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages and for other related statistics (for example, recording the popularity of certain content and verifying system and server integrity). We also use these technical methods to analyze the traffic patterns, such as the frequency with which our users visit various parts of the Services. These technical methods may involve the transmission of Information either directly to us or to a third party authorized by us to collect Information on our behalf. Our Services use retargeting pixels from Google, Facebook and other ad networks. We also use web beacons in HTML emails that we send to determine whether the recipients have opened those emails and/or clicked on links in those emails.
d. Analytics. Analytics are tools we use, such as Google Analytics, to help provide us with information about traffic to our website and use of our Services, which Google may share with other services and websites who use the collected data to contextualize and personalize the ads of its own advertising network.
e. Mobile Application Technologies. If you access our website and Services through a mobile device, we may automatically collect information about your device, your phone number, and your physical location.
C. Information We May Receive from Third Parties
We may collect additional Information about you from third party websites, social media platforms, such as, but not limited, to Facebook, Twitter, Instagram, SnapChat ("Social Media Platforms"), and/or sources providing publicly-available information (e.g., from the U.S. postal service) to help us provide services to you, help prevent fraud, and for marketing and advertising purposes.
Information we may access about you, with your consent, may include, but is not limited to, your basic Social Media Platform information, your location data, your list of contacts, friends or followers and certain information about your activities on the Social Media Platform. Please keep in mind that when you provide Information to us on a third-party website or platform (for example, via our applications), the Information you provide may be separately collected by the third party website or the Social Media Platform.
II. HOW WE USE YOUR INFORMATION
A. Use and Purpose of Processing Your Information
We use and process your Information for things that may include, but are not limited to, the following:
- Provide you with the Services, and related products, promotions, newsletters, contests, sweepstakes, games, and information you request;
- To respond to your inquiries and provide you with requested information and other communications, including by email or text messages, and including alerts, notification of promotions, contests, and events;
- For general or targeted marketing and advertising purposes, including sending you promotional material or special offers on our behalf or on behalf of our marketing partners and/or their respective affiliates and subsidiaries and other third parties, provided that you have not already opted-out of receiving such communications;
- To fulfill contracts we have with you;
- To manage, improve and foster relationships with third-party service providers, including vendors, suppliers, and parents, affiliates, subsidiaries, and business partners;
- Maintain, improve, customize, or administer the Services, perform business analyses, or other internal purposes to improve the quality of our business, the Services, resolve technical problems, or improve security or develop other products and services;
- Comply with our Terms & Conditions;
- Analytics for business purposes and business intelligence;
- Comply with any applicable laws and regulations and respond to lawful requests; and/or
- For any other purposes disclosed to you at the time we collect your Information and/or pursuant to your consent.
B. Sharing Your Information
We may disclose anonymized aggregated information about our users, that does not identify any individual, without any restriction.
o Third Party Service Providers. We may share your Information with third party service providers that perform certain functions or services on our behalf (such as to host the Services, fulfill orders, provide products and services, manage databases, perform analyses, process credit card payments, provide customer service, or send communications for us). These third party service providers are authorized to use your Information only as necessary to provide these services to us. In some instances, we may aggregate Information we collect so third parties do not have access to your particular Information to identify you individually.
o Disclosure of Information for Legal and Administrative Reasons. We may disclose your Information without notice: (i) when required by law or to comply with a court order, subpoena, search warrant, or other legal process; (ii) to cooperate or undertake an internal or external investigation or audit; (iii) to comply with legal, regulatory or administrative requirements of governmental authorities (including, without limitation, requests from the governmental agency authorities to view your Information); (iv) to protect and defend the rights, property or safety of us, our subsidiaries and affiliates and any of their officers, directors, employees, attorneys, agents, contractors and partners, and the Service users; (v) to enforce or apply our Terms & Conditions; and (vi) to verify the identity of the user of our Services.
o Business Transfers. Your Information may be transferred, sold or otherwise conveyed ("Conveyed") to a third party where we: (i) merge with or are acquired by another business entity; (ii) sell all or substantially all of our assets; (iii) are adjudicated bankrupt; or (iv) are liquidated or otherwise reorganize. You agree to any and all such Conveyances of your Information.
o Information Shared with our Subsidiaries and Affiliates. We may share your Information with our subsidiaries and affiliates. If you do not want us to share your Information with our subsidiaries and affiliates, please email us at email@example.com.
o Online Communications (Chatrooms, Forums, Contests, Message Boards). If you correspond with us by email, questionnaires, surveys, social media, or other digital online platform, we may retain such correspondence and the Information contained in it and use it to respond to your inquiry. Our Services may include chat rooms, forums, and message boards that are available to you and other users. You are not required to provide any Information when using these areas, but you may choose to do so. If you post personal Information online, you agree you have no expectation of privacy concerning that Information, that it will be publicly available and that you may receive unsolicited messages from other parties. We cannot ensure the security of any Information you choose to make public in a chat room, forum, or message board. Also, we cannot ensure that parties who have access to such publicly available Information will respect your privacy. Please exercise caution when deciding to disclose Information in these areas. To request removal of your personal Information from our blog or community forum, contact us at firstname.lastname@example.org. In some cases, we may not be able to remove your Information, in which case we will let you know if we are unable to do so and why.
III. LINKS TO OTHER WEBSITES
Our Services may contain links to other websites or services that are not owned or controlled by us, including links to Social Media Platforms such as Facebook, Instagram, Twitter and SnapChat, or may redirect you off our website away from our Services to other websites for information, other services, or to receive special offers, contests, games, sweepstakes, or for transactions or purchases.
IV. INFORMATION SECURITY
We use commercially reasonable measures to provide our Services. However, you should assume that no data transmitted over the Internet or stored or maintained by us or our third party service providers can be 100% secure. Therefore, although we believe the measures implemented by us reduce the likelihood of security problems to a level appropriate to the type of data involved, we do not promise or guarantee, and you should not expect, that your Information or private communications will always remain private or secure. We do not guarantee that your Information will not be misused by third parties. We are not responsible for the circumvention of any privacy settings or security features. You agree that we will not have any liability for misuse, access, acquisition, deletion, or disclosure of your Information.
If you believe that your Information has been accessed or acquired by an unauthorized person, you shall promptly Contact Us so that necessary measures can quickly be taken.
V. DATA RETENTION
We will retain your Information for as long as needed to provide you the Services, or as permitted or required by law. If you wish to cancel your account or request that we no longer use your Information to provide you the Services, please contact us at email@example.com. We will retain and use your Information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. In accordance with our routine record keeping, we may delete certain records that contain Information you have submitted to us. We are under no obligation to store such Information indefinitely and disclaim any liability arising out of, or related to, the destruction of such Information.
VI. HOW WE WILL CONTACT YOU
You agree that we, our affiliates, and/or third-party service providers with whom we collaborate and contract, may communicate with you regarding our Services via electronic messages, including email, text message, or mobile push notification to, for example, send you information relating to our products and Services that we think may be of interest to you, communicate with you about contests, sweepstakes, offers, promotions, rewards, upcoming events, and other news about products and services provided by or through us through permissible targeted advertisements offered by us, our parent companies, our subsidiaries, our affiliates, and other business partners. See Your Choices, below, for how you can update the way we contact you.
VII. YOUR CHOICES
A. Email. By using our Services, you agree that we may contact you by email as set forth herein. If you do not want to receive marketing and promotional emails from us, you may click on the "unsubscribe" link in the email to unsubscribe and opt-out of future marketing email communications or Contact Us.
B. Mobile Push Notifications. By using our Services, you agree that we may contact you by calling or sending messages to your phone.You can use the settings on your mobile device to enable or turn off mobile push notifications from us or Contact Us.
C. Text Messages. By using our Services, you agree to be reached by text message. If you no longer want to receive text messages from us, reply STOP (or as otherwise instructed) in the text message or Contact Us.
D. Cookie Choices. To exercise choices regarding cookies set through our Services, as well as other types of online tracking and internet advertising, see our Cookies Policy for more details or Contact Us.
E. Location Choices. You can change the privacy settings of your device at any time to turn off the sharing of location information with our Services. If you choose to turn off location services, this could affect certain features or services of our Services. If you have specific questions about the privacy settings of your device, we suggest you contact the manufacturer of your device or your mobile service provider for help.
F. Opting Out of Direct Marketing. To exercise choices regarding the marketing information you receive, you may also review the following links:
a. You may opt-out of tracking and receiving tailored advertisements on your mobile device by some mobile advertising companies and other similar entities by downloading the App Choices app at https://youradchoices.com/appchoices.
b. You may opt-out of receiving permissible targeted advertisements by using the NAI Opt-out tool available at http://optout.networkadvertising.org/?c=1 or visiting About Ads at http://optout.aboutads.info.
c. You can opt-out of having your activity on our Services made available to Google Analytics by installing the Google Analytics opt-out add-on for your web browser by visiting: https://tools.google.com/dlpage/gaoptout for your web browser.
G. Notice to Certain Residents. In addition to the above methods of exercising choice, to the extent required by applicable law or as otherwise noted in the Notices to Certain Residents, Section IX below, we may provide you with additional choices regarding the processing of your Information, which you may exercise by contacting us as detailed in the "How to Contact Us" section below. We will try to comply with your request as soon as reasonably practicable as required by applicable law.
VIII. ACCESSING, CORRECTING, OR DELETING YOUR INFORMATION
Upon request as set forth below and subject to certain exceptions and limitations and applicable laws, we will inform you of the existence, use and disclosure of your Information and will provide you access to that Information. To the extent other state laws provide users with additional data subject rights, those rights may be honored by us following proper authentication and verification.
We encourage you to review, update, and correct Information that we maintain about you, and you may request that we delete Information about you that is inaccurate, incomplete, or irrelevant. We may not accommodate a request to change Information if we believe the change would violate applicable law in our control.
To access, correct, or delete your Information, contact us at:
Call us: (866) 918-0235
Write us: One Bills Drive, Orchard Park, New York 14127, Attn: Privacy Officer.
IX. NOTICE TO CERTAIN RESIDENTS
A. Persons in the European Union or European Economic Area
1. Your Rights
- Restrict the way that we process and share your personal data;
- Transfer your personal data to a third party;
- Revoke your consent for processing of your personal data;
- Provide you with access to your personal data;
- Remove your personal data if no longer necessary for the purposes collected;
- Update your personal data so it is correct and not out of date; and/or
- Object to our processing of your personal data.
Email at: firstname.lastname@example.org
Mail: One Bills Drive, Orchard Park, New York 14127, Attn: Privacy Officer.
Call us toll free at: (866) 918-0235
The requests above will be considered and responded to in the time-period stated by applicable law. Note, certain Information may be exempt from such requests. We may require additional information from you to confirm your identity in responding to such requests. You have the right to lodge a complaint with the supervisory authorities applicable to you and your situation, although we invite you to contact us with any concern as we would be happy to try and resolve it directly. Please contact us at: email@example.com, write us at One Bills Drive, Orchard Park, New York 14127, Attn: Privacy Officer or call us at (866) 918-0235.
2. Lawful Basis for Processing Your Information
- To administer our contractual relationship, including setting up any services you may request;
- Because it is in our legitimate interest to effectively and efficiently operate our business and provide you with the services offered through the Services and other useful content and for other marketing, design, and advertising purposes;
- To process employee data, prevent against fraud, provide technology security, and other necessary Company operational matters;
- In order to fulfill any legal obligations, we may have to collect this Information from you; and/or
- Because you have provided your consent for us to do so.
B. Consent to Transfer
C. California Residents
If you would like to submit a Data Subject Request, please email us at firstname.lastname@example.org. You can also call us, toll-free, at (866) 918-0235. If you choose to submit a Data Subject Request, you must provide us with enough information to identify you and enough specificity on the requested data. We will only use the information we receive for verification. We will not be able to disclose information if we cannot verify that the person making the Data Subject Request is the person about whom we collected Information, or someone authorized to act on such person's behalf.
If you are a California resident, you may submit a Data Subject Request to receive information about our data collection practices as it relates to your data. You may request information on the categories of personal information (as defined by California law) we have collected about you; the categories of data collection sources; any business or commercial purpose for collecting or selling personal information; the categories of third parties with whom we share personal information, if any; and the specific pieces of personal information we have collected about you. If you would like to also receive information about our data disclosure for business purposes, then please include that in the Data Subject Request. We will clarify whether the Information was collected and disclosed or simply collected and kept internally.
You may request that we delete your personal information. Your deletion request should be submitted through a Data Subject Request. Subject to certain exceptions set out below we will, on receipt of a verifiable Data Subject Request, delete your personal information from our records and direct any service providers to do the same.
Please note that we may not delete your personal information if it is necessary to:
- complete the transaction for which the personal information was collected;
- provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between you and us;
- detect security incidents, protect against malicious, deceptive activity, and take all necessary and appropriate steps to mitigate current and future risk;
- debug and repair internal information technology as necessary;
- undertake internal research for technological development and demonstration;
- exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law;
- comply with the California Electronic Communications Privacy Act;
- engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when our deletion of the Information is likely to render impossible or seriously impair the achievement of such research, provided we have obtained your informed consent;
- enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us;
- comply with an existing legal obligation; or
- otherwise use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the Information.
We may not, and will not, treat you differently because of your Data Subject Request activity. As a result of your Data Subject Request activity, we may not and will not deny goods or services to you, charge different rates for goods or services, provide a different level quality of goods or services, or suggest any of the preceding will occur. However, we can and may charge you a different rate, or provide a different level of quality, if the difference is reasonably related to the value provided by your personal information.
X. CHILDREN'S INFORMATION
Our Services are intended for general audiences. We do not knowingly collect, use, or disclose Information from children under the age of thirteen (13) or as otherwise defined by local law without prior parental consent, except as permitted by the Children's Online Privacy Protection Act (hereinafter "COPPA") or other applicable law.
Some of our Services, such as online contests, sweepstakes, and promotions we may run from time to time, may seek information necessary for a child to participate, including the child's name, date of birth and parent's email address and contact information to communicate with the parent (as required by applicable law). For these services, children will be required to provide proof of consent from their parent or legal guardian in order to participate. Children are not permitted to provide Information to us through any of our Services or to share their Information with us absent the consent of their parent or legal guardian. We will not use parent emails provided for parental consent purposes to market to the parent, unless the parent has expressly opted-in to email marketing or has separately participated in an activity that allows for such email contact.
If, at any time, a parent or legal guardian becomes aware that their child has provided us with Information without their consent or wishes to withdraw their consent to our use or maintenance of Information collected from their child, the parent or guardian should contact us at email@example.com and we will promptly remove such Information from our database(s). Please note that we may request proof of identity and relationship to the child before doing so.
If you have any comments or questions on policies related to children's data or about our commitment to protecting your and your children's privacy, please contact us at firstname.lastname@example.org or by mail at the address below.
XII. HOW TO CONTACT US
Call us: (866) 918-0235
Write us: One Bills Drive, Orchard Park, New York 14127, Attn: Privacy Officer.
Last Updated: December 23, 2019