1. DATA WE COLLECT
2. HOW YOUR DATA IS USED
3. YOUR CHOICES
4. HOW WE PROTECT YOUR DATA
5. HOW TO CONTACT US
1.1 Data you provide to us
When you create an account; place an order or make a return or exchange; inquire about our Services; request emails from us about our offerings; opt-in to marketing activities; receive a gift from someone else who purchases through our website; follow us or submit information, including photographs, via third-party social media platforms (e.g., Facebook, Twitter, Google+, etc.); enter a contest or participate in a marketing survey; or submit other information to us directly or through third-party services, you are asked to provide personal information that uniquely identifies you.
We collect the following types of personal information: your contact information (such as name, postal or email address, or phone number), birthdate, name and email address of gift card recipients, username and password, payment information such as PayPal, credit or debit card details, shipping information (including the shipping address and phone number), purchase history, shopping preferences (such as an interest in a particular product category), information about your age, information you provide by interacting with us through social media, and photographs that you submit on our sites or through our social media channels.
You don’t have to provide any information that directly identifies you to browse our website. However, we will ask you to provide certain personal information as necessary to provide you with requested products and services, complete the relevant transaction, or, if you wish, to avail of special features or functions of our website.
Content Posted by You. We may provide you with the ability to rate or review products or services we sell, or otherwise post content on our website our through our social media channels. Any comments or reviews that you provide are accessible to all users of the relevant platform and may be visible to others or collected by third-parties, so you should use discretion when posting information and you should not post personal information. If you do post personal information, you do so at your own risk.
1.2 Data we automatically get from you
We and our affiliates, analytics or service providers, and select businesses with whom we have marketing relationships, use technologies such as cookies, beacons, tags, and scripts, to analyze trends, administer the website, tracking users’ movements around the website, and to gather non-sensitive demographic information about our user base as a whole. We may receive reports based on the use of these technologies on an individual or aggregate basis. Further information is contained below.
Analytics & Log Files. As is true of most websites, we gather certain information automatically and store it in log files. When you visit our websites, we automatically collect the following types of information: information about the device you use to access the Internet (such as the internet protocol (IP) address, internet service provider (ISP) or mobile carrier, proxy server, device type, browser and add-ons, and operating system), referring/exit pages, date/time stamps, information on your shopping behavior on our website (e.g., page views, paths you take through our websites, etc.), general geographic location information (e.g., country or city) that shows where you are when browsing our websites, and search terms that you enter to reach our websites or enter on our websites to find products. We utilize analytics services and log files to help us track the efficacy of our websites, help us learn more about our customers’ and visitors’ shopping behavior, and for troubleshooting and maintenance purposes. We may collect and summarize customer and visitor information in a non-personal, aggregate format for statistical and research purposes.
Targeted Advertising. Third-party advertising companies serve ads on our behalf across the Internet. They may collect information about you through cookies and/or web beacons on our websites and other sites, and then display targeted ads on various sites that you visit. If you wish to not have this information used for the purpose of serving you interest-based ads, you may opt-out. Please note this does not opt you out of being served ads. You will continue to receive generic ads. To opt out of third-party advertising or analytics, please see the section entitled “Your Choices” below.
Social Media Features. Some of our websites include social media features, such as the Facebook “Like” button and widgets, the “share this” widget, or interactive mini-programs that run on our site. These features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third-party or hosted directly on our websites. Your interactions with these features are governed by the privacy statement of the company providing it.
Returned Products. If you return products that may contain stored or recorded personal information, like computers, media storage devices, etc., you are responsible for deleting or removing all personal information and media from your product before you return it. We are not responsible for any personal information or media that you do not delete or remove from such product.
2.1 How we use your data
We use your data to provide, support, personalize and develop our Services. How we use your personal information will depend on which Services you use, how you use those Services and the choices you make in your settings. We use the information that we have about you to provide and personalize, including with the help of automated systems and inferences we make, our Services (including ads) so that they can be more relevant and useful to you and others. When providing direct services, advertising or marketing, or performing security, administrative, or customer service activities, we may use the information we collect in the following manner, including without limitation, to:
2.2 How we share your data
Marketing Partners. If you accept an offer from any of our third-party marketing partners, we will share your contact and billing information with that specific third party, in accordance with the terms of the offer. If you have previously requested that your personal information not be shared with third parties, but then later consent by accepting a third-party marketing offer available through one of our websites, we will share your contact and billing information with that specific third-party, in accordance with the terms of the offer.
Some of these operations may result in personal information collected by COMPANY being stored or processed outside of the EEA and, as a result, your personal information may be accessible to law enforcement and regulatory authorities in accordance with the law of these foreign jurisdictions.
Direct Marketing and Do Not Track Signals. We do not share personal data with third parties for their direct marketing purposes without your permission.
Security. In the event we become aware that the security of the sites has been compromised or users’ personal information has been disclosed to unrelated third parties as a result of external activity, including, but not limited to, security attacks or fraud, we reserve the right to take reasonably appropriate measures, including, but not limited to, investigation and reporting, as well as notification to and cooperation with data protection and law enforcement authorities.
Legal Disclosure. We may need to share your data when we believe it’s required by law or to help protect the rights and safety of you, us or others. It is possible that we will need to disclose information about you when required by law, subpoena, or other legal process or if we have a good faith belief that disclosure is reasonably necessary to (1) investigate, prevent, or take action regarding suspected or actual illegal activities or to assist government enforcement agencies; (2) enforce our agreements with you, (3) investigate and defend ourselves against any third-party claims or allegations; or (4) protect the security or integrity of our Service. We attempt to notify customers about legal demands for their personal data when appropriate in our judgment, unless prohibited by law or court order, or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority, but we do not promise to challenge every demand.
Cross-Border Data Transfers. The vast majority of your data that we process or store is kept within the EU, though it may not be kept within your country. However, to provide you with certain Services (i.e., to deliver customers’ digital subscriptions), we may share your information with processors outside of the EU, or with our corporate affiliates. When we process data outside of the EU, we rely on legally-provided mechanisms to transfer data across borders because countries where we process data may have laws which are different, and potentially not as protective, as the laws of your own country. In this regard, we will continue to use European Commission-approved Standard Contractual Clauses as a legal mechanism for data transfers from the EU, which remain an approved method of transferring data outside of the EU under the General Data Protection Regulation. You may request a copy of the Standard Contractual Clauses by contacting us at firstname.lastname@example.org.
Data Controller. Unless explicitly stated otherwise, COMPANY is the controller of your personal data provided to, or collected by or for, or processed in connection with our Services.
3.1 Rights to access and control your personal information
We provide many choices about the collection, use and sharing of your data, from deleting or correcting data you include in your profile to advertising opt-outs and communication controls.
For more information you can contact us at email@example.com, and/or at our address.
Endurolete Kessel Limited
Unit 507, 5/F, Chinachem Golden Plaza,
77 Mody Road, Tsim Sha Tsui East,
Kowloon, Hong Kong
For further details, see section 3.2 below.
For personal information that we have about you, you can request the following:
Delete Data: You can ask us to erase or delete all or some of your personal data (e.g., if it is no longer necessary to provide Services to you).
Object to, or Limit or Restrict, Use of Data: You can ask us to stop using all or some of your personal data (e.g., if we have no legal right to keep using it) or to limit our use of it (e.g., your personal data is inaccurate or unlawfully held).
Right to Access and/or Take Your Data: you may contact COMPANY’s Data Protection Officer at firstname.lastname@example.org to request a copy of your personal data and can ask for a copy of personal data be provided in machine readable form. You can also ask to review any of the information that we have retained, how we have used it, and to whom we have disclosed it at any time by contacting us.
3.2 Opting out of communications
We offer you choices about how to manage how we communicate with you.
Security. We monitor for and try to prevent security breaches. We implement appropriate security safeguards designed to protect your data. For example, electronic records are stored in secure, limited-access servers; electronic data is stored behind secured encryption access; we use technological tools like firewalls and passwords; and we ensure our employees are trained on the importance of maintaining the security and confidentiality of personal information. We regularly monitor our systems for possible vulnerabilities and attacks, however, we cannot warrant the security of any information that you send us. There is no guarantee that data may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, organizational, or managerial safeguards.
SSL Technology. Our website uses encryption technology, such as Secure Sockets Layer (“SSL”), to protect your personal information during data transport. SSL encrypts ordering information such as your name, address, and credit card number.
Lawful Bases for Processing. We will only collect and process personal data about you where we have a lawful bases to do so. Lawful bases include consent (where you have given it), contractual necessity (where processing is necessary for the performance of a contract with you (e.g., to deliver Services you have requested)), and legitimate interests. Where we process data based on consent, we will ask for your explicit affirmative consent. We will rely on legitimate interests as a basis for data processing only where the processing of your data is not overridden by your interests or fundamental rights and freedoms.
At any time, you can withdraw consent you have provided by contacting us as set forth below, but that will not affect the lawfulness of the processing of your personal data prior to such withdrawal. Where we rely on legitimate interests, you have the right to object.
Minors. Our website is not intended for use by anyone under the age of 13. If you are under 13, please do not attempt to create an account or send any information about yourself to us, including your name, address, telephone number or email address. No one under the age of 13 may provide any personal information to us, and we do not knowingly collect personal information from anyone under the age of 13. If we learn that we have collected personal information from a child under age 13 without verification of parental consent, we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under the age of 13, please contact us immediately.
If you have questions about how we collect, store and use personal data, please contact us at the following:
Phone: 1-888-296-1429 (US)
Please remember that email sent over the Internet is not secure. If you send an email directly to us from your own email account, the contents will not be encrypted. Do not send sensitive information (like a credit card number) to us via unencrypted email. We are not responsible for any transmission by you of any personal information over the Internet.