INFORMATION THAT WE COLLECT
Personal Data is information that can be used to identify You specifically, including Your name, shipping address, email address, telephone number, or demographic information like Your age, gender, or hometown. You consent to giving Us this information by providing it to Us voluntarily on Our website or any mobile application. You provide some of this information when You register with or make purchases from Our website. You may also provide this information by participating in various activities associated with Our site, including responding to blogs, contacting Us with questions, or participating in group training. Your decision to disclose this data is entirely voluntary. You are under no obligation to provide this information, but Your refusal may prevent You from accessing certain benefits from Our website or from making purchases.
Derivative data is information that Our servers automatically collect about You when You access Our website, such as Your IP address, browser type, the dates and times that You access Our website, and the specific pages You view. If You are using a mobile application, Our servers may collect information about Your device name and type, Your phone number, Your country of origin, and other interactions with Our application. Derivative data may also include data collected by third-party service providers, such as advertising and analytics providers, and may include cookies, log data, or web beacons. Cookies are discussed more fully below. Derivative data collected by third-party service providers generally does not identify a specific individual.
SOCIAL NETWORKING DATA
We may access personal information from social networking sites and apps, including Facebook, Instagram, Linkedin, Twitter, Snapchat, or other social networking sites or apps not named specifically here, which may include Your name, Your social network username, location, email address, age, gender, profile picture, and any other public information. If You do not want Us to access this information, please go to the specific social networking site and change Your privacy settings.
MOBILE DEVICE DATA
If You use Our website via a mobile device or app, We may collect information about Your mobile device, including device ID, model and manufacturer, and location information.
On occasion, You may give Us additional data in order to enter into a contest or giveaway or to participate in a survey. You will be prompted for this information and it will be clear that You are offering this kind of information in exchange for an entry into such a contest or giveaway.
HOW WE USE YOUR INFORMATION
Your information allows Us to offer You certain products and services, including the use of Our website, to fulfill Our obligations to You, to customize Your interaction with Our company and Our website, and to allow Us to suggest other products and services We think might interest You. We generally store Your data and transmit it to a third party for processing. However, to the extent We process Your data, We do so to serve Our legitimate business interests (such as providing You with the opportunity to purchase Our goods or services and interact with Our website or mobile app).
Specifically, We may use the information and data described above to:
- Create and administer Your account; and
- Deliver any products or services purchased by You to You; and
- Correspond with You; and
- Process payments or refunds; and
- Contact You about new offerings that We think You will be interested in; and
- Interact with You via social media; and
- Send You a newsletter or other updates about Our company or website; and
- Deliver targeted advertising; and
- Request feedback from You; and
- Notify You of updates to Our product and service offerings; and
- Resolve disputes and troubleshoot any problems; and
- Administer contests or giveaways; and
- Generate a profile that is personalized to You, so that future interactions with Our website will be more personal; and
- Compile anonymous statistical data for Our own use or for a third party’s use; and
- Assist law enforcement as necessary; and
- Prevent fraudulent activity on Our website or mobile app; and
- Analyze trends to improve Our website and offerings.
GROUNDS FOR USING AND PROCESSING YOUR DATA
The information We collect and store is used primarily to allow Us to offer goods and services for sale. In addition, CASTLE OF OUR SKINS, INC may collect, use, and process Your information based on the following grounds:
LEGITIMATE BUSINESS INTERESTS
We may use and process Your data for Our legitimate business interests, which include, among other things, communicating with You, improving Our goods or services, improving Our website, and providing You with the information or products that You have requested.
Performance of a Contract: We may use and process Your information to enter into a contract with You and to perform Our contractual obligations to You.
Consent: We may use Your data, or permit selected third parties to use Your data, based on Your consent to Our use and sharing of that data. You may withdraw Your consent at any time, but doing so may affect Your ability to use Our website or other offerings.
As required by law: We may also use or process Your data as required for Us to comply with legal obligations.
WHY WE DISCLOSE YOUR INFORMATION
The following are specific reasons why We may share Your information:
Third-Party Processing: We may disclose Your information to third parties who assist Us with various tasks, including payment processing, hosting services, email delivery, communications, and customer service. We may not always disclose these third-party processors if not required by law. We do not authorize them to use or disclose Your personal information except in connection with providing Our company with their services.
By Law: We may share Your data as required by law or to respond to legal process, including a subpoena, or as necessary to protect the rights, property, and safety of others. This includes sharing information with other parties to prevent or address fraud and to avoid credit risks.
To Protect Our Company: We may use Your information to protect Our company, including to investigate and remedy any violations of Our rights or policies. We may also disclose Your information as reasonably necessary to acquire and maintain insurance coverage, manage risks, obtain financial or legal advice, or to exercise or defend against legal claims.
Other Third Parties: We may share information with advertisers, Our investors, or other third parties for the purpose of conducting general business analysis. If We do so, We will make reasonable efforts to inform You if required by law.
Interaction With Others: If You interact with others on Our website or mobile app, such as participating in a group chat or a group online course, other users may have access to some of Your data, including Your name, profile picture, and Your history of interaction with Our website, such as prior comments or posts.
Online Postings: When You post online, Your posts may be viewed by others, and We may distribute Your comments outside the website.
External Links: Our website may include hyperlinks to other websites not controlled by Us. We suggest You exercise caution when clicking on a hyperlink. Although We use reasonable care in including a hyperlink on Our own web page, We do not regularly monitor the websites of these third parties, are not responsible for any damage or consequences You suffer by using these hyperlinks. We are not bound by the Privacy Policies of any third-party website that You access by a hyperlink, nor are they bound by ours. We encourage You to read the Policies of those third-party websites before interacting with them or making purchases. They may collect different information and by different methods than We do.
Other Purposes: We may disclose Your personal data as necessary to comply with any legal obligation or to protect Your interests, or the vital interests of others or Our company.
Log Files: Like many other websites, We make use of log files. These files merely log visitors to the site – usually a standard procedure for hosting companies and a part of hosting services’ analytics. The information inside the log files includes internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date/time stamp, referring/exit pages, and possibly the number of clicks. This information is used to analyze trends, administer the site, track user’s movement around the site, and gather demographic information. IP addresses and other such information are not linked to any information that is personally identifiable.
We may use any or all of the following types of cookies:
Essential Cookies: These cookies help Us run Our website and improve Your experience with Our website. These cookies may allow content to load more quickly or allow You to access “members only” or repeat-users sections of Our website.
Functionality Cookies: These cookies allow Us to remember Your preferences from earlier visits to Our website, including login information, so that You do not have to input the same information multiple times.
Social Media Cookies: These cookies allow Us to record when You have engaged with a social media tool while visiting Our website. For example, We may record that You have “liked” a certain aspect of Our website. The social media application may also share data with Us that You have allowed it to share. If You wish to change Your social media sharing settings, please visit the privacy settings of the social media network.
Advertising Cookies: We may work with third-party advertising partners who collect information about Your browsing habits on Our website in order to later display a relevant ad about Our services when You are on a third-party site such as a social media platform. These cookies may also allow Us to access Your location.
Pixel Tags: We may use a pixel tag, which is a small graphic file that allows Us to monitor the use of Our website and provide Us with information regarding Your interaction with the website. These tags may collect the IP address from the device You are using, and the browser type. Pixel tags are also used by Our third-party partners to collect information when You visit Our website, and We may use this information to display targeted advertisements.
Email Confirmations: We may receive email confirmations when You open an email from Us. This allows Us to determine if users are responding favorably to Our email communications and to improve those communications.
Other Technologies: Other data technologies may be used that collect comparable information for security, fraud detection, and similar purposes, to give Us information about Your use of Our website, and to greater improve Our website and service offerings to You.
Twitter: You can opt-out of Twitter’s internet-based ads by visiting: https://help.twitter.com/en/safety-and-security/privacy-controls-for-tailored-ads.
Facebook: You can opt-out of Facebook’s interest-based ads by visiting: https://www.facebook.com/help/568137493302217.
PROCESSING YOUR INFORMATION
For the most part, We do not process Your information in-house, but give it to third-party processors for processing. For example, when PayPal takes Your payment information, they are a third-party processor. They process Your payment and remit the funds to Us. So in many instances, it will be necessary for Us to transmit Your information to a third-party processor, as We do not have the capability to perform these functions. More detail on third-party processing is detailed below.
However, We may, from time to time, process Your data internally. The legal basis for this processing is both Your consent to the processing, Our need to conduct Our legitimate business interests, and to comply with legal obligations. Our purposes in processing this information, if We do, is to administer, maintain, and improve Our website and offerings, to enter into contracts with You, to fulfill the terms of those contracts, to keep records of Our transactions and interactions, to be able to provide You with goods and services, to comply with Our legal obligations, to obtain professional advice, and to protect the rights and interests of Our company, Our customers (including You), and any third parties. We may process the following data:
- Data associated with Your account, such as Your name, address, email address, and payment information.
- Data about Your usage of Our website, such as Your IP address, geographical information, and how long You accessed Our website and what You viewed.
- Data related to Your personal profile, such as Your name, address, profile picture, interests and hobbies, or employment details.
- Data that You provide Us in the course of using Our services.
- Data that You post on Our website, such as comments or responses to blogs.
- Data that You submit to Us when You make an inquiry regarding Our website or offerings.
- Data related to Your transactions with Us, including Your purchase of Our goods or services. This information may include contact details and payment information.
- Data that You provide to Us when You subscribe to Our emails or newsletters, including Your email address and contact information.
- Data that You submit to Us via correspondence, such as when You email Us with questions.
- Any other data identified in this policy, for the purpose of complying with Our legal obligations, or to protect the vital interests of You or any other natural person.
Our website is hosted by servers located in the United States of America. Therefore, if You reside outside the United States of America, some of Your data will be transferred internationally to and stored on those servers. In addition, We may use third-party processors (including payment processors) and subcontractors located in the United States of America. We use all reasonable methods to protect the safety of Your data during transfer, including hosting Our website on reputable servers and engaging reputable third-party processors. By using this site and providing Us with information, You consent to this transfer, processing, and storage of Your information in the United States of America. Note that the privacy laws in the United States of America may not be as strict as those in other countries. Please be aware that:
- Data that is provided to Us is stored on secure servers. Payment information and other sensitive data will be encrypted to ensure its safety.
- The transmission of data via the internet is never completely secure, and We cannot guarantee the security of data that is sent to Us electronically. Your transmission of data to Us is at Your own risk.
- Where data that You have transmitted to Us is password protected, You are responsible for keeping the password confidential. You are exclusively responsible for any breaches of Your data that results from Your own disclosure of or failure to protect Your password.
We retain personal data as long as it is needed to to conduct Our legitimate business purposes or to comply with Our legal obligations, or until You ask Us to delete Your data. For example, We will retain certain personal information indefinitely for the purposes of maintaining Your account, unless and until You delete Your account. Data that We gather for a specific and particular purpose, such as assisting law enforcement or analyzing trends, will be kept for no longer than is necessary for that particular purpose. Data that is no longer needed by Us for any of the purposes listed above will be permanently deleted.
We will honor Your request to delete Your data, as described more fully below, unless We are required by law to retain access to the data. However, note that We cannot control the retention policies of third parties. If You wish to have any third parties, including those to whom We’ve transmitted Your data, delete that data, You will need to contact those third parties directly. You may request from Us a list of all third parties to whom We have transmitted Your data.
We may retain usage data (that is, data that is gathered by Our company or third-party analytics companies for the purpose of analyzing the use of Our website) as needed for internal analysis purposes. This type of data is usually retained for a shorter period of time than personal data, unless the data is necessary to improve the security or functionality of Our website or offerings, or We are legally obligated to retain the data for a longer period of time.
SECURITY OF YOUR INFORMATION
We take all reasonable steps to protect Your personal data and keep Your information secure. We use recognized online secure payment systems and implement generally accepted standards of security to protect against personal data loss or misuse. However, no security measure is foolproof, and no method of data transmission can be guaranteed against interception or misuse. We cannot guarantee complete security of any information You transmit to Us.
We will notify You promptly of any known breach of Our security systems or Your data which might expose You to serious risk.
This website or mobile app is not designed for use by children under age 16, and We do not knowingly solicit personal data from anyone under age 16. If You are under age 16, do not access or use Our website or related products or services. If You become aware that We have collected data of anyone under the age of 16, please contact Us so that We may delete that data.
You have certain rights with respect to Your personal data, as outlined below. Note that We may charge You a reasonable fee for actions that You ask Us to take with respect to Your data. In addition, We reserve the right to request that You provide Us with evidence of Your identity before We take any action with respect to the exercise of Your data rights. Further, Your rights may be restricted or nullified to the extent they conflict with Our compelling business interests, the public interest, or the law.
UPDATE ACCOUNT INFORMATION
You have the right to update or change any information You have provided to Us. To update or delete Your information, please contact Us at firstname.lastname@example.org.
CONFIRM PERSONAL DATA AND ITS USE
You have the right to request that We confirm what data We hold about You, and for what purposes. You also have the right to confirmation of whether We process Your data or deliver Your data to third-party processors, and for what purposes. We will supply You with copies of Your personal data unless doing so would affect the rights and freedoms of others.
Change Consent: You have the right to change Your consent to Our use of Your information. In such cases, We may require You to delete Your account with Us, as described above, and You may not have full access to Our website.
Request a Copy of Data: You have the right to request a digital copy of the data that We hold about You. Your first request for a copy of Your personal data will be provided free of charge; subsequent requests will incur a reasonable fee.
Transfer Your Data: You have the right to request that We gather and transfer Your data to another controller, in a commonly used and machine readable format, unless doing so would cause Us an undue burden.
Delete All Data: You have the right to request that We delete all data that We hold about You, and We must delete such data without undue delay. There are exceptions to this right, such as when keeping Your data is required by law, is necessary to exercise the right of freedom of expression and information, is required for compliance with a legal obligation, or is necessary for the exercise or defense of legal claims. Such a request may result in a termination of Your account with Us and You may have limited or no use of Our website.
Emails and Communications: You may opt out of receiving future email correspondence from Us by checking the appropriate box when You register for the account or make a purchase. You may change Your communication settings by contacting Us at email@example.com.
Marketing Communications: You may opt out of receiving any third-party marketing communications or having Your personal information used for marketing purposes. You may do this by contacting Us at firstname.lastname@example.org.
Processing: You may, in some circumstances, restrict the processing of Your data, such as when You contest the accuracy of Your data or when You have objected to processing, pending the verification of that objection. When processing has been restricted, We will continue to store Your data but will not pass it on to third-party processors without Your consent, or as necessary to comply with legal obligations or protect Your rights or those of others or Our company. In addition, You may opt out of any processing of Your data altogether. Note, however that doing so may result in the termination of Your account and loss of access to Our website.
CALIFORNIA PRIVACY RIGHTS
The State of California has established its own unique regulations that apply to California residents.
As of its effective date of January 1, 2020 We are also compliant with the California Consumer Privacy Act Of 2018, Cal. Civ. Code §§ 1798.100 Et Seq. (CCPA).
Any California resident may request, free of charge, the personal information We have collected or stored about themselves or about a member of their household. For security purposes, We reserve the right to ask for verification of Your identity and proof of your California residency at the time of your request.
Any California resident has a right to request the personal data We have collected, or request deletion of the personal data We have collected, including but not limited to:
- Any personally identifying information, such as a real name, alias(es), mailing or resident address, IP address, email address, account name, biometrics, or any other data that could uniquely identify a California resident; and
- Commercial information, including products or services purchased, obtained, or considered, search history, interactions with Our website, or any other purchasing or browsing history of Our site and/or offer(s); and
- Site comments made publicly or privately; and
- Geolocation data; and
- Professional or employment-related information; and
- Education information.
We reserve the right to collect any of the above data on California residents and their households.
We do not plan on selling your data. Regardless, any California resident can email us at email@example.com to explicitly request to opt-out of any such sale of data.
California residents also have the option to request a full deletion of their account and any data We have collected and associated with them.
We agree to comply with any data request or deletion made pursuant to the CCPA in a reasonable timeframe, during normal business hours and excluding holidays or Our pre-scheduled time off.
We offer the opportunity for You to volunteer certain information to Us that is used for email and marketing purposes. This information includes, but is not limited to, Your name and email. You will have an opportunity to unsubscribe from any future communications via email, but We reserve the right to maintain a database of past email subscribers. We reserve the right to use this information as reasonably necessary in Our business and as provided by law. Your information will be shared with reasonably necessary parties for the ordinary course of conducting Our business, such as through Facebook ads or Google Pay Per Click marketing campaigns. We do not ever sell Your information to third parties