Effective Date: May 24, 2018
Blatant Products, LLC
4355 Cobb Parkway Suite J 216
Atlanta, GA 30339 USA
1. Privacy Statement.
2. Personal Data Collection.
The categories of Personal Data we may collect, Control or Process pertaining to you and subject to applicable law, areasfollows:
• Personal Information: Name(s); nickname(s), gender; date of birth; age; marital status; government issued identification number(s); nationality; lifestyle and social circumstances; photo images; signatures; and personal appearance and behavior.
• Contact Information: address; telephone number; cell phone number, email address; and social media profile details.
• Financial information: billing address, bank account numbers; credit card numbers; debit card numbers, cardholder or account holder name and details.
• Electronic Identifying Data: IP addresses; cookies; activity logs; online identifiers; unique device identifiers; and geolocation data.
3. Collection of Personal Information.
We collect Personal Information about you from a variety of sources:
• Directly from you in the ordinary course of business;
• Public information or information provided by third parties who collected the same.
• We collect or obtain Personal Information when you visit our Website purchase products from us. When you visit our Website, your device and browser may automatically collected and disclose certain information (such as device type, operating system, browser type, browser settings, IP address, language settings, dates and times of connecting to a website and other technical communications information), some of which may constitute Personal Data.
Network and Information Security
We use reasonable efforts to prevent unauthorized release of or access to your personal data. However, we cannot guarantee that your information will not be disclosed or accessed by accidental circumstances or by the unauthorized acts of others. If Purple Tea Skincare learns of a security systems breach, then we may attempt to notify you electronically so that you can take appropriate protective steps. Purple Tea Skincare may also post a notice on the Site if a security breach occurs.
Depending on where you live, you may have a legal right to receive notice of a security breach in writing. To receive a free written notice of a security breach, you should notify us at firstname.lastname@example.org. The security of your personal information is important to us. When you enter sensitive information (such as credit card information, billing address, phone number) on our registration or order forms, we encrypt that information using secure socket layer technology (SSL).
4. The Legal basis for Collecting and Processing your Personal Data.
We will not share, trade, or sell credit card information or Personal Information to any 3rd party without your permission.
We seek to collect or otherwise Process your Personal Data, for the following legal basis:
• As necessary for compliance with a legal obligation under a contract with you;
• As necessary for the detection or prevention of crime (including the prevention of fraud) to the extent permitted by applicable law;
• As necessary for the establishment, exercise or defense of legal rights;
• We have, in accordance with applicable law, obtained your explicit consent prior to collecting your Personal Data. This legal basis is only used in relation to collection that is voluntary in doing business with us and is not used for collection that is necessary or obligatory; or
• Collection is necessary for reasons of substantial public interest and occurs on the basis of an applicable law that is proportionate to the aim pursued and provides for suitable and specific measures to safeguard your fundamental rights and interests.
5. Age Limitations.
We do not direct our Website or Services to children under the age of 13. We do not knowingly collect information, including personal data, from children or other individuals who are not legally able to use our Website or services. If we obtain actual knowledge that we have collected personal data from a child under the age of 13, we will promptly delete it, unless we are legally obligated to retain such data. Contact us if you believe that we have mistakenly or unintentionally collected information from a child under the age of 13.
Tel: 1 (800) 954-0446
6. Purposes For Which we may Use or Process your Personal Data.
The purposes for which we may Process Personal Data are as follows:
• Signing up new clients; and compliance with our internal compliance requirements, policies and procedures.
• Maintaining and updating your contact information where appropriate.
• Marketing and promotional activities.
• Providing you with information or assistance that you request from us;
• Providing you with the services requested;
• Notifying you about changes or additions to our products and services;
• Monitoring and improving the quality of our services and products;
• Quality assurance and training purposes;
• Complying with our legal and regulatory requirements.
7. Disclosure of Personal Data to Third Parties.
We disclose your Personal Data to other entities for legitimate business purposes including providing products and services to you, in accordance with applicable law. In addition, we may disclose your Personal Data to:
• Your representatives as requested or authorized;
• Our vendors, subcontractors and service providers. We may share your data with our services providers who process your personal data to provide the products or services to us, you or on our behalf. We have contracts with our service providers that prohibit them from sharing the information about you that they collect or that we provide to them with anyone else or using it for other purposes.
• We may share your information with our parent company and our affiliates, which are entities under common ownership or control of our ultimate parent company. Our accountants, auditors, financial advisors, lawyers and other outside professional advisors to us, subject to binding contractual obligations of confidentiality;
• Governmental, legal, regulatory, or similar authorities, central and/or local government agencies, upon court order, request or where required, including reporting any actual or suspected breach of applicable law or regulation or our contractual agreements;
• We may disclose the personal information we collect when we believe disclosure is necessary to investigate, prevent, or respond to suspected illegal or fraudulent activity or to protect the safety, rights, or property of us, our users, or others.
• Third party processors located anywhere in the world,
• Any relevant party, claimant, complainant, enquirer, law enforcement agency or court, to the extent necessary to respond to a court order, or in the exercise or defense of legal rights in accordance with applicable law;
• Any relevant party for the purposes of prevention, investigation, detection or prosecution of a civil or criminal offence or the execution of civil or criminal penalties, including safeguarding against and the prevention of threats to public security in accordance with applicable law;
• In the event that we sell or transfer all or any relevant portion of our business or assets including in the event of a reorganization, dissolution or liquidation, the information is transferred automatically to the new owner;
• If we engage a third-party Processor to Process your Personal Data, the Processor will be subject to binding contractual obligations to: (i) only Process the Personal Data in accordance with our prior written instructions; and (ii) use measures to protect the confidentiality and security of the Personal Data; together with any additional requirements under applicable law.
• Other than as set forth above, we do not share personally identifiable information with other companies, apart from those acting as our agents in providing our product(s)/service(s), and which agree to use it only for that purpose and to keep the information secure and confidential. Also, our parent, subsidiary and affiliate companies, entities into which our company may be merged, or entities to which any of our assets, products, sites or operations may be transferred, will be able to use personal information. We will also disclose information we maintain when required to do so by law, for example, in response to a court order or a subpoena or other legal obligation, in response to a law enforcement agency's request, or in special cases when we have reason to believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be causing injury to or interference with (either intentionally or unintentionally) our rights or property. Users should also be aware that courts of equity, such as U.S. Bankruptcy Courts, might have the authority under certain circumstances to permit personal information to be shared or transferred to third parties without permission.
8. International transfer of Personal Data.
We transfer your Personal Data to other countries on the following basis:
• Adequacy decisions;
• Binding Corporate Rules; or
• Standard Contractual Clauses; or
• Other valid transfer mechanisms.
If you want more information about the safeguards applied to international transfers of personal data, please contact us at 1 (800) 954-0446.
9. Data Security.
We have implemented appropriate technical and organizational security measures designed to protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, access in accordance with applicable law. We maintain technical, physical, and administrative security measures designed to provide reasonable protection for your personal data against loss, misuse, unauthorized access, disclosure, and alteration. The security measures include firewalls, data encryption, physical access controls to our data centers, and information access authorization controls. While we are dedicated to securing our systems and services, you are responsible for securing and maintaining the privacy of your password(s) and account/profile registration information and verifying that the personal data we maintain about you is accurate and current. We are not responsible for protecting any personal data that we share with a third-party based on an account connection that you have authorized. You are responsible for ensuring that any Personal Data that you send to us are sent securely.
10. Data Accuracy.
We take reasonable steps designed to ensure that:
• Personal Data that we Process is accurate and kept up to date as necessary; and
• Personal Data that we Process which is inaccurate and not necessary to retain is timely destroyed and expunged
From time to time we may ask you to confirm the accuracy of your Personal Data.
11. Data Minimization and Retention.
12. European Union Citizen Legal Rights (GDPR).
• the right to request access to, or copies of, your Personal Data that we Process or control, together with information regarding the nature, processing and disclosure of those Personal Data;
• the right to request rectification of any inaccuracies in your Personal Data that we Process or control;
• the right to request, on legitimate grounds:
o erasure of your Personal Data that we Process or control; or
o restriction of Processing of your Personal Data that we Process or control;
o the right to have your Personal Data that we Process or control transferred to another Controller, to the extent applicable;
• where we Process your Personal Data on the basis of your consent, the right to withdraw that consent;
• the right to lodge complaints with a Data Protection Authority regarding the Processing of your Personal Data by us or on our behalf.
Subject to applicable law, as a European Union Member Citizen you may also have the following additional rights regarding the Processing of your Personal Data: • The right to object, on grounds relating to your particular situation, to the Processing of your Personal Data by us or on our behalf; and
• The right to object to the Processing of your Personal Data by us or on our behalf for direct marketing purposes.
• Subject to applicable law, you also have the right to (i) restrict our use of your personal data and (ii) lodge a complaint with your local data protection authority. If you are a resident of the European Economic Area and believe we maintain your Personal data within the scope of the General Data Protection Regulation (GDPR), you may direct questions or complaints to your lead supervisory authority. To exercise one or more of these rights, or to ask a question about these rights or any other provision of this Policy, or about our Processing of your Personal Data, please contact us at 1 (800) 954-0446.
13. California Resident Rights.
California residents have the right to receive, once a year, information about third parties with whom we have shared information about you or your family for their marketing purposes during the previous calendar year, and a description of the categories of personal information shared. In addition California residents have the right to know if we respond to do not track signals or cookies. We do not respond to such signals or cookies. As stated in this Policy, you have agreed to allow us to share information with third parties for their direct marketing purposes until you remove your information; and thus, you have agreed to this disclosure. California customers may request further information about our compliance with this law by sending us an email at email@example.com. Please note that we are only required to respond to one request per customer each year, and we are not required to respond to requests made by means other than through this email address.
14. Cookies and Technology Tracking.
15. Third party or Vendor Cookies.
16. Log Files.
We automatically collect and store certain information in server logs the following:
• Search activity when you use web search services (such as search queries) (“Search Data”).
• Internet protocol address (“IP Address”)
• The type of browser you are using when using our Services, including your browser's "user agent" (e.g., Internet Explorer, Safari, and other browsers)
• Device event information such as crashes, system activity, hardware settings, browser language, and the date and time of your request and referral URL
• Your geographic location
• The Domain name of your Internet Service Provider
• The source of traffic acquisition
• Date of traffic acquisition,
• Views on landing page, clicks on an action button on landing page, order pages and abandonment.
17. Credit card information.
To the extent that credit card-specific information is collected at the Website and any of our affiliates and/or subsidiaries, said information will be kept in confidence and will not be shared with any third parties other than our e-commerce partners for processing your transaction (and consumer credit agencies) without your prior informed consent. Notwithstanding the foregoing, the Company and our affiliates and/or subsidiaries reserve the right to share with third parties the fact that they have credit card information on file for specific users but they will not share specific credit card information with third parties without the user's prior informed consent.
If you have any comments, questions or concerns about our privacy practices or would like to opt-out of receiving our direct mail or catalogs, please contact our Chief Privacy Officer via email at firstname.lastname@example.org.
C/O Chief Privacy Officer
4355 Cobb Parkway, Suite J 216
Atlanta, GA 30339 USA