PRIVACY POLICY
This privacy policy has been compiled to better serve those who are concerned with how their ‘Personally Identifiable Information’ (PII) is being used online. PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website.
What personal information do we collect from the people that visit our blog, website or app?
When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, phone number, credit card information or other details to help you with your experience.
When do we collect information?
We collect information from you when you place an order, fill out a form or enter information on our site.
How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways: to quickly process your transactions; to send periodic emails regarding your order or other products and services; and/or to follow up with them after correspondence (live chat, email or phone inquiries).
How do we protect your information?
We do not use vulnerability scanning and/or scanning to PCI standards. An external PCI compliant payment gateway handles all credit card transactions. We use regular Malware Scanning. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology. We implement a variety of security measures when a user places an order to maintain the safety of your personal information. All transactions are processed through a gateway provider and are not stored or processed on our servers.
Do we use ‘cookies’?
Yes. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the site’s or service provider’s systems to recognize your browser and capture and remember certain information. For instance, we use cookies to help us remember and process the items in your shopping cart. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We use cookies to help us compile aggregate data about site traffic and site interaction, so that we can offer better site experiences and tools in the future, and we use cookies to understand and save user’s preferences for future visits. You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since each browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies. If users disable cookies in their browser, some of the features that make your site experience more efficient may not function properly.
Third-party disclosure
We do not sell, trade or otherwise transfer to outside parties your Personally Identifiable Information, unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when it’s release is appropriate to comply with the law, enforce our site policies, or protect ours or other’s rights, property or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising or other uses.
Third-party links
Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We, therefore, have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
GDPR
Our websites are primarily hosted in the USA.
We may also use outsourced services in countries outside the European Union from time to time in other aspects of our business.
Accordingly, data obtained within the UK or any other country could be processed outside the European Union. For example, some of the software our website uses may have been developed in the United States of America or in Australia.
We use the following safeguards with respect to data transferred outside the European Union:
the processor is within the same corporate group as our business or organization and abides by the same binding corporate rules regarding data processing.
California Online Privacy Protection Act
CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting Personally Identifiable Information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared. (See more at: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf) According to CalOPPA, we agree to the following: Users can visit our site anonymously. Once this privacy policy is created, we will add a link to it on our home page or, as a minimum, on the first significant page after entering our website. Our Privacy Policy link includes the word ‘Privacy’ and can easily be found on the page specified above. You will be notified of any Privacy Policy changes on our Privacy Policy Page. You can change your personal information by logging in to your account. We honor Do Not Track signals, and we Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place. It’s also important to note that we allow third-party behavioral tracking.
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online. We do not specifically market to children under the age of 13 years old.
HIPAA
The Standards for Privacy of Individually Identifiable Health Information (“Privacy Rule”) establishes, for the first time, a set of national standards for the protection of certain health information. The U.S. Department of Health and Human Services (“HHS”) issued the Privacy Rule to implement the requirement of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).1 The Privacy Rule standards address the use and disclosure of individuals’ health information (called “protected health information”) by organizations subject to the Privacy Rule (called “covered entities”), as well as standards for individuals’ privacy rights to understand and control how their health information is used. Within HHS, the Office for Civil Rights (OCR) has responsibility for implementing and enforcing the Privacy Rule with respect to voluntary compliance activities and civil money penalties.
A major goal of the Privacy Rule is to assure that individuals’ health information is properly protected while allowing the flow of health information needed to provide and promote high quality health care and to protect the public’s health and well-being. The Rule strikes a balance that permits important uses of information, while protecting the privacy of people who seek care and healing. Given that the health care marketplace is diverse, the Rule is designed to be flexible and comprehensive to cover the variety of uses and disclosures that need to be addressed.
This website, its operators and website developers and designers pledge to abide by HIPAA guidelines for confidentiality. The webmaster had signed a Business Associate Agreement, in part to not use or further disclose the PII, except as permitted by law. A copy of this agreement can be obtained by emailing [email protected]
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States, and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information. In order to be in line with Fair Information Practices, we will take the following responsive action, should a data breach occur: we will notify you via email within 7 business days, and we will notify the users via in-site notification within 7 business days. We also agree to the Individual Redress Principle, which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.