California Online Privacy Protection Act (CalOPPA)
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not specifically market to children under the age of 13 years old.
Under California Civil Code section 1798.83, California residents may request a notice describing what categories of personal data we share with third parties or other affiliates for business and direct marketing purposes. Request for the information we shared may include what category of data was shared and who it was shared with. Address and contact information of who we shared it with will also be provided in our response. Please submit your request in writing to firstname.lastname@example.org. Please allow 30 days for our written response.
In additions to US privacy laws, citizens of the European Union (EU) may have additional rights provided them under the General Data Protection Regulations (GDPR). These rights include the right to:
- be informed about the personal data we collect and how we use it.
- “block” or restrict the use of your personal data. When you choose to restrict the use of your personal data, we will store but not use or share your personal data in any way.
- access the personal data we are storing or have shared with others for business purposes.
- receive confirmation when we used your data for business purposes.
- have your personal data corrected or amended.
- request a copy of the personal data you provided us.
- request the removal or deletion of your personal data so long as there is no compelling reason for us to continue using it.
- object to the use of your personal data for the following reasons.
- Processing was based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);
- Processing for purposes of scientific/ historical research and statistics;
- Direct marketing (including profiling);
- Rights in relation to automated decision-making and profiling.
Objections to use of your personal data should be directed to email@example.com.
All request from EU citizens will be processed within 7 days of validation.
Automated Individual Decision-Making and Profiling.
EU citizens have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them.
When do we collect information?
We collect information from you when you visit our site, place an order, subscribe to a newsletter, respond to a survey or marketing communication, participate in a forum or blog, accept an offer for a promotional item, provide us with feedback, follow a link to an affiliate’s website, fill out a form, use Live Chat, open a support ticket or enter information on our site.
How do we use your information?
We may use the information we collect from you in the following ways:
- To personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested.
- To improve our website in order to better serve our visitors.
- To allow us to better service you in responding to your customer service requests.
- To administer a contest, promotion, survey or other site feature.
- To quickly process your transactions.
- To ask for ratings and reviews of services or products’.
- To initiate follow up correspondence (live chat, email or phone inquiries).
- To resolve issues or data conflicts.
What personal information might we collect?
- Physical address
- Company name
- Email address
- Phone number
- IP address (captured and stored in an anonymized form)
- Your devices’ web browser, unique identifier, screen size and operating system
- Your browsing activity on this site
- Geographic region
- Preferred Language
How do we protect your information?
We do not use vulnerability scanning and/or scanning to PCI standards.
An external PCI compliant payment gateway handles all CC transactions.
We use regular Malware Scanning.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user places an order enters, submits, or accesses their information to maintain the safety of your personal information.
All transactions are processed through a gateway provider and are not stored or processed on our servers.
There are two categories cookies can be placed in. Session and Persistent:
- Session cookies are temporary and are erased when you close your browser. This type of cookie serves you during a single visit and allows the information you have provided to continue on to another page on the same site.
- Persistent cookies on the other hand stay on your computer until you erase them or the expire. This type of cookie has the ability to remember your last visit allowing you to continue from where you last visited. You may find you left an item in the shopping cart and it is still there. It can remember your user name and if you have set your browser preferences to do so, it can even pre-fill your password.
Within these two categories we use the following types of cookies.
Strictly Necessary cookies provide the functionality that allow you to move around our website as well as know which language to use, use location information to allow you use a map, keep track of items you have placed in a shopping cart, understand your preferences, shown an interest in and remember that data you provide to enrich your experience as you navigate the website.
Performance cookies simply allow us to improve the user experience. We use data from these cookies to analyze how our website is being used. This information allows us to improve the user experience. It is also allowing us to improve error mitigation, monitoring peak usage patterns, manage blog content, monitor marketing campaign effectiveness so as to better serve our visitors. In general, Performance cookies compile aggregate data about site traffic and site interaction to allow us to better serve our future visitors.
We may also use trusted third-party services that track this information on our behalf.
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.
If users disable cookies in their browser:
If you turn cookies off it will turn off some of the features of the site.
Web Beacons, Tags and other tracking Technologies:
We use web beacons and tags to improve the overall experience for our current and future visitors. A web beacon is an often-transparent graphic image usually no larger than 1 pixel by 1 pixel that are used to monitor a web users behavior when visiting a website, registers on our website, places an order, responding to a survey or marketing communications, subscribe to a newsletter, participate in a forum or blog, accept an offer for a promotional item, provide us with feedback, follow a link to an affiliate’s website, opening an email, fill out a form, use Live Chat, open a support ticket or enter information on our site. They are often used in combination with cookies. Web beacons are typically used in marketing campaigns or analytics. They are also used to give the website or marketing company a snapshot of what, how, where and when information has been used. Their use is primarily for statistical purpose and by themselves contain no personal data. Tag perform a similar service in providing statistical data a website would use to improve customer experience or to see if services or offerings are being considered or accepted. Like beacons, tags do not contain personal data. Tags and web beacon are used by us to provide for generic data analysis of how our website is being utilized and how our offering are servicing our users’ needs over extended periods of time.
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when it’s release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property or safety.
However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses without your explicit consent.
Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
We, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and may use third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website.
How does our site handle Do Not Track signals?
We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
Does our site allow third-party behavioral tracking?
It’s also important to note that although we allow third-party behavioral tracking, Donewell Digital along with it’s DBA’s and divisions, does not track a users’ gender, age, sex, ethnic background or sexual orientation. Any behavior tracking we do perform is used strictly for marketing purposes.
Disclosures to Successors:
In the event this business becomes changes ownership, we reserve the right to retain and/or transfer your Personal Data to the new owner. Should the new owner acquire the rights to use your Personal Data, it shall be in according to the same terms of privacy represented herein.
Fair Information Practices:
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will notify uses via an in-site notification within 7 business days, should a data breach occur:
We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.