1. Purpose and Scope
1.1 Revisions to this Privacy Statement
1.2 Children Under the Age of 13
1.3 Inquiries or Concerns
2. Our Personal Data Collection and Use
2.1 What is Personal Data?
2.2 Personal Data We Collect and How We Collect it
2.3 Information We Collect Through Automatic Data Collection Technologies
2.4 Our Purposes in Collecting Personal Data
2.5 Types of Third Parties that May Receive Your Personal Data
3. Rights and Choices
3.2 EU Persons
4. Control and Security
4.1 Integrity and Confidentiality
4.2 Data Breach
5. Record Keeping
1. Purpose and Scope
We are committed to maintaining the accuracy, confidentiality, and security of your Personal Data. This Privacy Statement includes a description of the purposes for which we collect and use Personal Data, the types of Personal Data we collect, the types of third parties to which we may disclose your Personal Data and the purposes for doing so, the rights and choices you have for limiting the use and disclosure of your Personal Data, and how to contact us about our practices concerning Personal Data.
When we refer to “Company” “we” or ‘us” in this Privacy Statement, we are referring to Positive Lotus
1.1 Revisions to this Privacy Statement.
1.2 Children Under the Age of 16
Our Website is not intended for children under 16 years of age. No one under age 16 may provide Personal Data in the Website. We do not knowingly collect Personal Data from children under 16. If we learn we have collected Personal Data from a child under 16 without parent consent, we will delete that information. If you believe we might have information from or about a child under 16, please contact us at firstname.lastname@example.org
1.3 Inquiries or Concerns?
We are committed to resolving complaints about our collection or use of your Personal Data. Individuals with inquiries or complaints regarding our Privacy Statement policy should first contact us at email@example.com We will endeavor to answer your questions and advise you of any steps taken to address the issues raised by you.
· 2. Our Personal Data Collection and Use
· 2.1What is Personal Data?
· 2.2 Personal Data We Collect and How We Collect It
We may collect and maintain Personal Data regarding Site Visitors and Customers, including information:
1. By which you may be personally identified, such as your name, postal address, e-mail address, gender, telephone number, or credit card or other payment information;
2. That is about you but individually does not identify you, such as your Internet Protocol (“IP”) address, referring URL, web pages visited, time spent on web pages, cookies, Flash cookies, pixel tags, and server logs; and
3. About your internet connection, the equipment you use to access our Website and usage details, and the actions you take on our website.
We collect this information:
1. Directly from you when you provide it to us, including when you place an order on our Website, subscribe to our email newsletter, enter a contest or promotion sponsored by us, and contact us;
2. Automatically as you navigate the Website (details below); and
3. From third parties who process data on our behalf.
2.3 Information We Collect Through Automatic Data Collection Technologies.
As you navigate through and interact with our Website and other content, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including details of your visits to our Website, including location data; logs; the resources that you use access the Website, including your operating system and browser type; and other communication data.
We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). We do honor Do Not Track signals. Please email us at firstname.lastname@example.org for information on how you can opt out of behavioral tracking on this website and how we respond to specific web browser signals and other mechanisms that enable consumers to exercise choice about behavioral tracking.
The information we collect automatically may include personal information, or we may tie this information to personal information about you that we collect from other sources. It helps us to improve our Website and to deliver a better and more personalized service, including by enabling us to:
1. Estimate our audience size and usage patterns;
2. Store information about your preferences, allowing us to customize our Website according to your individual interests;
3. Speed up your searches; or
4. Recognize you when you return to our Website.
The technologies we use for this automatic data collection may include:
2. Flash Cookies. Certain features of our Website may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on our Website. Flash cookies are not managed by the same browser settings as are used for browser cookies.
3. Web Beacons. Webpages and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
2.4 Our Purposes in Collecting Personal Data?
The Personal Data we collect is used and disclosed as is necessary to provide services to you and as reasonably required for our business purposes, including:
· To present our Website and its content to you;
· To provide you with information, products, or services that you request from us;
· To fulfill any other purpose for which you provide it;
· To provide you with notices about your orders and subscription;
· To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;
· To notify you about changes to our Website or any products or services we offer or provide through it;
· To offer you services and promotions you may be interested in;
· In any other way we may describe when you provide the information; and
· For any other purpose with your consent as required by applicable law.
2.5 Types of Third Parties That May Receive Your Personal Data
We may disclose aggregated information about our Site Visitors or Customers without restriction. Such information does not identify an individual person.
We may disclose Personal Data to the following types of third parties:
Subsidiaries and Affiliates
We may share Personal Data with other members of our corporate group, including affiliates, in order to work with them. For example, we may need to share Customer Information for customer relationship management purposes. We may also transfer Personal Data in the event of an audit or if we sell or transfer all or a portion of our business or assets (including in the event of a merger, acquisition, joint venture, reorganization, dissolution, or liquidation).
Partners and Affiliated Businesses Not Controlled by Us
We may partner with other companies to market or jointly offer our products or services. We contractually require these third parties to keep Personal Data confidential and use only for the purposes for which we disclose it to them. If you do not wish for your information to be shared in this manner, you may choose not to purchase or specifically express interest in a jointly offered product or service.
It may be necessary for us to disclose your Personal Data, either by law, legal process, litigation, or requests from public and governmental authorities. We may also disclose information about you if we determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate. We may also disclose Personal Data if we determine that disclosure is reasonably necessary to enforce our terms and conditions or protect our operations or users.
· 3. Rights and Choices
· 3.1 Choice
We offer Site Visitors and Customers who provide Personal Data the means to choose how we use the information we collect. To the extent required by applicable law, we obtain opt-in consent for certain uses and disclosures of Personal Data. You have a right to withdraw such consent at any time. We shall make reasonable efforts to accommodate individual privacy preferences.
To update your account information or have your account deleted, please email email@example.com Requests to access, change, or delete your information will be handled within 30 days.
If you do not wish to have your information used by the Company to promote our own or third parties’ products or services, you can opt-out by checking the relevant box located on the form on which we collect your data. You can also always opt-out by sending us an email stating your request to firstname.lastname@example.org.
You may manage your receipt of marketing and non-transactional communications by clicking the “unsubscribe” link located on the bottom of our newsletter or marketing emails. Additionally, you may send a request specifying your communications preferences to email@example.com Customers cannot opt-out of receiving transactional emails related to orders placed through the Website.
If you do not want us to use information that we collect or that you provide to us to deliver advertisements according to target-audience preferences, you can contact us for information about how to opt-out at firstname.lastname@example.org You can prevent the use of Google Analytics relating to your use of our Website by downloading and installing the browser plugin available at https://tools.google.com/dlpage/gaoptout?hl=en-GB. For certain opt-outs to function, you may need to have your browser set to accept browser cookies.
We do not control third parties’ collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt-out of receiving targeted ads from members of the Network Advertising Initiative (”NAI”) on the NAI’s website.
Exceptions. We may disclose your Personal Data without offering an opportunity to opt-out, when (a) we retain third-party processors to perform services on our behalf and pursuant to our instructions, (b) required by law or legal process, or (c) responding to lawful requests from public authorities, including to meet national security, public interest, or law enforcement requirements.
· 3.2 EU Persons
We limit the processing of Personal Data of persons in the EU (“EU Personal Data”) to that which is relevant for the purposes of the particular processing. We do not process EU Personal Data in ways that are inconsistent with the purposes for which the information was collected or subsequently authorized by you.
In addition, to the extent necessary for these purposes, we take reasonable steps to ensure that the EU Personal Data we process is (a) reliable for its intended use, and (b) accurate, complete and current. In this regard, we rely on you to update and correct EU Personal Data to the extent necessary for the purposes for which the information was collected or subsequently authorized. You may contact us at email@example.com to request that we update or correct relevant EU Personal Data.
Subject to applicable law, we retain EU Personal Data in a form that identifies or renders you identifiable only for as long as it serves a purpose that is compatible with the purposes for which the Personal Data was collected or subsequently authorized by you.
Notice and Consent
If we decide to process EU Personal Data for purposes other than what is necessary to provide services to you or where we believe that your interests may override ours, persons in the EU will receive a notice detailing:
1. The type of Personal Data to be processed;
2. The purpose for the processing and a description of how the processing is based on legitimate interests;
3. The categories of recipients of disclosures of the Personal Data;
4. The period for which the Personal Data will be stored or the criteria for determining the period;
5. How Customers and Site Visitors can exercise the rights of access, correction, erasure, objection, and the right to withdraw consent;
6. The right to file a complaint with an EU Data Protection Authority; and
7. Whether the Personal Data will be subject to automated processing and, if so, the logic and the consequences of the processing for the data subject.
Such notices will be clear, conspicuous, and readily available to affected EU Persons. A notice will require an unambiguous, affirmative, opt-in consent to the particular use or processing of the EU Personal Data.
Transfers of Personal Data
With respect to transfers of your Personal Data to third-party data processors, we will:
1. Enter into a contract with each relevant data processor,
2. Transfer Personal Data to each such data processor only for limited and specified purposes,
3. Ascertain that the data processor is obligated to provide the Personal Data with at least the same level of privacy protection as is required by applicable law,
4. Take reasonable and appropriate steps to ensure that the data processor effectively processes the Personal Data in a manner consistent with the Company’s obligations under applicable law,
5. Require the data processor to notify the Company if the data processor determines that it can no longer meet its obligation to provide the same level of protection as is required by our contract or applicable law,
6. Upon notice, including under (e) above, take reasonable and appropriate steps to stop and remediate unauthorized processing of the Personal Data by the data processor.
You generally have the right to access your Personal Data. Accordingly, where appropriate, we provide you with reasonable access to the Personal Data we maintain about you. We also provide you a reasonable opportunity to correct, amend, or delete your information.
We may limit these opportunities where the burden or expense of honoring a request would be disproportionate to the risks to your privacy, or where the rights of persons other than you would be violated. Other reasons for denying requests or limiting access include (a) interference with the execution or enforcement of the law or with private causes of action, including the prevention, investigation, or detection of offenses; (b) breaching a legal or other professional privilege or obligation; (c) prejudicing security investigations or grievance proceedings or in connection with succession planning and corporate re-organizations.
Please contact firstname.lastname@example.org to request access to your Personal Data. If access cannot be granted, we will respond with a reason for denying your request.
If a complaint regarding Personal Data cannot be resolved through our internal processes, we will cooperate with applicable data protection authorities to address a complaint and provide appropriate recourse.
4. Control and Security
4.1 Integrity and Confidentiality
We take reasonable and appropriate measures to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website.
· 4.2 Data Breach
If a breach of Personal Data occurs, we will notify the relevant authorities within 72 hours, or as otherwise required by applicable law, subject to likelihood of risk to the Customer or Site Visitor. Affected Customers or Site Visitors will also be notified regarding the breach.
· 5. Record Keeping
As required by applicable law, we will maintain relevant records of:
1. The purposes of Personal Data processing;
2. The categories of data subjects and of Personal Data processed;
3. The categories of recipients, including those in third countries;
4. The countries to which Personal Data will be transferred and the instrument used to provide an adequate level of protection;
5. Where possible, the envisaged retention periods for different categories of Personal Data; and
6. A general description of the security measures used to protect Personal Data.
These records shall be provided to data protection authorities upon request.