Visitors from the EU are not permitted to browse this site. This is due to the EU's Data Retention and Access Laws. If you are visiting our website from there, the only information that has been logged is your IP Address (which cannot be used for personal identification) and the date/time that you attempted to access this website.
The new GPDR Regulations have not been implemented on this site yet therefore you are unable to use it.
PERSONAL INFORMATION WE COLLECT
When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information”.
We collect Device Information using the following technologies:
- “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
- “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
- “Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse the Site
Additionally when you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, shipping address, payment information (including credit card numbers, email address, and phone number. We refer to this information as “Order Information”.
HOW DO WE USE YOUR PERSONAL INFORMATION?
We use the Order Information that we collect generally to fulfill any orders placed through the Site (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations). Additionally, we use this Order Information to:
- Communicate with you;
- Screen our orders for potential risk or fraud; and
- When in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).
SHARING YOUR PERSONAL INFORMATION
We share your Personal Information with third parties to help us use your Personal Information, as described above. For example, we use Shopify to power our online store--you can read more about how Shopify uses your Personal Information here: https://www.shopify.com/legal/privacy. We also use Google Analytics to help us understand how our customers use the Site -- you can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
You can opt out of targeted advertising by using the links below:
- Facebook: https://www.facebook.com/settings/?tab=ads
- Google: https://www.google.com/settings/ads/anonymous
- Bing: https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads
Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.
DO NOT TRACK
Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser.
If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below.
Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.
When you place an order through the Site, we will maintain your Order Information for our records unless and until you ask us to delete this information.
The Site is not intended for individuals under the age of 18.
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at email@example.com.
We use a third party app to promote our products, this information is very relevant specially to those located in the EU
LimeSpot shall require that its Store-based Clients, as part of its engagement therewith, provide the means for Shoppers to inquire from LimeSpot, through the Store-based Clients, regarding their personal data, and to withdraw consent (including by deleting all identifying personal information), or to inquire from LimeSpot or its Data Protection Officer (“DPO”);
LimeSpot shall provide a secure means in which to store data, as well as to transfer data to LimeSpot via the Products from the Store-based Client; and
LimeSpot shall notify the applicable Store-based Client in the event of any breach of security or other unauthorized processing of any of their Shoppers’ information.
Our Relationship to Our Clients and Their Shoppers
LimeSpot provides its Services to help its approved and contracted store-based clients (hereinafter “Store-based Clients”) to achieve the Purposes, as defined above. LimeSpot, at the written direction and authorization of our Store-based Clients, may obtain certain information regarding Shoppers as they use and provide information to our Store-based Clients. No matter who provides us with personal information, however, our commitment to privacy remains strong.
How We Collect Shopper Information
The Types of Information We May Collect
We collect two types of information. Both types of information are required to provide the LimeSpot Purposes that are offered via a LimeSpot-enabled Store-based Client’s eCommerce platform, or through related channels (e.g. Emails, Messages, Advertising, etc.).
The first type of information is Personally Identifying Information (“PII”). The other type of information is Non-Personally Identifying Information (“NPII”).
PII includes information that is uniquely associated with an identifiable Shopper, or that identifies a Shopper, and may specifically include age, gender, location, email address, phone number, and, in some cases, IP address.
NPII may include information that is collected directly from a Shopper, during a Shopper’s interaction with the site, or from information provided to a third-party, and which does not identify, or is not uniquely associated with, an identifiable Shopper. NPII includes, but is not limited to, a Store-based Client’s name and location, Store-based Client product and collections information, non-identifying order information, Store-based Client CRM/Loyalty programs, age range, association with a geographical or network area, Shoppers’ general interests as indicated by their interaction with an e-Commerce Platform (such as selections thereon), Shoppers’ shopping behavior, and Shoppers’ choices within LimeSpot enabled e-Commerce Platforms. NPII may also include information that is non-personally identifying but was generated from PII, such as by aggregation with other PII or anonymization.
How We Use and Disclose Information
Performance of Services. We may use Shoppers’ PII and NPII to fulfil the Purposes. We may also use Shoppers’ NPII in connection with other services and features we provide to third-parties or other Store-based Clients. This includes by assessing information relating to, and historical patterns associated with, Shoppers, and/or profiles or categories of classes of Shoppers, such as by observing shopping choices and activities of Shoppers (or Shoppers fitting characteristics relating to such profiles or categories, but not necessarily any information relating to an identifiable Shopper). We may also process Shoppers’ data in association or combination with information relating to that Shopper, or information relating to Shoppers belonging to the same profile or category, from other Store-based Clients. We will also use this information to improve the quality of our Products and Services.
Performance of Services Associated With Third-Party Platforms:
Advertising Customization: In order to provide personalized advertising on Third-Party Platforms, LimeSpot pushes certain NPII information relating to a Shopper (e.g. non-personally identifying shopping preferences profile information) to such Third-Party Platform which then selectively provides advertising. Except as provided below, none of a Shopper’s PII or NPII information is provided to LimeSpot from any Third-Party Platform.
Authentication: In some cases, LimeSpot uses authentication services provided by Third-Party Services to authenticate a Shopper with their LimeSpot data.
Investigations and Protection. LimeSpot may release Shopper information: when we believe it is appropriate or required in order to comply with the law; to investigate, prevent, or take action regarding illegal activities; to detect or investigate suspected fraud; in situations involving potential threats to the physical safety of any person or other similar exigent circumstances; to prevent violations of LimeSpot’s Customer Terms of Service, or to enforce the provisions thereof; to comply with any other agreement that we may have entered into with you; or to protect the rights, property or safety of LimeSpot and others. This may include exchanging information with other companies and organizations for fraud prevention and credit risk reduction. LimeSpot may cooperate with and disclose information to any authority, government official or third-party, without giving any notice, in connection with any investigation, proceeding or claim arising from an asserted illegal action or infringement.
Third-Party Service Providers. LimeSpot may employ or engage other companies to perform tasks on our behalf and may need to share some of your information with them to provide products and services to you. Examples of this may include data storage and analysis. These third-parties have access to information needed to perform their functions but may not use it for any other purpose.
Granting us this permission not only allows us to provide our Products and Services as they exist today, but also allows us to provide innovative features, products, software and services we may develop in the future that use the information we receive about Shoppers in new ways.
LimeSpot owns the databases and all rights to our applications and software. While Store-based Clients and Shoppers allow us to process the information we receive, such Store-based Clients and Shoppers using LimeSpot enabled stores always own all of their own personally identifiable information.
How We Keep Your Information Secure
The security of Shopper information is important to us. We implement reasonable security measures to protect the security of your information both online and offline, and we are committed to the protection of Shopper information. Only those individuals at LimeSpot that have an obligation to maintain confidentiality may access Shopper PII.
When we handle Shopper information on the Internet we encrypt the transmission of that information using secure socket layer technology (“SSL”). Shopper information is pseudonymized and rendered as NPII. LimeSpot has redundant and distributed systems, and other system measures, that provide for ongoing confidentiality, integrity, availability and resilience. Our systems are routinely tested or assessed for their measures to ensure the security of Shopper Data.
However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect Shopper information, we cannot guarantee that unauthorized access, hacking, data loss or other breaches will never occur.
We will notify the Store-based Client, who is ultimately the data controller, from whom we obtain information in the event of an unauthorized access or disclosure of such information. We will take reasonable administrative steps, by making it a condition of our terms of services with them, to ensure that such Store-based Client take steps to inform the affected Shopper to the extent that it is required under applicable law.
If you have any questions about how we strive to keep information secure, you can contact us at firstname.lastname@example.org.
Storage and Transfer of Your Information
We may transfer, store and process Shoppers’ information, both PII and NPII, to or on computers located in the United States, Europe, or Canada. Accordingly, such information may be subject to the laws of these relevant jurisdictions.
LimeSpot’s technical infrastructure relies on data centers and cloud service providers that are located outside Europe on Microsoft’s Azure platform. Microsoft became the first global cloud service provider to appear on the Department of Commerce’s list of Privacy Shield certified entities as of August 12th 2016. The European Commission adopted the EU-US Privacy Shield Framework on July 12th 2016, replacing the International Safe Harbor Privacy Principles as the mechanism for allowing companies in the EU and the US to transfer personal data across the Atlantic in a manner compliant with the EU data protection requirements, as stated on PrivacyShield.gov. See also https://azure.microsoft.com/en-us/blog/microsoft-cloud-is-first-csp-behind-the-privacy-shield.
Canada has been recognized as ensuring an adequate level of protection for personal data. See https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en.
There is no fixed period for storage of Shoppers’ PII. We will remove Shoppers’ PII upon any of the following:
A request from the Shopper via our Shopper Rights Access Portal (see below);
A request from the applicable Store-based Client from which the Shopper, whose data is being deleted, was obtained, or such Shopper notifies LimeSpot in writing that their consent has been withdrawn;
An objection from a Shopper, via a Shopper or an applicable Store-based Client, is received by LimeSpot in writing relating to the processing of any Shopper PII;
If LimeSpot learns that any PII has been collected unlawfully;
A request from any supervisory authority or legal authority (e.g. police, third-party having an applicable court order) having sufficient legal authorization or LimeSpot being made aware that PII should be deleted to ensure compliance with an applicable legal obligation.
The storage period for any NPII that does not relate to, or uniquely identify, a Shopper is indefinite.
LimeSpot supports Shoppers’ rights in the following ways:
Accountability and DPO. While LimeSpot is not a controller of Shopper data, LimeSpot nevertheless encourages Shoppers to contact the LimeSpot DPO (email@example.com) for issues relating to Shopper information that is collected or processed by LimeSpot via a Store-based Client (although LimeSpot reserves the right to take no action, and/or to forward Shopper’s concerns to the applicable Store-based Client, in cases where the issue relates to Shopper data collected or processed by the Store-based Client). Furthermore, the Shopper has the right to lodge a complaint about LimeSpot’s data protection with an applicable supervisory authority with jurisdiction to receive such a complaint. We note that for European Shoppers, there is no requirement for LimeSpot to have a European representative (as LimeSpot is not a controller); however, the applicable Store-based Client may, if applicable law requires such a representative, may be contacted regarding the processing of any data relating to a European person, if that requirement applies to such Store-based Client.
Access, Rectification, and Deletion. LimeSpot provides the Shopper Rights Access Portal, via its Store-based Clients, or directly from our Privacy Tool, which is an automated tool for viewing the PII and NPII that LimeSpot may have in data storage. The Shopper Rights Access Portal further allows any Shopper to delete all PII in LimeSpot storage upon request. See our Privacy Tool If any information is incorrect or is incomplete, please direct any requests for rectification to firstname.lastname@example.org after which they shall be addressed as is practicable.
Breaches. LimeSpot shall notify the Store-based Client that collected the information in the event of any breach or unauthorized access to Shoppers’ PII of the following information: the existence and nature of such breach, our DPO, possible or likely consequences, and measures taken to address or, where possible, mitigate the breach. Our standard terms with our Store-based Clients require them to comply with this requirement, where required by applicable law.
Questions and Concerns