“PERSONAL DATA” DEFINED
“Personal Data” is defined in the GDPR as User Data which can be used to directly or indirectly identify the applicable user. As used herein, Personal Data, includes, without limitation, information such as (i) contact data (such as your first and last name, user name or alias, physical street address, city, state, zip code, phone number and email address), (ii) financial data (such as your PayPal account number, credit card number, credit card expiration date, and credit card verification code), (iii) demographic data (such as your zip code and gender), and (iv) other legal data (such as your social security number and other sensitive information) or any number of attributes, which taken together may lead to the identity of you (such as physical, physiological, genetic, mental, economic, cultural or social characteristics). Although an Internet Protocol (IP) address can only be used to determine the location of your device within a large radius (on the scale of miles or kilometers), Personal Data, for the purpose of the GDPR may include your IP address, and moreover, cookies in relation to your use of the Website. Notwithstanding the fact that we may treat certain User Data as User Data which is not Personal Data, and cannot be used in order to identify a user (“Non-Identifiable Data”), to the extent that the GDPR applies to you, we will always treat information based upon the GDPR’s characterization of Personal Data. For example, the IP or cookies of a user within the United States may be treated as Non-Identifiable Data, while the same attributed may be treated by the GDPR as Personal Data in certain instances.
SPECIAL CONSIDERATIONS UNDER THE GDPR
The below table sets forth how we may process data received by a user entitled to the protections of the GDPR.
“Data controller” and “data processor” are important concepts in understanding a company’s responsibilities under the GDPR. Depending on the scenario, a company may be a data controller, data processor or both, and will have specific responsibilities as a result: A company is a data controller when it has the responsibility of deciding why and how (the “purposes” and “means”) the Personal Data is processed.
Any transfer of Personal Data outside of the EEA (European Economic Area) must meet certain legal requirements. To the extent we are in receipt of Personal Data being transferred from inside the EEA to any region outside the EEA, we will at all times comply with applicable restrictions.
To the extent that we operate as a data controller and/or processor, our workplace will at all times be cognizant of applicable restrictions, and comply therewith.
INFORMATION COLLECTION AND TRACKING
Visiting the Website
You can visit the Website without giving away your Personal Data. Company uses analytics tools, such as Google Analytics, and various cookies in order to improve our service, user experience and analyze how our website is used. Aside from the approximate location (IP address), the information collected by tools such as Google Analytics is mostly anonymous traffic data including browser information, device information, language. We do not collect additional information, such as your age, gender, interests, clickstream, or anything associated with a so-called user “Internet passport.”
We may collect User Data from the following sources:
THIRD-PARTY ADVERTISING AND ANALYTICS
Pages on our website also may contain “web beacons” (also known as Internet tags, pixel tags and clear GIFs). A web beacon is an electronic image, often a single pixel (1×1), that is ordinarily not visible to Website visitors and may be associated with cookies on the visitors’ hard drives. Web beacons do not contain any Personal Data, and allow us to count users who have visited certain pages of the Website, to deliver branded services, and to help determine the effectiveness of promotional or advertising campaigns. Web beacons allow third parties to obtain information such as the IP address of the computer that downloaded the page on which the beacon appears, the URL of the page on which the beacon appears, the time the page containing the beacon was viewed, the type of browser used to view the page, and the information in cookies set by the third party. We use log files to store the data that is collected through web beacons.
STORAGE AND PROCESSING
We may, and we may use third-party service providers to, process and store your information. The third-party service providers that we engage will at all times be bound by confidentiality obligations and other appropriate restrictions with respect to their use and collection of your information.
USE OF INFORMATION
We may use information about you for a number of purposes, including:
We may share certain of the User Data, including Personal Data, with affiliated and non-affiliated third parties, including without limitation in connection with the following:
OFFERING YOU CHOICES – MARKETING OPTIONS
You have choices when it comes to learning about our new offers, products or services, as well as those offered by our partners and affiliates. If you do not wish to receive these offers, you may opt out by emailing our Customer Care department at any time at website@HilarityForCharity.org. Alternatively, each marketing e-mail we send to you will include instructions how to opt-out which you may utilize. Please note that you may still receive information from third parties to whom we have disclosed your information prior to the time you opted-out. You should contact each party in the event that you no longer want to receive information from such party.
Other websites and companies are responsible for complying with the GDPR independently, and we do not assume any duty to ensure that a website linked from, or which links to, the Website, complies with the GDPR.
We know it is very important to protect the information you share with us. We take appropriate security measures to help safeguard this information from unauthorized access and disclosure. For example, we restrict access to nonpublic personal information about you to our employees who need to have access to such information in order to provide products or services to you, as well as to authorized third parties (as stated above). We maintain physical, electronic, and procedural safeguards designed to protect your Personal Data. We protect your Personal Data over the internet by using a secure web server, which allows web browser programs (Netscape, Microsoft Internet Explorer, Safari, Chrome or Firefox) to interact with our web server via an encrypted session. Depending on which browser you use, you will know you are in secured area by “https” or a lock appearing in the lower right hand corner of your browser window. When you visit the Website, you may move in and out of secured areas. Anytime that you are on a page ordering products or services, or viewing your personal credit report, you will be in a secured area.
You should feel confident using our Website. However, no system can be completely secure. Although we take very significant steps to secure your information, there is always a chance that your information will not always remain secure, or our computers or systems are illegally accessed, and the data on them stolen or altered. You should always take great care in handling and disclosing your personal information. For example, avoid sending personal information through insecure email.
Please refer to the Federal Trade Commission’s website at http://www.ftc.gov/bcp/menus/consumer/data.shtm for information about how to protect yourself against identity theft. We assume no liability or responsibility to you or to any third party arising out of any loss, misuse, destruction, or alteration of your information.
ACCESS TO INFORMATION
You have the right to request access to the information we have on you. You can do this by contacting us at info@HilarityForCharity.org. We will make sure to provide you with a copy of the data we process about you. In order to comply with your request, we may ask you to verify your identity. We will fulfill your request by sending your copy electronically, unless the request expressly specifies a different method. For any subsequent access request, we may charge you with an administrative fee.
INFORMATION CORRECTION & DELETION
If you believe that the information we have about you is incorrect, you are welcome to contact us so we can update it and keep your data accurate. Any data governed by the GDPR that is no longer needed for the purposes specified herein will be deleted. If you are a user with rights under the GDPR, if at any point you wish for Company to delete information about you, you may simply contact us and instruct that we delete certain Personal Data, provided, that, such deletion may affect your use of the Website.
PERSONS UNDER THE AGE OF 13 AND ABILITY TO CONSENT
In order to use the Website and/or its products and/or services, you must be at least 13 years of age. The Website is not directed to or intended for use by persons under the age of 13 and we are not knowingly soliciting personal information from such persons or sending them requests for non-public personal information. If we become aware that we have inadvertently received Personal Data directly from someone under the age of 13, we will delete such information from our records. If you are under the age of 13, you must not use our products or services, including sending us any personal information.
HOW LONG WE RETAIN YOUR INFORMATION
US STATE PRIVACY RIGHTS
The laws of certain states within the United States law permit residents of such states to request certain details about our disclosure of your Personal Data to third parties for direct marketing purposes during the immediately preceding calendar year. If you are a resident of any such state (including California) and would like to request this information, please contact us at the address listed below.
NOTIFICATION OF CHANGES
VISITOR’S ACCEPTANCE OF THESE TERMS
If you wish to exercise any right afforded to you herein or under applicable law, or if you have any additional questions about our collection and storage of data, please contact us at: Info@HilarityForCharity.org
If you have any questions or concerns regarding our notice, or if you believe our notice or applicable laws relating to the protection of your Personal Data have not been respected, you may file a complaint with our office listed above, and we will respond to let you know who will be handling your matter and when you can expect a further response. We may request additional details from you regarding your concerns and may need to engage or consult with other parties in order to investigate and address your issue. We may keep records of your request and any resolution.