Effective Date: May 14, 2020
1. Personal Information Collected by GFG
Categories of Personal Information.
User Account: Users may create an account by providing their name, email address and password. Registration is optional and users may access the Site as a guest at any time.
Purchases: When you purchase products on the Site, GFG will collect shipment and payment information as follows:
Shipment: Users will be required to provide information, including names, emails (for electronic delivery) and addresses (for physical delivery) of products purchased on the Site. Phone numbers and email addresses may also be requested in the event GFG or the common carrier needs to contact the purchaser or recipient to facilitate delivery of the products to the appropriate location. At your request, shipping information may be saved for faster checkout on future orders.
Payment: GFG requires users to input the following payment information: credit or debit card information, first and last name, billing address, card expiration date, and three-digit security code.
Email Addresses & Contact Information: Users may also provide their email address and/or other contact information to GFG to subscribe to its newsletters, to contact us through the Site with questions about our Site and Services, or to reset their password. When users make a purchase, users may also subscribe to GFG’s newsletters. Users can opt-out through the unsubscribe link in that newsletter or corresponding email.
Cookies: GFG utilizes cookie technology to gather information on internet use in order to serve you more effectively. As described in Section 2, GFG also utilizes third party analytics services which may also use tracking cookies to provide information about the use of our Site. Users can set their browser to remove or reject the following cookies utilized by the Site:
- _session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
- _shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
- _shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer. cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
- _secure_session_id, unique token, sessional_storefront_digest, unique token, indefinite. If the shop has a password, this is used to determine if the current visitor has access.
2. Is Information Collected By Or Disclosed To Third Parties?
GFG DOES NOT AND WILL NOT SELL, RENT, OR LEASE PERSONAL INFORMATION. HOWEVER, PERSONAL INFORMATION IS PROCESSED BY SERVICE PROVIDERS WHO HAVE CONTRACTED WITH GFG TO FACILITATE THE PROVISION OF SERVICES THROUGH THE SITE AS FOLLOWS:
Shipping Information: Shipping Information: GFG utilizes service providers to access major shipping carriers, track packages and obtain shipping labels. Information may be shared with such service providers to process shipping requests. Shipping information will also be shared with our Product Partners to provide fulfillment services for all customer orders.
Social Plug-Ins: Users may share their GFG experiences on social media. Users may follow and share their experiences on Instagram, Facebook, Twitter, LinkedIn and Pinterest. Users should click on the hyperlinks to review the applicable privacy policies.
Other Potential Third Party Disclosures: Personal Information may be disclosed to third parties to serve our legitimate business interests as follows: (1) as required by law, such as to comply with a subpoena, or similar legal process, (2) if GFG is involved in a merger, acquisition, or sale of all or a portion of its assets, (3) to investigate, prevent, or take action regarding suspected or actual illegal activities or to assist government enforcement agencies; (4) enforce our agreements with you, and/or (5) investigate and defend ourselves against any third-party claims or allegations. We will use commercially reasonable efforts to notify you about law enforcement or court ordered requests for data unless otherwise prohibited by law.
Please see Section 5 for a more specific disclosure of the applicable categories of personal information collected and processed under the CCPA.
3. Compliance With The Children’s Online Privacy Protection Act and Other Privacy Regulations Relating to Minors
GFG does not knowingly collect Personal Information from anyone under the age of 18. If a parent or guardian becomes aware that his or her minor child as defined by applicable privacy laws has provided Personal Information without their consent, he or she should contact GFG at email@example.com.
GFG will delete such Personal Information from our files within a commercially reasonable time, but no later than required under applicable law.
4. Retention of Personal Information Collected
Unless erasure is otherwise requested by a customer, GFG will retain account and purchase data as long as it is necessary to provide services our customers. When a customer’s account is terminated or closed upon request, Personal Data collected through the Site will be deleted in accordance with applicable law. Personal Information obtained from Site visitors will be maintained as long as it is necessary to provide requested communications and information-based services or until a visitor exercises the right to opt-out of requested communications or information-based services. Anonymized and pseudo-anonymized data will be retained as long as GFG determines such data is commercially necessary for it legitimate business interests.
5. YOUR CALIFORNIA PRIVACY RIGHTS
California Consumer’s Request to Know, Right to Delete, Right to Opt-Out of Sale Notices. For Information on your California Consumer Rights, please see: California Consumer Privacy Rights Notice (“Notice”)
A Verifiable Consumer Request under this Section may be submitted to GFG effective January 1, 2020 by emailing GFG at firstname.lastname@example.org or through the account or as otherwise designated in the Notice.
For each request, GFG will initially verify the email address on file with the email address submitted in the applicable request. Further verification will be based upon confirmation of data correlating to information maintained by GFG, as applicable. Consumers may designate an authorized agent to make a request on the Consumer’s behalf a email@example.com. Requests by authorized agents are subject to additional verification requirements pursuant to the rules and regulations set forth in the CCPA.
6. What Is the GFG Security Policy?
We have implemented reasonable administrative, technical and physical security measures to protect Personal Information against unauthorized access, destruction or alteration.
GFG utilizes only PCI-DSS compliant third party payment processors to ensure the security of your personal information. Credit/debit card information provided is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption.
9. Contact Us
If you have any questions regarding your Personal Information or about our privacy practices, please contact us at: Gifts for Good LLC, 520 S. Sepulveda Blvd. #300, Los Angeles, CA 90049 and at firstname.lastname@example.org.