CCPA Notice--Information for Customers in California
If you are an individual within the State of California, USA, the California Consumer Privacy Protection Act of 2018 (“CCPA”) may apply to the personal data that you provide us through the Soulr Properties or otherwise through your interaction with us. If so, we are required by the CCPA to provide additional information to you, which you can find in the California Privacy Statement below.
GDPR Notice--Information for Customers in the EU and EEA
If you are an individual within the European Union (“EU”) or the European Economic Area (“EEA”), the EU General Data Protection Regulation 2016/679 (“GDPR”) may apply to the personal data that you provide us through the Soulr Properties or otherwise through your interaction with us. If so, we are required by the GDPR to provide additional information to you, which you can find in the GDPR Notice below.
Your Responsibilities. To protect your account from unauthorized activity, you should keep your password confidential and restrict access to your computer and any mobile devices through which your account may be accessed. You are responsible for all activity on or through your account. We will not be liable for damages or loss arising from your failure to maintain the confidentiality of your password or to adequately restrict access to your account. You represent and warrant that all information that you provide in connection with your account is and shall be accurate, truthful, current and complete. We reserve the right to deny, deactivate or terminate your account at our discretion.
Breach of Security.
You accept all risk that your account may be accessed without your permission. If you discover or suspect that the security of your account has been breached, please let us know as soon as possible.
Information We Collect and Use
Your Personal Information.
When you place an order for a Product, we need to know your name, email and mailing addresses, and your billing information so that we can fill, confirm and ship your order, notify you of your order status and process your payment. We may also request some of this same information from you when you ask a question or make a comment through our website or mobile applications in order for us to respond appropriately. For administration purposes, our website or mobile applications may collect your IP address or domain name, referring web page, browser type, mobile device type, device operating system, device settings, geolocation data and non-personal information about the way you use your device or this site (such as the length of time spent or the pages accessed while visiting this site). We may use third-party website analytics tools and embedded tracking codes that collect information about visitor traffic on our sites and mobile applications to collect information about you.
Disclosure of Information to Third Parties.
We don't rent or sell to others any information about our customers. We do not grant permission to third parties to collect information regarding the online activities of our website users over time and across different websites when they visit our website. However, we may provide your personal information to third parties who provide services on our behalf, such as the companies engaged to deliver your order and process your payment. We also reserve the right to disclose without notice to you any information in our possession if we believe we are required to do so by law, to protect or defend our rights or property, or to respond to an emergency.
Use By Minors Prohibited.
Our website and mobile applications are not intended for use by and Soulr does not intend to collect personal information from individuals under 18 years of age. Individuals under 18 years of age are directed to not use our website and mobile applications, whether to purchase Products, submit personal information or otherwise.
Mobile User Application Permissions.
When you use our mobile applications, you may grant to us certain permissions with respect to your device. These permissions may include (i) granting us access to the camera and photos, videos and other media files on your device, and (ii) allowing us to send in-app push notifications to you. Most mobile devices provide you with information about these permissions.
Mobile User Location.
Our mobile applications may also collect information about the location of your mobile device, if you grant this permission.
Access and Correction.
The file containing your personal information will be held at our offices or on our servers or those of our service providers, and employees who require it for the purposes of their duties will have access to this file. You may obtain a copy of certain personal information we maintain about you and update or correct inaccuracies in that information using the features of your account. If you wish to update or delete other personal information, you can contact us at firstname.lastname@example.org and we will endeavor to correct, update or remove the personal information you give us.
Security of Your Information
Soulr‘s Responsibility. The security of your information is important to us. While we endeavor to use reasonable efforts to safeguard the confidentiality of your information, the Internet and other e-commerce channels are not totally secure. Due to the possibility of transmission errors, hacking or other unauthorized third-party activities, we cannot guarantee that personal data transmitted to our website and mobile applications will remain secure. If we become aware of a security breach involving any such data, Soulr will make all legally required disclosures consistent with our ability to determine the scope of the breach, our need to restore the integrity of the system and the needs of law enforcement.
Credit Card Information.
Whenever we transmit your credit card information over the Internet, we use industry standard encryption for all pages containing private information pertaining to your shipments. Your full credit card number is never displayed when you use our website or mobile applications. When you use a saved credit card, we only include the last four digits of the credit card number on the order page so that you can tell which credit card you used.
What are Cookies? A cookie is a small text file that our website places on your computer or mobile device. Your browser provides the cookie to us each time you return to our website. Cookies help us to identify you and to provide you with information that is relevant to you when you return to our site. Cookies also help us understand how our site is being used so that we can make it more effective for our users.
Types of Cookies We Use.
We use only "Strictly Necessary", "Performance", and "Functionality" cookies on our site. These cookies are described below.
Strictly Necessary Cookies.
These cookies are essential to the use of our site, as they enable you to move around the site and use its features, such as accessing logged in or secure areas.
These cookies collect information about how you have used the site, for example, information related to the unique user name you have provided, so that less strain is placed on our backend infrastructure. These cookies may also be used to allow us to know that you have logged in so that we can provide you with different content than that provided to a new user. We also use this type of cookie to track aggregate usage of our site. The information collected is used to improve how the site works.
These cookies allow us to remember how you logged in, when you logged in or out, and the history of your activity on our site. These cookies also allow us to tailor the service to provide enhanced features and content for you. The information collected by these cookies may be anonymous, and they are not used to track your browsing activity on other sites or for other services.
First and Third Party Cookies.
First-party cookies are cookies that belong to us, third-party cookies are cookies that another party places on your device through our site. Third-party cookies may be placed on your device by someone providing a service for us, for example to help us understand how our service is being used.
Duration of Cookies on your Device.
The length of time a cookie will stay on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies will only stay on your device until you stop browsing. Persistent cookies stay on your computer or mobile device until they expire or are deleted.
Managing and Deleting Cookies.
“Do Not Track” Signals
Our website is not configured to respond, and it does not respond to “do not track” signals.
Disclaimers Relating to Privacy Laws Outside the United States
The Soulr Properties are operated by Soulr from our offices in the United States. Information that you submit to us from outside the United States through the Soulr Properties will be transmitted to the United States (including to our service providers located in the United States), which may have privacy laws that are less protective than the privacy laws of the jurisdiction in which you reside. By using our website and other Soulr Properties, you consent to this transfer. We make no representation that our website or mobile application is appropriate or available for use in locations outside the United States.
California Privacy Statement
Effective: December 30th, 2020
Last updated: December 30th, 2020
Personal Information We Collect
We collect the following categories of personal information from consumers:
Personal identifiers including your name, address, telephone number, job title, employer, payment information and other personal information under the California customer records law.
Commercial information including records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Internet and similar network activity including IP address, browsing history, search history, geolocation data based on network activity, information on a consumer's interaction with a website, application, or advertisement.
Sensory data in the form of audio recordings of phone calls made to us.
Sources of Personal Information
We obtain the categories of personal information listed above from the following categories of sources:
Directly from our customers. For example, from information that our customers provide to us related to the orders for products which they purchase from us or in connection with establishing an account with us.
Directly and indirectly from activity on our website (www.soulr.earth) or mobile applications. For example, from submissions through our website portal or website usage details collected automatically.
From third-party website analytics tools and embedded tracking codes that collect information about visitor traffic on our website and mobile applications.
Purposes for Use of Personal Information
We use or disclose the personal information we collect for one or more of the following business purposes:
providing our products and services to you or the business you represent (for example, if you provide us with personal information in order to place an order with us, we will use that information to process your payment, complete the sale and ship the product to you),
maintaining our business relationship and/or providing ongoing support, where you or the business you represent are a user of the Soulr Properties or a customer or you otherwise engage with us for business purposes,
informing you about our products and services and responding to your comments or requests for information,
sending paper catalogs to you or the business you represent,
enforcing any contracts that we enter into with you or the business you represent, or defending claims arising from such contracts;
optimizing the Soulr Properties and customer experience,
where necessary to protect the rights, property or safety of us or other users or customers,
where we are obligated, or permitted, to do so by applicable law, regulation or legal process, including disclosure to customs or other governmental authorities, or
as described to you when collecting your personal information.
Sharing of Personal Information for a Business Purpose
In the preceding twelve (12) months, we have disclosed personal identifiers, personal information covered under the California customer records disposal law, and commercial information to
service providers engaged by us to provide services, such as delivery and logistics companies, payment processors, and website hosts and other IT infrastructure providers, and
third parties to whom you authorize us to disclose your personal information in connection with products we provide to you.
Sale of Personal Information
In the preceding twelve (12) months, we have not sold any personal information.
Your Rights and Choices
This section describes the specific CCPA rights afforded to California residents and explains how to exercise those rights.
Access to Specific Information and Data Portability Rights
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
the categories of personal information we collected about you,
the categories of sources for the personal information we collected about you,
our business or commercial purpose for collecting or selling that personal information,
the categories of third parties with whom we share that personal information
the specific pieces of personal information we collected about you (also called a data portability request),
if we sold your personal information, a list identifying the personal information categories that each category of recipient purchased, and
if we disclosed your personal information for a business purpose, a list identifying the personal information categories disclosed.
Deletion Request Rights
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request pursuant to certain exceptions provided in the CCPA, including to take actions reasonably anticipated within the context of our ongoing business relationship with you, to comply with legal obligations, or to make other internal and lawful uses of your person information that are compatible with the context in which you provided it. The response we provide will explain the reason for denying your request.
Exercising Access, Data Portability, and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by either:
calling us at 719-660-4575, or
e-mail at email@example.com.
Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
provide sufficient information that allows us to reasonably verify you are either the person about whom we collected personal information or an authorized representative of that person, and
describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm that the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us.
Response Timing and Format
We will endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (we may take up to 45 additional days), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, your exercise of your CCPA rights will not result in us:
denying you goods or services,
charging you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties,
providing you a different level or quality of goods or services, or
suggesting that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
Changes to Our Privacy Notice
We reserve the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will notify you by one or more of the following: (i) providing you with an electronic notification through our website, by e-mail or other means of electronic communication or through any of our e-commerce or mobile applications, or (ii) making a revision to the privacy notice and changing the effective date shown above.
If you have any questions or comments about this notice, our Privacy Statement, the ways in which we collect and use your personal information, or your choices and rights regarding such use, or if you wish to exercise your rights under California law, please do not hesitate to contact us at:
Phone : 719-660-4575
1) Controller. For the purposes of this GDPR Notice, the controller of personal data is Soulr LLC and the contact details for the controller are firstname.lastname@example.org
2) How We Use Your Personal Information. Soulr is a U.S. company. When you submit your information to us through the Soulr Properties or otherwise through your interaction with us, your personal data will be transferred to our servers in the U.S. We will hold, use and disclose your personal data for the following primary purposes:
a) providing our products and services to you or the business you represent;
b) maintaining our business relationship and/or providing ongoing support, where you or the business you represent are a user of the Soulr Properties or a customer or you otherwise engage with us for business purposes;
c) responding to your comments or requests for information;
d) sending paper catalogs to you or the business you represent; and
e) enforcing any contracts that we enter into with you or the business you represent, or defending claims arising from such contracts.
We do not engage in e-mail marketing, and we would ask for your consent before doing so. However, we may contact you about your account or your transactions with us, or the account of the business you represent or the transactions with us of the business you represent.
3) The Legal Bases for Processing Your Personal Data. Under the GDPR, we rely upon the following grounds to process personal data the users the Soulr Properties and our customers:
a) Necessary for entering into, or performing a contract – To perform obligations that we undertake in providing products or services to you or the business you represent, or to take steps at your request to enter into a contract with us, it will be necessary for us to process your personal data. Without this information, we may not be able to provide our products and services to you.
b) Necessary for compliance with a legal obligation – We are subject to certain legal requirements that may require us to process your personal data. We may also be obligated by law to disclose your personal data to a regulatory body or law enforcement agency.
c) Necessary for the purposes of legitimate interests – Either we, or a third party, will need to process your personal data for the purposes of our (or a third party's) legitimate interests, provided we have established that those interests are not overridden by your rights and freedoms, including your right to have your personal data protected. Our legitimate interests include responding to requests and inquiries from you or a third party, optimizing the Soulr Properties and customer experience, informing you about our products and services, meeting your need for products (including servicing orders) and ensuring that our operations are conducted in an appropriate and efficient manner.
d) Consent – In some circumstances, we may ask for your consent to process your personal data in a particular way, including with respect to the international transfers described in Section 5 below.
4) How We Share Your Personal Data. We may disclose your personal data to other parties in the following circumstances:
a) where we have retained trusted third parties to provide services, such as delivery and logistics companies, payment processors, and website hosts and other IT infrastructure providers;
b) where necessary to protect the rights, property or safety of us or other users or customers;
c) where we are obligated, or permitted, to do so by applicable law, regulation or legal process, including disclosure to customs or other governmental authorities; or
d) if we (or substantially all of our assets) are acquired by a third party, in which case personal data held by us about the users of the Soulr Properties and customers will be one of the transferred assets.
5) We do not sell or license your personal data to third parties for their marketing or other commercial purposes.
7) How Long We Will Hold Your Information.We will retain your personal data for the time necessary to perform our obligations to you, or for a longer period if there are other purposes for which your personal data was collected or where we have other legitimate and compelling business reasons for retaining that information. For example, once a transaction has been completed, we will generally retain the contact details of a customer on our systems for a period of one year for the purposes of handling after-sales queries, communicating important product information, and providing better service to you in the future, or for other legitimate and compelling business reasons after which time we will transfer to paper for non-invasive retention. Per your request at email@example.com we can retain your data indefinitely.
8) Your Rights on Information We Hold About You. You have certain rights in relation to personal data we hold about you. Details of these rights are set out below and you can exercise them by contacting us by sending an e-mail to firstname.lastname@example.org. We will require evidence of your identity before we are able to act on your request.
a) Right of Access. You have the right at any time to ask us for a copy of the personal data about you that we hold, free of charge. Where we have good reason, and if the GDPR permits, we can refuse your request for a copy of your personal data, or certain elements of the request.
b) Right of Correction or Completion. If personal data we hold about you is not accurate or is out of date and requires amendment or correction, you have a right to have the data amended or rectified and to have incomplete data completed.
c) Right of Erasure. In certain circumstances, you have the right to request erasure of personal data that we hold about you, such as where the information is no longer necessary for the purposes for which it was collected or processed or where our processing of the information is based on your consent and there are no other legal grounds on which we may process or retain the information.
d) Right to Object to Processing. In certain circumstances, you have the right to object to our processing of your personal data. Those circumstances include where we are processing your data on the basis of our legitimate interests and there are no compelling legitimate grounds for our processing which override your rights and interests. You also have the right to object to use of your personal data for direct marketing purposes.
e) Right to Restrict Processing. In certain circumstances, you may have the right to restrict our use of your personal data, such as where you have challenged the accuracy of the information and during the period where we are verifying its accuracy.
f) Right of Data Portability. In certain instances, you have a right to receive any personal data that we hold about you in a structured, commonly used and machine-readable format or paper. You can ask us to transmit that information to you or directly to a third party organization. This right exists only with respect to personal data that you have previously provided to us and which is processed by us using automated means. While we will endeavor to satisfy your request as to a particular data format, we are not able to guarantee technical compatibility with a third party organization's systems. We are also unable to comply with requests that relate to personal data of others without their consent.
You can exercise any of the above rights by contacting us at email@example.com. Most of the above rights are subject to limitations and exceptions. We will provide reasons if we are unable to comply with any request for the exercise of your rights. In addition to the rights described above, you are entitled to lodge a complaint about our processing of your personal data with the relevant supervisory authority. See link for details: https://edpb.europa.eu/about-edpb/board/members_en
9) Cookies You have certain rights in relation to personal data we hold about you. Details of these rights are set out below and you can exercise them by contacting us at firstname.lastname@example.org. We will require evidence of your identity before we are able to act on your request.
a) What are Cookies? Our website uses small text files called cookies that help us identify you on return visits and provide information that is relevant to you. A cookie is a small file that a website stores on a visitor's device or computer, and that the visitor's browser provides to the website each time the visitor returns. These files also help us understand how our website is being used so that we can make it more effective for our users.
10) Consent If we are processing your personal data based on your consent, you have the right to withdraw your consent at any time. You can do this by contacting us at email@example.com.
11) Contact If you have any questions or if you would like to contact us about our processing of your personal data, including to exercise your rights as outlined above, please contact us at firstname.lastname@example.org .
VERSION DATE: JANUARY 3, 2021