Table of Contents
Collection of information
Usage of information
Protection of information
Cookie usage
Third-party disclosure
Third-party links
GDPR
Google Technologies
CalOPPA
Do Not Track
COPPA
Fair Information Practices Principle
CAN-SPAM
Our contact information
We have compiled this privacy policy to better serve those who are concerned with how their Personally Identifiable Information (PII) is being used online. PII, as used in US privacy law and information security, is information which may be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect, or otherwise handle your PII.
What PII do we collect from the people visiting our websites?
When ordering or registering on any of our sites, as appropriate, you may be asked to enter your name, email address, mailing address, phone number, or other details to help you with your experience.
When do we collect PII?
We collect PII from you when you register on any of our sites, place an order, subscribe to a newsletter, respond to a survey, fill out a form or enter information on any of our sites.
How do we use your PII?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, browse our websites, or use certain other site features, such as the following:
- to personalize the user experience and to allow us to deliver the type of content and product offerings in which you are interested;
- to administer a contest, promotion, survey, or other site feature;
- to process your transactions; or
- to send periodic emails regarding your order or other products and services.
How do we protect visitor PII?
We do not use vulnerability scanning and/or scanning to PCI standards.
Your personal information is contained behind reasonably-secured networks and is only accessible by a limited number of people who have special access rights to such systems, and who are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Transport Layer Security (TLS) technology.
We implement a variety of security measures when a user places an order, enters, submits, or accesses his or her information to maintain the safety of such PII.
All monetary transactions are processed through a gateway provider and are not stored or processed on our servers.
Do we use cookies?
Yes. Cookies are small files that a site or its service provider transfers to your Web browser (if you allow them) which enable the site’s or service provider’s systems to recognize your browser and capture and remember certain information. At your option, such cookies may be kept only in your computer’s memory, for the duration of your browser session (so-called “transient” cookies), or they may be stored on your hard disk (“persistent” cookies).
You may choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off receipt of all cookies. You do this through your web browser’s settings. Each browser is a little different, so look at your browser’s Help menu to learn the correct way to modify your cookie preferences.
Some of the ways in which we use cookies are:
- to remember and to process the items in the shopping cart;
- to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services;
- to help us compile aggregate data about site traffic and site interaction to assist us in offering better site experiences and tools in the future; and
- to save your preferences for future visits.
If cookies are disabled in your browser:
If you disable receipt of all cookies, some features of our sites may be disabled. Some of these affected features may otherwise make your site experience more efficient, and in some cases, disabling all cookies may cause some of our services to not function properly.
However, you may still place orders over the telephone by contacting customer service.
Third-party disclosure
We may transfer your name and email address to some outside parties. Normally, this is in order to fulfill orders for certain products we offer, or to properly register your ownership with third-party developers and/or vendors. You may be contacted by these parties regarding these products.
We may also provide such information (and more) to a government agency providing proof of authority for such a request. In this case, we will comply with all Federal and local laws.
Third-party links
We may include or offer third-party products or services on our websites. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites.
GDPR
We are committed to maintaining compliance with the European Union’s General Data Protection Regulation (GDPR). GDPR specifically addresses rights of EU citizens both living within the EU and elsewhere. As such, we make no distinction between data provided us by EU citizens and those of other countries, and afford equal protections to all of our visitors.
We have appointed a Data Protection Officer (DPO) to routinely audit for compliance with the GDPR. Our DPO may be reached at the privacy contact addresses listed below.
You have the right to be forgotten. What this means is that at any time and for any reason you may ask us to remove any and all data which our systems may have pertaining to you. We will make every effort to remove your information from our systems within 72 hours of such a request, and will further direct any and all third parties with whom your data may have been shared to do the same.
Google Technologies
Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users.
We have not knowingly enabled any Google technologies on our site, but we may do so in the future. Such technologies may be enabled by third-party components which we employ and of which we may be unaware. If we do choose to employ any such technologies, or if we become aware of a third-party component which utilizes them, we will take reasonable steps to provide advance notification.
Some of our content may be distributed to other sites beyond our control, either via rss, email, or social networking. We have no control over these third parties, and cannot guarantee that Google technologies are not employed on any third-party sites.
California Online Privacy Protection Act (CalOPPA)
CalOPPA is the first state law in the United States to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require a person or company in the US (and conceivably the world) operating websites which collect PII from California residents to post a conspicuous privacy policy on its website clearly stating the nature of the information being collected, with whom it is being shared, and to comply with this policy. See more here.
According to CalOPPA we agree to the following:
- Users may visit our site anonymously.
- Once this Privacy Policy has been created, we will add a link to it on our home page, or at a minimum, on the first significant page after entering our website.
- Our Privacy Policy link includes the word ‘Privacy’, and may be easily found on the page specified above.
- Users will be notified of any privacy policy changes on our Privacy Policy Page.
- Users are able to change their personal information, by either emailing us or logging into their accounts.
How does our site handle Do Not Track (DNT) signals?
We do not recognize (DNT) signals, but do not track, plant cookies, or use related advertising techniques, because we do not use tracking cookies or advertising networks.
Does our site allow third party behavioral tracking?
We do not allow third party behavioral tracking.
Children Online Privacy Protection Act (COPPA)
COPPA allows parents to determine what PII may be collected from children under the age of 13, The Federal Trade Commission, the United States’ consumer protection agency, enforces COPPA, which defines what operators of websites and online services must do to protect children’s privacy and safety online.
In addition, we do not specifically market to children under the age of 13.
Fair Information Practices Principles
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the world. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
Fair Information Practices Principles dictate that we will take the following responsive actions, should a data breach occur:
- We will notify the users via email within 7 business days of our discovery of such a data breach which may impact the safety and security of their PII.
- We will post notice on our affected site(s) within 7 business days of our discovery of such a data breach.
CAN-SPAM Act
The CAN-SPAM Act supplements the consumer protections provided by the Telephone Consumer Protection Act (TCPA). The law sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and prescribes tough penalties for violations.
We collect your email address in order to:
- send information to you and to respond to your inquiries via email;
- process orders and to send information and updates pertaining to those orders;
- send you additional information related to your product and/or service; and
- maintain our marketing mailing list, or continue to send emails to our clients after the original transaction has occurred.
To be accordance with CAN-SPAM we agree to:
- NOT use false or misleading subjects or email addresses;
- if sending an advertisement, identify the message as such in some reasonable way;
- include the physical address of our business or site headquarters;
- monitor third party email marketing services for compliance, if one is used;
- honor opt-out/unsubscribe requests quickly; and
- allow users to unsubscribe by using the link at the bottom of each email or by accepting such requests via direct email.
Contacting us
If there are any questions regarding this privacy policy you may contact us using the information below:
Arca Noae, LLC
7 Loudoun Street, SE, Suite 2B
Leesburg, VA 20175-3012
United States