SECTION 1 – WHAT INFORMATION DO WE COLLECT?
TTS collects two types of information from you: a) non-personal information, and b) personally identifiable information.
Non-Personal Information. When anyone uses the Site, whether they join our mailing list, buy something or just browse, we collect “Non-Personal Information,” including without limitation, website pages viewed, clickstream data, videos viewed, time spent using certain features, demographic data such as server locations, cookies existing on your computer, search criteria used and results, date, time, connections feed and other information that does not specifically identify you. We collect this information using various technologies, including, but not limited to, cookies and server logs (see below in Section 5 for more details).
Personally Identifiable Information. When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address. We also collect information from you when you send us an email through the Site, which may enable us to identify you personally, with information such as your email address, name, phone number, state of residence, birthday, age, physical address such as home or business address, or internet protocol (“IP”) address, which may also be contained on server logs, or other information you provide to the Site, such as contest entries and answers to questionnaires or surveys, or responses filled in on blank forms made available on the Site (“Personally Identifiable Information” and together with the Non-Personal Information, the “Data”). We may also collect and store information, which could include Non-Personal Information or Personally Identifiable Information, locally on your computer or device using mechanisms such as browser web storage or application data caches.
We use analytics programs and service providers, such as Google Analytics, which can use first party cookies to report on your interactions with the Site. Such firms collect information including, but not limited to, the time of each of your visits to the Site, whether you have visited the Site before, what website or advertisement referred you to the Site, and what pages you viewed on the Site. For more information about how data is collected and processed in connection with the Google Analytics service, visit: https://www.google.com/policies/privacy/partners/
For EU Residents Only: If you are a resident of the European Union, we will only collect and share information via cookies and other online tracking tools if you agree to its collection.
SECTION 2 – WHAT DO WE DO WITH YOUR INFORMATION?
TTS will use Non-Personal Information and Personally Identifiable Information a) to market our products and services to you, b) to provide products and services requested by you, c) to enable our business partners to provide and assist us in the marketing, operation, troubleshooting and analysis of our Site and other services, d) to engage in any other lawful activities we believe are consistent with the foregoing, and e) to protect against legal liability. We may provide any of these services through third parties, which may necessitate sharing Non-Personal Information and Personally Identifiable Information with them.
If you provide Data for a certain reason, we may use the Data in connection with the reason for which it was provided. For instance, if you contact us by email, we will use the Data you provide to answer your question or resolve your problem. We may also use your Data and other Personally Non-Identifiable information collected through our Site to help us improve the content and functionality of our Site, to better understand our users and to improve our products and services. We may use this information to communicate with you regarding our products and services or to tell you about the services we believe will be of interest to you. If at any time you wish not to receive any future marketing communications or you wish to have your name deleted from our mailing list, please contact us as indicated in the Opt-Out Policy below. Note however that if you purchase products or services from us, we may need to send you email communications that are transactional in nature such as payment confirmations, which are communications you will not be able to opt out of.
TTS employs or contracts with third parties, companies, or individuals to perform certain functions or services on its behalf. As such, these third parties, companies, or individuals may have access to your information, including Non-Personal Information or Personally Identifiable Information, as needed to perform their functions or services, and may not use it for other purposes.
We do not and will not sell any of your information, including Non-Personal Information or Personally Identifiable Information, to any third party for purposes of advertising, soliciting or telemarketing.
SECTION 3 - SHOPIFY
Our store is hosted by Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
SECTION 4 - SECURITY
To protect your Personally Identifiable Information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. If you provide your credit card information to our e-commerce partner Shopify, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
SECTION 5 – COOKIES, SERVER LOGS
“Cookies” are pieces of information that may be placed on your computer by a website for the purpose of facilitating and enhancing your communication and interaction with that website. “Server Logs” can be either a single log file or several log files automatically created and maintained by a server of activity performed by the server, which can include information about any transaction you conduct with the server. Here is a list of non-necessary cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
- _session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
- _shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
- _shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
- _secure_session_id, unique token, sessional
- storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
For EU Residents Only: If you are a European Union resident, a banner will appear allowing you the option to consent before proceeding to use our website.
SECTION 6 - UPDATING YOUR INFORMATION
If any of your information has changed (name, address, telephone number, and email address), please contact us at firstname.lastname@example.org. To protect your privacy, we will need to validate your identity before we update or review your information.
SECTION 7 – OPT-OUT POLICY
How do you get my consent?
By using our Site, you consent to our collection of Non-Personal Information. If you do not consent to the collection of Non-Personal Information, your only recourse is to not use this Site. When you provide us with Personally Identifiable Information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, you consent to our collecting it and using it for that specific reason only. Please note that at times we may need to send you email communications that are transactional in nature such as payment confirmations, which are communications you will not be able to opt out of.
If we ask for your Personally Identifiable Information for a secondary reason, like marketing, we will either ask you directly for your express consent, or provide you with an opportunity to opt-out.
TTS may at times send you email communications with marketing or promotional materials. If you prefer not to receive such marketing or promotional emails from us, you may unsubscribe completely by clicking on the unsubscribe link in the email or emailing us at: email@example.com or mailing the request to us at:
To The Stars Inc.
Attn: Privacy Officer
1051 South Coast Highway 101, Suite B
Encinitas, CA 92024
Please note that opt-out requests may take up to ten (10) business days to process. Please also note that at times we may need to send you email communications that are transactional in nature such as payment confirmations, which are communications you will not be able to opt out of.
We are not responsible for removing your Personally Identifiable Information from the lists of any third party who has previously been provided your information in accordance with this notice.
For EU Residents Only: If you are a resident of the European Union, we will only collect and share information via cookies and other online tracking tools if you agree to its collection. If you would like to take advantage of any of your rights under the EU General Data Protection Regulation (GDPR), such as your Right to Erasure (aka Right to be Forgotten) please contact us and we will be happy to assist you. For additional information related to EU residents, please see the EU Residents section of this policy.
SECTION 8 – EXCLUSIONS; UNSOLICITED INFORMATION
SECTION 9 - THIRD-PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
When you click on links on our store, they may direct you away from our Site. We are not responsible for the privacy practices of other websites and we encourage you to read their privacy statements.
SECTION 10 - AGE OF CONSENT
Our Site is not intended for use by children, especially those under thirteen (13) years of age. No one under age 13 is allowed to use the Site, provide any Personally Identifiable Information or receive our email distributions. We do not knowingly solicit or collect Personally Identifiable Information from children or teenagers under the age of 13. If you believe that a minor has disclosed Personally Identifiable Information to us, please report this to us immediately by emailing: firstname.lastname@example.org
SECTION 12 - QUESTIONS AND CONTACT INFORMATION
To The Stars, Inc.
Re: Privacy Compliance Officer
1051 South Coast Highway 101, Suite B
Encinitas, California 92024
CALIFORNIA PRIVACY RIGHTS
Residents of the State of California have the right to request certain details about how their information was shared with third parties during the preceding year for direct marketing purposes from companies that conduct business in California. Alternately, a company can comply with the law by providing clear opt-out capability to users. TTS has elected to comply with the law by allowing California residents to opt-out of having their information shared with third parties for direct marketing purposes. To opt-out, please follow the process described above in Section 7.
Keep in mind if you opt-in to the Site by using a different email address, you may still receive materials from us at that different email address.
european union residents
- We will use the personally identifiable information you provide us only as necessary to fulfill the purpose (e.g. processing your order, responding to an inquiry).
- We will only collect your information from non-essential cookies if you consent to that use.
- We will use the information you provide to us, such as the information you provide when placing an order submitting an inquiry, for our own marketing purposes if you consent to that use.
- If you wish to take advantage of any of your rights pursuant to the European Union Data Protection Regulation (GDPR), such as the Right to Erasure (aka Right to be Forgotten) or Portability, please contact us at email@example.com directly and we will be happy to assist you.
- If you feel our customer service department has not appropriately responded to your request pursuant to the GDPR, you may contact our Data Protection Officer directly. Please send all correspondence to our Privacy Compliance Officer (see Section 12 above).