Privacy policy
deBebians Privacy Policy
3. What Information We Collect
4. Use of Cookies and Other Tracking Technologies
6. When We Disclose Information
9. Retention of Personal Information
12. Your Choices About the Information We Collect
13. Visitors to the Site Outside of the United States
14. Your California Privacy Rights
15. Your Privacy Rights under Other US State Laws
16. Your Canadian Privacy Rights
17. Changes to This Privacy Policy
1. Introduction
Welcome. You have arrived at a website provided by EFA Diamonds Inc. (“deBebians,” “Company,” “we,” “our” or “us”). deBebians is a Los Angeles-based fine jewelry company that designs, manufactures, and sells engagement rings, wedding rings, lab-grown diamonds, gemstones, and custom jewelry through its websites and related services.
At deBebians, we take your privacy seriously. We provide this Privacy Policy (“Policy”) to tell you what information we collect about you, how we obtain it, how we share it, and how you may limit the ways in which we use your Personal Information. If you have questions about this Policy after you review it, feel free to contact us at general@deBebians.com.
2. Scope
This Policy governs deBebians’s website(s), their subdomains, and all subdomains or portals that link to this Policy (“Site”); or otherwise, when you provide Personal Information or interact with us online or in-person. This Policy also applies to Personal Information that we may collect from you in person at our physical locations (“Locations/Stores/Offices”), via phone calls or other communications with our representatives or in any other instance when you contact us. We refer to all the above as our “Services.” For the purpose of this Notice, "Personal Information" (sometimes referred to as “Personal Data”) means any personal information relating to an identified or identifiable individual that is protected by applicable privacy laws. The definition of Personal Information does not include publicly available information from federal, state, or local government records, such as professional licenses and real estate or property records.
Our Services are used by our partners (“Partners”), current and potential customers (“Customers”), and website visitors and people who shop at our online store (“Visitors”).[DI3]
By using our Sites or otherwise using our Services, you acknowledge this Policy and agree to our Terms and Conditions (“Terms”).
3. What Information We Collect
As a rule, we limit the Personal Information we collect to that which is reasonably necessary for us to provide our Services to you.
Data Sources
We collect Personal Information from the following sources:
· You directly
· Automatically from your Device/Browser, and via Cookies/Tracking Technologies
· Third Parties (including Service Providers)
Information That You Provide to Us
As you interact with our Site or Services, we collect the following Personal Information via webforms or inputs/uploads on our Site, and through telephone calls, text messages, letters, emails and other communications with you. The types of information we collect from you may differ depending on your relationship with the deBebians and/or the Site.
Visitors
· Contact information such as your first and last name, email address, job title, home or business address, telephone or mobile numbers.
Partners
· Contact information such as your first and last name, job title, email address, business or shipping address and telephone or mobile numbers; and
· Financial information such as your business credit card or debit card number, bank account information, and your payment, service and purchase history.
Customers
· Contact information such as your first and last name, username, email address, home or business address, shipping address, telephone or mobile numbers;
· Identifiers such as a driver’s license or passport number;
· Financial information such as your credit card or debit card number, bank account information, and your payment, service and purchase history;
· Social media handles, content and other data shared with us through third-party features that you use on our Site or Services (such as tools, payment services, widgets and plug-ins offered by social media services like Facebook, Instagram and Pinterest) or posted on social media pages (such as our social media page or other pages accessible to us);
· Other information that reasonably could be used to identify you personally; and
· If you apply for financing through Variant, you may be required to provide other Sensitive Personal Information, such as Social Security number, income information, citizenship status and photo identification. Please note that this information is provided to Variant Financial. You can learn more about Variant’s privacy practices here.
· If you apply for financing through Klarna or PayPal, you may need to provide additional information to those third parties via their own interfaces, but we do not receive that information. You can read more about Klarna’s privacy practices here and PayPal’s here.
Your decision to provide us with information is voluntary, but if you choose not to provide requested information, you may not be able to take advantage of all of the Site’s features or our Services.
Information That Is Automatically Collected
Like many businesses, we and our service providers automatically collect and/or store certain information when you visit or interact with the Site or Services (“Usage Information”), including via cookies and other tracking technologies (see “Use of Cookies and Other Tracking Technologies” section below). This Usage Information may be stored and/or accessed from your personal computer, laptop, tablet, mobile phone or other device (a “Device”) whenever you visit or interact with our Site. Usage Information includes:
· Your IP address, MAC address, IDFA, Android/Google Advertising ID, IMEI, or another unique identifier;
· Your Device functionality (including browser, browser language, settings and behavior, operating system, hardware, mobile network information);
· Your Device location or other location information, including the zip code, state or country from which you accessed the Services;
· Your Device characteristics (such as device type (computer vs. mobile) and ID, operating system, hardware);
· Cookies, tags, pixels and SDKs (see our “Use of Cookies and Other Tracking Technologies” section below);
· Name and user identification or profile values of other third-party platforms or social media sites;
· Referring and exit web pages and URLs;
· The areas within the Site that you visit and your activities there, including remembering you and your preferences;
· Certain other Device data, including the time of day you visit our Site or other information used to provide analytics or other usage information;
· Information about your engagement with our emails; and
· Statistical information about how unregistered and registered users, collectively, use the Site and Services.
Information Collected from Third Parties
The Site includes functionality that allows certain kinds of interactions between the Site and your account on a third-party website or application. The use of this functionality may involve the third-party site(s) providing information to us. For example, our store is hosted by Shopify Inc., which provides the e-commerce platform that enables us to sell our products. Shopify may process your information on our behalf as a service provider, or you may have an existing Shopify account that allows Shopify to provide certain information to us when you create a deBebians account within Shopify. Similarly, we might obtain information about the traffic and usage of deBebians from third parties. We might also provide links to make it easier to send a communication from the Site, or we may use third parties to make it easier to send emails or post to social media (like a “Share” or “Forward” button). These third parties may also use cookies and other tracking technologies to capture information about your interactions with deBebians.
deBebians does not have control over the information that is collected, used, and shared by these third parties. We encourage you to review the privacy statements of these third parties to understand their privacy practices.
Information We Infer
We derive information or draw inferences about you based on information we collect about you. For example, based on your browsing or purchases, we may infer your gender, your interest in certain activities or brands, or information about your purchasing activities over time.
4. Use of Cookies and Other Tracking Technologies
We use cookies and other tools (“Tracking Technologies”) to recognize your browser or device, to understand how people use our Site, to make it work correctly and to improve your experience. These Tracking Technologies store and collect Usage Information. Tracking Technologies may set, change, alter or modify settings or configurations on your Device. By using this Site in the U.S., you consent to our use of Tracking Technologies – where required by law, we will collect your affirmative consent before using these Tracking Technologies.
What are Cookies?
Cookies are small files that your browser stores on your Device. They help the website remember things like your preferences or whether you’ve logged in. Some cookies are placed by us (“first-party cookies”), and some are placed by our partners (“third-party cookies”) such as companies that provide analytics, video or advertising. Third-party cookies we use may include Google (AdSense, Analytics, DoubleClick, YouTube), Meta, Shopify, and others.
Do Cookies Contain Personal Information?
Cookies and similar technologies do not always directly identify you, but many laws treat them as “Personal Information” or “Personal Data” when the information collected, alone or combined with other data, can be linked to you or your Device. For example, if you log in to an account, we may associate cookie data with your account
Other Technologies We Use
In addition to cookies, we may use other Tracking Technologies, including:
· HTML5 local or session storage: browser-based storage used to remember certain settings or behaviors;
· Pixel tags, clear GIFs and web beacons: small images or snippets of code that load when you visit a page or open an email, telling us or Partners that you have engaged with content;
· Tags, scripts and containers (e.g., tag managers): snippets of code provided by analytics or marketing vendors to measure behavior or deliver functionality, or tools used to deploy and manage other tags (like Google Tag Manager);
· Software Development Kits (SDKs): a set of tools or code provided by a third party that developers add into an app or website to enable certain features, such as analytics, advertising, or login, and that may also collect information from users’ Devices.
· Embedded Scripts: snippets of code that are designed to collect information about your interactions with the Site, such as the links you click on;
· UTM parameters: short tags added to the end of a URL that help track where website traffic comes from—such as which email, ad, or social media post a visitor clicked before landing on a page.
· Device Identifiers and probabilistic identifiers: identifiers unique to your Device (e.g., mobile advertising IDs), or technology that are created by analyzing the characteristics of your Device or browser.
· Other data technologies may be used that collect comparable information for security or fraud detection purposes.
We may also engage third parties, such as Google Analytics or Meta, to track and analyze non-personally and personally identifiable website data, and to serve advertisements. To do so, we may permit third parties to place cookies on Devices of users of our Sites, where permitted by law, and subject to your right to opt out through the Site. We use the data collected to help us administer and improve the quality of the Site and to analyze the Site’s usage. Such third parties may combine the information we provide about you with other information they have collected.
These third parties are required to use your information in accordance with this Privacy Policy. We will record all such disclosures and will use reasonable efforts to ensure that such third parties do not use your Personal Information for any purpose that is not expressly provided for herein.
We classify our cookies into the following categories:
· Essential/Strictly Necessary Cookies. These cookies are needed for the Site to work (for example, keeping you logged in or letting the Site load properly). You cannot disable this type of cookie on our Site.
· Functionality Cookies. Also known as “preference cookies,” these cookies allow the Site to remember choices you have made in the past, like what language you prefer, or what your username and password are so you can automatically log in. Disabling these cookies can cause some parts of the Site to not work properly, so we discourage you from disabling these cookies.
· Performance and Analytics Cookies. These cookies collect information about how you use a website, like which pages you visited and which links you clicked on, to improve website functions. In some jurisdictions, you may be able to turn these cookies off.
· Targeting and Advertising Cookies. These are used by us or our Partners to deliver more relevant advertising, measure our marketing, or prevent you from seeing the same ad too many times. These cookies can share that information with other organizations or advertisers. In some jurisdictions, you may be able to turn these cookies off.
Depending on your browser settings or your location, you may be able to:
· Adjust your cookie preferences through our cookie banner;
· Block or delete cookies in your browser;
· Opt out of certain analytics or advertising tools; or
· Change your Device settings to limit tracking.
If you block some cookies, certain features on our Site may not work as intended.
Advertising Tools We Use
We use Google (AdSense, Analytics, DoubleClick, YouTube), Meta (Facebook), Shopify and other third-party tools to help us understand how people use the Site and what ads that may be more relevant to you. These tools may use cookies or other identifiers to measure how effective our ads are, learn what content is useful to visitors, or show ads based on your activity on our Site or other sites.
5. Why We Collect Information
We use the information we collect about you in a variety of ways, including the following:
To Provide Our Services
We process certain Personal Information when you access or use our Services, including to:
- operate, maintain and improve the Site and its Services;
- enable you to access and use the Site;
- send you notices, updates, security alerts and support and other messages;
- provide and deliver the services and features you request, process and complete transactions, and send you related information, including purchase confirmations and invoices;
· process your purchases of, or requests for, products and Services;
· create and verify customer accounts;
· support and improve our discount offerings;
· deliver gift cards or e-gifts, and any associated personalized messages, in accordance with your instructions;
· facilitate the functionality of our Site, including payment-related functionality; and
· customize experiences and personalization when you are on our Site, or in and around our stores, if you have given permission for location sharing.
To Communicate with You
We process certain information to communicate with you in relation to your accounts, our Services, our marketing, and your requests, including to:
· communicate with you about orders, purchases, returns, services, accounts, programs, contests, and sweepstakes;
· respond to your customer service inquiries and requests for information;
· post your comments or statements on our Site;
· send you personalized promotions, content, and special offers;
· communicate with you about our brands, products, events, or other promotional purposes;
· implement your communications preferences, such as sharing information with our business partners so that they may email you about their promotions, products and initiatives; and
· provide important product information.
For Improvement of Our Site or Services
We want to ensure that our Site and Services are continually improving and expanding so that we meet and exceed your needs and expectations. To do so, we may process certain Personal Information, including to:
· test, research, analyze, or develop products;
· maintain, improve, or analyze our Site or Services; and
· detect, prevent, or investigate suspicious activity or fraud.
For Profiling
We use Personal Information to create profiles that allow us to send communications and/or advertisements that may be more relevant or interesting to you.
To Comply with Applicable Laws
We may be required to process certain Personal Information to comply with applicable laws and regulations, such as tax laws, as well as to:
· maintain appropriate records for internal administrative purposes; and
· comply with applicable legal and regulatory obligations, and respond to lawful governmental requests, as needed.
To Enforce our Terms, Agreements, or Policies
To maintain a safe, secure, and trusted environment for you when you use our Site and Services, we use your Personal Information to ensure our terms, policies, and agreements with you and any third parties are enforced.
To Evaluate Your Application for Employment
We use your Personal Information to evaluate your application for employment or administer employment benefits.
With Your Consent
We process certain Personal Information to fulfill any other business or commercial purposes at your direction or with your consent.
6. When We Disclose Information
To the extent permitted by law, certain Personal Information about you may be disclosed in the following situations:
· Service providers. We may disclose Personal Information to our affiliates and third-party service providers that perform services on our behalf, such as cloud hosting, data storage, payment processing, customer service, analytics, marketing support, communications delivery, IT services, and other operational functions. We require these service providers to enter into written agreements that limit their use of the information to the services they provide to us, prohibit them from using the information for their own purposes, and require them to safeguard the information and keep it confidential. These service providers may access Personal Information only as needed to perform their services.
· Marketing and advertising. We may use and share your information with our affiliates, service providers, and trusted marketing partners to send you marketing communications, personalize the content you see, measure advertising performance, and offer products or services that may be of interest to you. We share only the information needed to support these activities, and these Partners are required to protect your information and use it only for the purposes we specify. You can opt out of our marketing emails at any time by following the instructions in those messages or contacting us directly. Depending on your location, you may also have the right to opt out of certain types of data sharing used for targeted advertising.
· Legal process. We may disclose your information to comply with the law, legal process, or government requests, including responding to a validly issued and enforceable subpoena, court order, summons, search warrant, regulatory inquiry or other legally enforceable demand. We may also disclose information as necessary in connection with actual or threatened legal proceedings or alternative dispute resolution proceedings either initiated by or against us. When we do so, we limit the disclosure to what is reasonably necessary and take steps to seek confidential treatment or other protections to prevent the information from becoming public, unless we are legally prohibited from doing so.
· Compliance. We may disclose your information in the course of a review of our practices under the authorization of a state or federal agency, or as necessary to properly respond to an inquiry or complaint from such an agency or organization.
· Business Transfers and Corporate Transactions. We may use or share your Personal Information in conjunction with a prospective purchase, sale, or merger of all or part of deBebians. This may include sharing information with potential or actual purchasers, investors, or other transaction partners and their advisors as part of due diligence or the transaction itself. Where appropriate, we will take steps to require those parties to protect the information and use it only for the purposes of evaluating or completing the transaction. If the transaction is completed, Personal Information may be transferred to the buyer or successor or affiliate as part of the transferred assets or ongoing business operations.
Finally, we may aggregate, de-identify, and/or anonymize any information collected through the Site or Services such that such information is no longer linked to your Personal Information. We may use and share this aggregated and anonymized information (non-Personal Information) for any purpose, including without limitation, for research and marketing purposes, and with our affiliates and third parties, including advertisers, promotional partners, and others.
7. Children’s Privacy
Our Site is not intended for use by children under the age of 18. We do not request or knowingly collect any personally identifiable information from children under the age of 18. If you are the parent or guardian of a child under 18 who you believe has provided her or his information to us, please contact us using the information in the “Contact Us” section below to request the deletion of that information.
8. Automated Decision Making
Currently, we do not use Automated Decision-Making Technology (“ADMT”) to make legal or other significant decisions, so we are not required to provide you a right to opt out of ADMT use.
9. Retention of Personal Information
We will retain your Personal Information only for as long as is necessary for the purposes set out in this Policy. We will retain and use your Personal Information to the extent necessary to comply with our legal obligations (for example, if we are required to retain your Personal Information to comply with applicable laws), resolve disputes and enforce our legal agreements and policies.
All information you provide to us is stored on our secure servers or those of our third-party data storage providers.
We utilize the following criteria to determine the length of time for which we retain Personal Information:
· How long we have had a relationship with you or provided our Services to you;
- The business purposes for which the information is used, and the length of time for which the information is required to achieve those purposes;
- Whether we are required to retain the information, or the information is otherwise necessary, in order to comply with legal obligations or contractual commitments, defend against potential legal claims, detect or prevent potential illegal activity or actions in violation of our policies and procedures, secure our systems and online environment and protect health and safety;
- The privacy impact on individuals of ongoing retention; and
- The manner in which information is maintained and flows through our systems, and how best to manage the lifecycle of information in light of the volume and complexity of the systems in our infrastructure.
10. Links
For your convenience, the Site and this Policy may contain links to other websites. deBebians is not responsible for the privacy practices, advertising, products, services, or the content of such other websites. None of the links on the Site should be deemed to imply that deBebians endorses or has any affiliation with the links.
11. Security
We incorporate commercially reasonable safeguards to help protect and secure your Personal Information. However, no data transmission over the Internet, mobile networks, wireless transmission, or electronic storage of information can be guaranteed as 100% secure. As a result, we cannot guarantee or warrant the security of any information you transmit to or from the Site, and you provide us with your information at your own risk.
12. Your Choices About the Information We Collect
Updating Your Personal Information
We prefer to keep your Personal Information accurate and up to date. If you would like to change your contact information, please contact us using the information in the “Contact Us” section below. We will make good faith efforts to make requested changes in our then active databases as soon as reasonably practicable (but we may retain prior information as business records).
Communications Preferences
You can opt out of receiving marketing emails from us at any time. You will still receive transactional messages from us. To manage your email preferences with us, please click on the Unsubscribe link in any email you receive from us or contact us using the information in the “Contact Us” section below. Your choice will not affect our ability to share information in the other ways described in this Policy.
To opt out of text messages from us, text “STOP” to the number from which you received the text message at any time. For more information on SMS and text messaging, please see our Terms.
Do Not Track Disclosure
Do Not Track (“DNT”) is a web browser setting that requests a web application disable its tracking of an individual user. When you choose to turn on the DNT setting in your browser, your browser sends a special signal to websites, analytics companies, ad networks, plug in providers, and other web services you encounter while browsing to stop tracking your activity. Various third parties are developing or have developed signals or other mechanisms for the expression of consumer choice regarding the collection of information about an individual consumer’s online activities over time and across third-party websites or online services (e.g., browser do not track signals), but there is no universally agreed upon standard for what a company should do when it detects a DNT signal. Currently, we do not monitor or take any action with respect to these signals or other mechanisms. You can learn more about Do Not Track here.
Opt-Out Preference Signals
Some browsers and browser extensions support opt-out preference signals such as the Global Privacy Control (“GPC”) that can send a signal to the websites you visit indicating your choice to opt-out from certain types of data processing, including data sales. GPC is a web browser-level setting, maintained by either a browser or a browser extension, that a user or privacy-focused technology can set. In certain jurisdictions, when we detect a GPC , we will make reasonable efforts to respect your choices as required by applicable law.
Controlling Your Cookies
In certain jurisdictions, you can opt-out of cookies by enabling an opt-out preference signal (“OOPS”) or GPC on your browser, or opting-out of cookies in our Site’s cookie preference center. You may also make individual selections on your Device or browser. On most web browsers, you will find a “help” section on the toolbar. Please refer to this section for information on how to receive a notification when you are receiving a new cookie and how to turn cookies off. Please see the links below to learn how to modify your web browser’s settings on the most popular browsers:
Note that if you turn cookies off, you may be unable to access certain parts or benefit from the functionality of the Site. To learn more about cookies and similar technologies, or to opt-out of targeted advertising cookies, visit resources from the Digital Advertising Alliance (“DAA”). We do not control these opt-out links or whether any organization chooses to participate in these opt-out programs.
Please note that even if you exercise the opt-out choices above, you may continue to receive advertisements, for example, based on the website you are viewing (e.g., contextually based ads), or ads that are not targeted at you and may be less relevant. Also, if your browser (like some Safari browsers) is configured to reject opt-out cookies when you opt out on the DAA website, your opt-out may not be effective. We always do our best to honor your choices, but because some choices are set at the browser or device level, you may have to make these choices multiple times if you use different browsers or different Devices.
Your Choices for Google Tools
Our Google Analytics Advertising tools may include remarketing, impression reporting, demographics and interest reporting and cross-service integrations. Google offers several ways to control how your information is used for advertising.
· Google Ads Settings – You can opt out of personalized ads from Google by adjusting your settings here.
· Google Analytics Opt-Out Browser Add-On – You can block Google Analytics from accessing your online activity with a browser add-on here.
· Google AdWords Remarketing - You can opt out of Google AdWords Remarketing here.
· Direct-Level Advertising Settings – Many mobile devices allow you to limit the use of Advertising IDs (Android Ad ID or Apple IDFA). See your Device’s settings for more information.
With respect to these advertising features, deBebians is the sole controller under all applicable data protection laws. We will not identify users or facilitate the merging of Personal Information with additional information collected through any Google advertising product or feature unless we have your affirmative opt-in consent to that identification or merger.
Your Choices for Meta (Facebook) Tools
If we use the Meta Pixel, Meta may use information about your activity on our Site to personalize ads you see on Facebook, Instagram and other Meta services. You can control your ad preferences directly with Meta:
· Meta Ad Preferences – You can view or change your Facebook Ad Preferences here.
Your Choices for Management and Advertising Tools
We may use Shopify cookies, pixels and other Tracking Technologies on our Site, which are third-party systems. You can control your ad preferences directly with these Shopify specific vendors:
· Shopify Opt-Out Rights and Information – You can view your options for opt outs via Shopify’s Cookie Policy page here.
13. Visitors to the Site Outside of the United States
If you are visiting the Site from a location outside of the U.S., your connection will be through and to servers located in the U.S. All information you receive from the Site will be created on servers located in the U.S., and all information you provide will be maintained on web servers and systems located within the U.S. The data protection laws in the United States may differ from those of the country in which you are located, and your information may be subject to access requests from governments, courts, or law enforcement in the United States according to laws of the United States. By using the Site or providing us with any information, you consent to the transfer to, and processing, usage, sharing and storage of your information in the United States and in other countries, as set forth in this Policy.
14. Your California Privacy Rights
This section of the Policy applies solely to California residents. We adopt this Section to comply with the California Consumer Privacy Act (“CCPA”) as amended by the California Privacy Rights Act (“CPRA”). Any terms defined in the CCPA or CPRA have the same meaning when used in this Section.
Notice at Collection of Personal Information We Collect and Purposes For Use
We will collect Personal Information for the business and commercial purposes outlined below. The categories of Personal Information we intend to collect and the purposes for which we use each category are set forth in the table below. We do not collect additional categories of Personal Information or use the Personal Information we collect for materially different, unrelated, or incompatible purposes without providing notice at or before the time the information is collected.
Under the CCPA, “sell” means to disclose, make available, or otherwise communicate Personal Information to a third party for monetary or other valuable consideration. This may include certain disclosures made in connection with advertising or marketing relationships, depending on how the recipient uses the information. “Share” means to disclose Personal Information to a third party for cross-context behavioral advertising. We disclose Personal Information to our service providers and contractors for business purposes (such as analytics, security, support, or website hosting), which is not considered a sale or sharing under the CCPA when the recipient is contractually restricted from using the information for its own purposes. Under the CCPA, a “third party” is an entity that is not a service provider or contractor and that is not controlled by or controlling the business.
We will retain each category of Personal Information for the period reasonably necessary to fulfill the purposes described below unless a longer retention period is required or permitted by law. Please see our “Retention of Personal Information” section above.
If we sell or share Personal Information or use or disclose Sensitive Personal Information (“SPI”), we indicate that in the table below.
|
Category of Personal Information |
Business Purpose for Collection or Use |
Sold/Shared? |
Retention Period |
|
Identifiers: such as name, email, phone number |
Provide services, communication, enforce agreements, personalization, advertising, analytics, improve services, comply with law, account management, processing transactions, security/fraud prevention |
No/Yes |
Duration of customer relationship with you and/or legal retention periods |
|
Customer Records: such as billing information, account credentials |
Provide services, communication, enforce agreements, personalization, advertising, analytics, improve services, profiling, comply with law, account management, processing transactions, security/fraud prevention |
No/Yes |
7 years or life of account |
|
Protected Classifications: such as age, race, marital status, gender, veteran’s status |
Provide services, communication, personalization, improve services, profiling, comply with law, account management, security/fraud prevention; provide employment benefits |
No/No |
During period of employment (if needed to administer benefits); during customer relationship if provided for special benefits (e.g., veteran’s status) |
|
Commercial Information: such as purchases, transaction history |
Provide services, communication, enforce agreements, personalization, advertising, analytics, improve services, profiling, comply with law, account management, processing transactions, security/fraud prevention |
Yes/Yes |
Duration of customer relationship with you and/or legal retention periods |
|
Internet or Network Activity: such as browsing history, information regarding interaction with a website |
Improve services, personalization, advertising, analytics, security/fraud prevention |
Yes/Yes |
2 years or per cookie lifecycle |
|
Geolocation Data: such as physical location and/or movements |
Improve services, personalization, advertising, analytics, security/fraud prevention |
No/Yes |
2 years or per cookie lifecycle |
|
Professional/Employment Information: such as current or past job history and evaluations |
Provide benefits, enforce agreements, comply with law, security/fraud prevention |
No/No |
During period of employment |
|
Education Information: records maintained by an educational institution, such as school transcripts |
Provide benefits, enforce agreements, comply with law, security/fraud prevention |
No/No |
During period of employment |
|
Inferences: information used to create a profile about you, such as preferences or likes |
Improve services, communication, personalization, profiling, advertising, analytics |
Yes/Yes |
Duration of customer relationship with you and/or legal retention periods |
|
Sensitive Personal Information: like social security number |
Provide services, communication, enforce agreements, comply with law, account management, processing transactions, security/fraud prevention |
No/No |
During period of employment (if needed to administer benefits); during customer relationship for tax or other regulatory purposes |
Notice of California Privacy Rights
In addition to the rights set forth in the “Your Choices About the Information We Collect” section above, California residents have the following additional privacy rights:
· Right to Know (Categories): To know the categories of Personal Information we collect, the categories of sources from which it is collected, the purposes for which we use it, whether we sell or share it, and the categories of third parties to whom we disclose it.
· Right to Know (Retention): To know the length of time we intend to retain each category of Personal Information, or the criteria used to determine such period;
· Right to Know (Specific Pieces): To access the specific pieces of Personal Information we have collected about you;
· Right to Delete: To request deletion of the Personal Information you have provided to us, subject to certain exceptions;
· Right to Correct: To request that we correct inaccurate Personal Information that we maintain about you;
· Right to Opt-Out of Sale of Personal Information: To direct us to not sell your Personal Information;
· Right to Opt-Out of Sharing: To direct us to not share your Personal Information for cross-contextual behavioral advertising;
· Right to Know About Sensitive Personal Information: To know whether we collect SPI, the categories of SPI collected, the purposes for which we use the SPI, and whether the SPI is sold or shared;
· Right to Limit the Use and Disclosure of Sensitive Personal Information: To request that we limit our use and disclosure of your SPI to the purposes permitted by the CCPA; and
· Right to Non-Discrimination: To not receive discriminatory treatment for exercising any of your CCPA privacy rights.
Request to Know, Correct, or Delete
California residents have the right to request, under certain circumstances, that a business that collects Personal Information about them disclose the information listed below for the preceding 12 months:
· The categories of Personal Information collected about you;
· The categories of sources from which the Personal Information is collected;
· The business or commercial purpose for collecting, disclosing, selling or sharing Personal Information;
· The categories of third parties to whom the business discloses Personal Information for a business purpose;
· The categories of Personal Information that we sold or shared;
· The categories of third parties to whom we sold or shared Personal Information; and
· The specific pieces of Personal Information collected, disclosed, or sold or shared about you.
· Whether we collected Sensitive Personal Information about you and whether such information is sold or shared, subject to applicable exceptions.
You can also request that we correct or delete your Personal Information. There may be certain exceptions to our obligation to correct or delete your information such as if you have an existing account or transaction with us or if we have a legitimate business reason to keep your information.
Please note that if we collected information about you for a single one-time transaction and do not keep that information in the ordinary course of business, that information will not be retained for purposes of a request under this section. In addition, if we have de-identified or anonymized data about you, we are not required to re-identify or otherwise link your identity to that data if it is not otherwise maintained that way in our records.
Personal Information Collected Within Last Twelve (12) Months
We have collected, used and disclosed the following categories of Personal Information from consumers within the last twelve (12) months:
|
Category of Personal Information |
Sources of Information |
Business Purpose for Collection, Use or Disclosure |
Categories of Service Providers or other Third Parties To Whom Information is Provided for a Business Purpose |
Categories of Third Parties To Whom Information is Sold or Shared |
|
Identifiers: such as name, email, phone number |
You, Automatically, Third Parties |
Provide services, communication, enforce agreements, personalization, advertising, analytics, improve services, comply with law, account management, processing transactions, security/fraud prevention |
Data processing and analytics vendors, payment processors, service providers such as website hosting, security vendors, or customer service vendors |
Analytics and advertising vendors |
|
Customer Records: such as billing information, account credentials |
You, Automatically, Third Parties |
Provide services, communication, enforce agreements, personalization, advertising, analytics, improve services, profiling, comply with law, account management, processing transactions, security/fraud prevention |
Data processing vendors, payment processors, service providers such as website hosting, security vendors, or customer service vendors |
Site Host, and Payment process vendors |
|
Protected Classifications: such as age, race, marital status, gender, veteran’s status |
You |
Provide services, communication, personalization, comply with law, security/fraud prevention; provide employee benefits |
Employee benefits vendors or other service providers for employment services
|
None |
|
Commercial Information: such as purchases, transaction history |
You, Automatically |
Provide services, communication, enforce agreements, personalization, advertising, analytics, improve services, profiling, comply with law, account management, processing transactions, security/fraud prevention |
Data processing vendors, payment processors, service providers such as website hosting, security vendors, or customer service vendors |
Site Host, Analytics and advertising vendors |
|
Internet or Network Activity: such as browsing history, information regarding interaction with a website |
Automatically, Third Parties |
Improve services, personalization, advertising, analytics, security/fraud prevention |
Data processing vendors, service providers such as website hosting, security vendors, or customer service vendors |
Analytics and advertising vendors |
|
Geolocation Data: such as physical location and/or movements |
Automatically, if provided via Device |
Improve services, personalization, advertising, analytics, security/fraud prevention |
Data processing vendors, payment processors, service providers such as website hosting, security vendors, or customer service vendors |
Analytics and advertising vendors |
|
Professional/Employment Information: such as current or past job history and evaluations |
You, Third Parties |
Provide benefits, enforce agreements, comply with law, security/fraud prevention |
Service providers such as job search websites or employee benefits providers |
None |
|
Education Information: records maintained by an educational institution, such as school transcripts |
You, Third Parties |
Provide benefits, enforce agreements, comply with law, security/fraud prevention |
Service providers such as job search websites or employee benefits providers |
None |
|
Inferences: information used to create a profile about you, such as preferences or likes |
You, Automatically, Third Parties |
Improve services, communication, personalization, profiling, advertising, analytics |
Data processing vendors, payment processors, service providers such as website hosting, security vendors, or customer service vendors |
Site Host, Analytics and advertising vendors |
|
Sensitive Personal Information: such as Social Security number |
You |
For employees or financial transactions only; to comply with law, provide employee benefits, security/fraud prevention |
Employee benefits or requests for financing (handled by third party only) |
None |
Information related to how long we retain each category of Personal Information is included in the “Retention of Personal Information” section above.
Do Not Sell My Personal Information
As a California resident, you also have the right, to tell us at any time not to sell your Personal Information – this is called the “right to opt-out” of the sale of Personal Information. We do not sell Personal Information, but we recognize that some privacy laws define “Personal Information” in such a way that making available identifiers linked to you for a benefit may be considered a “sale.” To opt out of this, please click on the link in our footer or submit a request using the information in the Contact Us section below.
Right to Limit Use of Sensitive Personal Information
California residents have the right to limit the use of each type of Sensitive Personal Information for each purpose with each type of third-party partner. Please note that we only keep your SPI for a limited time, and only for the transaction for which it is required. Currently, we do not use SPI for purposes that give rise to the right to limit its use under California law. Specifically, we do not provide your SPI to any third parties, other than those service providers that are necessary for us to provide our Services to you.
Right Not to Be Discriminated Against
We will not discriminate against you for exercising any of your rights under the CCPA. Unless permitted by California law, we will not:
· Deny you goods or services;
· Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;
· Provide you a different level or quality of goods or services; or
· Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
Notice of Financial Incentives
We offer programs, benefits, and other offerings to Customers of our Services related to our collection and use of Personal Information that might be deemed a “financial incentive” or “price service difference” under the California Privacy Laws. These offerings may involve the collection of the following categories of Personal Information from consumers like you that participate: identifiers; customer records; protected class and demographic information; commercial information and preferences; Internet or other electronic network activity information and device information; audio, electronic, visual, and other sensory information; and inferences. We are providing you this information so that you may make an informed decision on whether to participate in our programs. Examples of the programs that we offer as part of the Services include:
1. Limited Time Promotions, Contests, or Sweepstakes. From time to time, we may offer you incentives limited to a specific time period, such as limited-time promotions, contests, or sweepstakes. In exchange for your participation in these programs, you may be offered a financial incentive, such as a prize or discount to receive the Services. As part of these limited-time programs, we may collect and use your Personal Information, such as, your name; mailing address; email address; telephone number; beliefs; customer records; opinions; preferences; inferences; experiences; Internet or other electronic network activity information and device information; protected class and demographic information; and audio, electronic, visual, and other sensory information. Participation in any such promotions, contests, or sweepstakes are governed by this Policy, and our Terms in addition to any specific terms and conditions that apply to any such promotions, contests, or sweepstakes. You can terminate your participation in these promotions, contests, or sweepstakes at any time as will be explained in the specific terms or by unsubscribing to our Services. Our good-faith estimate of the value of your Personal Information for participating in our promotions, contests, and sweepstakes program is the value of the benefit we offer you. We have calculated such value by using the expense related to the benefit.
2. SMS/Text Message Alert Programs. We may offer current or potential users of our Services the opportunity to sign up to receive marketing-related SMS/Text Message notifications about the Services. As part of these programs, you may receive a financial incentive from us, such as special promotional offers or discounts regarding Goods or Services. In exchange for your participation in these programs, we may collect your Personal Information, such as your mobile phone number, name, and email address. No purchase is required to sign up for message alerts from us, although standard text messaging rates and fees (as determined by your cellular network provider) may apply. Participation in these programs is governed by this Policy, our Terms, and the terms and conditions of any additional agreements provided to you before you sign up to participate in the program. You may cancel or terminate your participation in these programs at any time by following instructions you receive in the agreements and materials that we provide to you when you sign up to participate in the program, or by calling the official customer service number provided in the “Contact Us” webpage of the Website for our publication that is sending you the SMS/Text Message notification. You may also cancel or terminate your participation in these programs by following the instructions in the SMS/Text Message notifications that you receive from us. Our good-faith estimate of the value of your Personal Information for participating in our SMS/Text Message notification programs is the value of the benefit we offer you. We have calculated such value by using the expense related to the benefit.
Third Party Marketing (“Shine the Light” Law)
If you are a California resident with an established business relationship with us, you have the right under California Civil Code Section 1798.83 to request information regarding the disclosure of your Personal Information in the preceding calendar year to third parties for their own direct marketing purposes. We do not currently disclose Personal Information protected under this section to third parties for their own direct marketing purposes.
Exercising Your California Privacy Rights
You or your authorized agent may make a request to access, correct, delete, opt-out of the sale of your Personal Information, or limit the use of your Sensitive Personal Information by contacting us as follows:
· Email Address: general@debebians.com
· Telephone Number: 213-627-1300
If you use an authorized agent to submit your request, we may require proof of the written authorization you have given. We also may require you to confirm your identity and your residency to obtain the information, and you are only entitled to make this request twice annually. For emails, please include “California Privacy Rights” as the subject line. You must include your full name, email address, and attest to the fact that you are a California resident. We will acknowledge your request within 10 days and respond to your request within 45 days or let you know if we need additional time. If you make this request by telephone, we may also ask you to provide the request in writing so that we may verify your identity. If we are unable to honor your request for any reason, we will notify you of the reason within the request time period.
15. Your Privacy Rights under Other US State Laws
If you live in certain other U.S. states, such as Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, Nevada, New Hampshire, New Jersey, Oklahoma, Oregon, Rhode Island, Tennessee, Texas, Utah, or Virginia, you may have rights under applicable privacy laws. These rights are in addition to those rights set forth in the “Your Choices About the Information We Collect” section above.
Based on the applicable law in the state where you live, you may have the following rights with respect to your Personal Information or Personal Data:
· To confirm whether or not a controller is processing your Personal Data and to access such Personal Data;
· To know the categories of Personal Information we collect about you, the purposes for the collection, how long we retain your Personal Information, and whether that information is sold or shared or disclosed and to whom;
· To correct inaccuracies in your Personal Data;
· To delete your Personal Data;
· To obtain a copy of your Personal Data that you previously provided to us in a portable, and if technically feasible, readily usable format, if processing is carried out by automated means;
· To opt out of the processing of your Personal Data for purposes of (i) targeted advertising, (ii) the sale of Personal Data, or (iii) profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer;
· For Minnesota and Oregon residents, you have the right to request a list of the specific third parties to whom we have disclosed your personal data.
· For Nevada residents, you have the right to request certain information from us regarding the collection and sale of your personal information during your visit to our websites or when you otherwise interact with us online. If you have sought or acquired, by purchase or lease, any goods or services for personal, family, or household purposes from us, you may ask us to disclose whether we have sold for monetary consideration certain information about you. We do not sell personal information about you for monetary consideration.
· For Texas residents, you have the right to learn whether we sell your biometric data or other sensitive personal information to third parties. We do not sell this information to third parties.
· To not discriminate against you because you have exercised any of these rights, including by:
o denying you Services;
o charging different prices or rates for our Services, including through the use of discounts or other benefits or imposing penalties;
o providing you a different level or quality of Services; and/or
o suggesting that you will receive a different price or rate for Services, or at a different level or quality of Services.
To exercise any of these rights, you may make a request to confirm, access, correct, delete, obtain a copy, or opt-out of the processing of your Personal Data for targeted advertising, sale, or profiling by contacting us using the information in the “Contact Us” section below. Please include your state of residence.
We may require you to confirm your identity and your residence in order to obtain the information, and you are only entitled to make this request up to twice annually. For emails, please include “Privacy Rights” as the subject line. You must include your full name, email address, and attest to the state in which you are a resident.
We will process your request within 45 days or let you know if we need additional time or cannot process your request. If you make this request by telephone, we may also ask you to provide the request in writing so that we may verify your identity. If we are unable to honor your request for any reason, we will notify you of the reason within the request time period.
Right to Opt Out
You may have the right to opt out of the processing of your Personal Data for purposes of (i) targeted advertising, (ii) the sale of Personal Data, or (iii) profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer. To exercise your right, please contact us using the information in the “Contact Us” section below. Please include your state of residence.
Appeals of Our Decisions
In some jurisdictions, you may appeal to us if we refuse to take action on your exercise of certain rights as described above. In order to appeal such a refusal, please contact us using the information in the “Contact Us” section below with the subject line “Appeal of Refusal to Take Action on Privacy Request,” and provide the relevant information in the email.
If we decline to take action on any request you make, we will provide you with the information required under the applicable law where you live. This may include an explanation of why we declined your request, information on how to appeal our decision, or how to make a complaint to your state Attorney General.
16. Your Canadian Privacy Rights
Canadian laws provide specific privacy rights to our Canadian customers. If you are a resident of Canada, this section applies in addition to all other applicable rights and information contained in this Policy.
Where applicable, we follow applicable Canadian federal and provincial privacy laws (“Canadian Privacy Laws”), including:
· The Personal Information Protection and Electronic Documents Act (PIPEDA)
· Alberta’s Personal Information Protection Act (Alberta PIPA)
· British Columbia’s Personal Information Protection Act (BC PIPA)
· Québec's Act respecting the protection of Personal Information in the private sector (Québec Act).
Consent
We collect, use, and disclose Personal Information with consent that is appropriate to the sensitivity of the information and the circumstances, as permitted by applicable Canadian Privacy Laws. In some cases, consent may be implied where the purpose is obvious, and the individual voluntarily provides the information. In other circumstances, including when required by law or when involving Sensitive Personal Information, we will obtain express consent prior to our collection, use, and disclosure of your Personal Information. Where you have provided consent to the collection, use, or disclosure of your Personal Information, you may have the legal right to withdraw that consent, subject to legal or contractual restrictions and reasonable notice.
In addition to the methods described above with respect to your privacy choices, you may withdraw your consent by submitting a request using the information in the “Contacting Us” section below. Please note that if you withdraw your consent, we may not be able to provide you with certain products or Services. Where applicable, we will explain the impact of your withdrawal of consent at the time of your request.
Use of Your Personal Information
We will not collect, use, or disclose Personal Information except for the purposes identified in this Policy (including in the “When We Disclose Information” section above), unless we have obtained additional consent or are otherwise permitted or required to do so by law. Where we engage service providers that process Personal Information on our behalf, we use contractual and other appropriate measures to require them to protect the confidentiality and security of that information and to use it only for the purposes for which it was disclosed. Your Personal Information may be processed or stored outside your province of residence or outside Canada, and may be accessible to courts, law enforcement, or regulatory authorities in those jurisdictions, in accordance with applicable law.
Marketing Communications
If you opt in to receive commercial electronic messages (“CEMs”) from us, as defined by Canada’s Anti-Spam Legislation (“CASL”), you consent to receive CEMs from the applicable brand identified at the time of collection. You may withdraw your consent at any time by using the unsubscribe mechanism included in the CEM, or by contacting us using the information below for the applicable brand.
Additional Information for Quebec Residents
As required by applicable Quebec law, we maintain governance practices and policies regarding the protection of Personal Information and make information about these practices available through this Policy and related notices. The person responsible for the protection of Personal Information may be contacted using the information set out in the “Contact Us” section below. Where applicable, Personal Information may be communicated outside Quebec in accordance with applicable law and subject to appropriate assessment and safeguards.
Canadian Access and Challenge Rights
Canadian Privacy Laws provide the right to receive information about the existence, use, and disclosure of your Personal Information and be provided access to that information. You may also challenge the accuracy and completeness of your Personal Information and have it amended as appropriate. Depending on the nature of the challenged information, amendment may involve correction, deletion, amendment, or addition of information.
Exercising Your Canadian Privacy Rights
If you have an account with us, you may access and update certain account information by logging into your account. To request access to Personal Information not available through your account, or to request correction of your Personal Information, you may submit a written request using the contact information in the “Contacting Us” section below. We may require information sufficient to verify your identity and residency before processing your request.
For email requests, please include “Canadian Privacy Rights” in the subject line and include your full name, email address, and province of residence. Once verification is complete, we will respond within the time required by applicable law. Where PIPEDA applies, we generally respond to access requests within 30 calendar days, unless a longer period is permitted by law.
If we are unable to respond to your request within the applicable time period, we will notify you in writing, explain the reason for the delay, and advise you of any extension rights available under applicable law. In some circumstances, we may be unable to fulfill all or part of your request. Such circumstances include when we cannot verify your identity, information is protected by legal privilege, disclosure would reveal Personal Information about another individual, or when another legal exception applies. If we deny your request in whole or in part, we will explain the basis for that decision, subject to applicable law.
Additional information about how to exercise your rights under Canadian Privacy Law can be found here:
Office of the Privacy Commissioner of Canada
Website
Phone: 1-800-282-1376
Office of the Information and Privacy Commissioner of Alberta
Website
Phone: 1-888-878-4044
Edmonton office: (780) 422-6860
Calgary office: (403) 297-2728
Office of the Information and Privacy Commissioner of British Columbia
Website
Vancouver: (604) 660-2421
Elsewhere in BC: (800) 663-7867
Commission d'acces a' l' information du Quebec
Website
Phone: 1-888-528-7741
17. Changes to This Privacy Policy
We may change this Policy at any time. We will post all changes to this Policy on this page and will indicate at the top of the page the modified policy’s effective date. We therefore encourage you to refer to this page on an ongoing basis so that you are aware of our current Policies. If required by applicable law, we will notify you of the changes.
By continuing to use the Site or Services or providing us with information following an updated Policy being published, you agree that you will be bound by this Privacy Policy as changed.
18. Contact Us
If you have any questions or suggestions regarding this Policy, please contact us as follows:
deBebians
611 Wilshire Blvd., Suite 913
Los Angeles, CA 90017
Email: general@debebians.com
Contact number: 213-627-1300