Scanlan Theodore EU
0

Privacy

GENERAL

This Privacy Policy applies to the products and services provided online via the internet exclusively, by Scanlan Theodore Americas. In this policy, the words “we”, “our”, “us”, “Scanlan Theodore” and “Site” refer to us.scanlantheodore.com, Scanlan & Theodore Pty Ltd and all its related entities. This Privacy Policy applies to and should be read in conjunction with our Terms & Conditions (collectively, the “Agreement”), which are available on us.scanlantheodore.com. This privacy policy applies to all protected personal information collected, maintained, or used by Scanlan Theodore. Scanlan Theodore endeavours to comply at all times with all applicable laws and regulations including the General Data Protection Regulation (“GDPR”).

Scanlan Theodore is entitled, at its sole discretion, to amend, add or remove any part of this Privacy Policy at any time without notice. You should review this Privacy Policy from time to time to ensure that you are up to date with any such amendments, additions, or removals. Scanlan Theodore also reserves the right to make any changes to our implementation of the GDPR to reflect the standards of the GDPR legislation.


COLLECTION OF PERSONAL INFORMATION & DATA PROCESSING

As used in this policy, the terms "using" and "processing" information include using cookies on a computer, subjecting the information to statistical or other analysis and using or handling information in any way, including, but not limited to, collecting, storing, evaluating, modifying, deleting, using, combining, disclosing and transferring information within our company or among our affiliates within the United States or internationally.

Scanlan Theodore recognises the importance of protecting your Personal Data and is committed to treating any information that we obtain about you with as much care as possible and in a manner that is compliant with all applicable data protection legislation. We are committed to transparency and have employed strict policies and security measures to protect the information you provide us. When you register online with Scanlan Theodore, use the Site, or provide us with your personal information in store, you give us consent to process and use such submitted personal data in accordance with this Privacy Policy.

We do not knowingly collect personal information from minors under the age of 16. However, certain third party websites that are linked on our Site may do so. We do not sell the personal information of users we actually know are under the age of 16, unless we receive authorization to do so. If you, as a parent or guardian, have reason to believe that a minor child has provided us with personal information, please contact us to assist in the removal of that information.


THE TYPES OF INFORMATION THAT WE COLLECT, AND HOW WE COLLECT IT

We collect information in two ways:

- Information you give to us directly. This information typically includes the following:

- Your first name, your last name, and contact information, including your email address, postal address, telephone number and domain name, and any other information required to process an order through the Site; or

- Information we collect through your use of our services (“Usage Data”). Usage Data is automatically collected by our server, including the internet protocol (“IP”) address used to connect your computer to the Internet, browser type and version, the average time you spend on us.scanlantheodore.com and what pages you visited, information searched for, average access time, and websites you have visited previously, as well as other relevant statistics. Certain portions of our Site may also contain small electronic files known as web beacons (pixel tags and other anonymous identifiers) that permit us to count users who have visited those pages or for other related website statistics. We also use cookies to track our Site activity and store certain information. Cookies are small text files placed on your computer or other device by websites that you visit. Cookies are widely used in order to make websites and other applications work, or work more efficiently, and help them remember certain information and recognize your internet browser. Cookies may last until you close your browser (“session” cookies) or over repeat visits (“persistent” cookies).


We use cookies and similar technologies to:

- Assist you in efficiently and safely navigating and experiencing our services;

- Enable you to register, login, provide feedback and otherwise interact with our services;

- Store and honor your preferences and settings;

- Measure and analyze usage and performance data; and

- Assist us with promotional and marketing efforts (including interest-based advertising).

If you access any of our services subject to a subscription agreement or other contract between us and your organization, cookies and similar technologies will be used as necessary for the performance of that contract and for our legitimate business operations related to providing the service.

Cookies can be “persistent” or “session” cookies. Persistent cookies remain on your personal device when you go offline and session cookies are immediately deleted when you close your browser.


We use the following types of cookies:

- Strictly necessary cookies: These cookies are necessary for the Website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work.

- Performance cookies: These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.

- Functionality cookies: These cookies enable the Website to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies, then some or all of these services may not function properly.

- Targeting cookies: These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. If you do not allow these cookies, you will experience less targeted advertising.

- Social media cookies: These cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies, you may not be able to use or see these sharing tools.

- Anonymized analytical cookies: These cookies ensure that anonymous data about your surfing behavior is collected every time you visit the Website. This way we can see how visitors use the Website and improve on that basis. We use anonymized analytical cookies for:

- tracking the number of visitors to the Website;

- tracking the amount of time each visitor spends on our web pages;

- keeping track of the order in which a visitor visits the different pages of the Website;

- assessing which parts of our site need updating;

- measuring and optimizing the performance of our marketing campaigns;

- redirecting traffic from different channels.


Below is a detailed list of cookies that we use on our Site. Unless you have opted out, our Site may use these cookies.

_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).

_shopify_visit, no data held, Persistent for 30 minutes from the last visit, used by the Website provider’s internal stats tracker to record the number of visits

_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer. cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.

_secure_session_id, unique token, sessional

storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.


HOW WE USE YOUR INFORMATION

We may use the information you give to us directly to:

- Deliver our products to you, to collect payments, to manage your account, to market to you directly, as well as provide you with information about our products and services, and to notify you of changes to our products and services; or

- Contact you about new products, projects or seasonal promotions. If you wish not to receive such communications, you can unsubscribe by submitting a request here. You can also unsubscribe from the mailing list by clicking on the unsubscribe link that can be found in all communication emails that are sent; or

- Provide, maintain, protect and improve our services, to develop new ones, and to protect our services and our customers. We may also use this information to offer you tailored products, projects or seasonal promotions; or

- Keep a record of your communications with us to help solve any issues or disputes that might arise.


We may use the information we collect through your use of our services to:

- Measure the use of the Site and to administer and improve the Site. This statistical data is interpreted by Scanlan Theodore in its continuing effort to improve the Site and your shopping experience; or

- Gather information on which web pages are visited and how often, to make the Site more user friendly, and to give you a better experience when you return to the Site; or

- Combine the information you give to us directly with the information we collect through your use of our service.


SECURITY OF YOUR INFORMATION

Scanlan Theodore uses a number of security measures to protect the information you provide to us. We protect your personal information by:

- Restricting internal and external access to your personal information;

- Maintaining our technology systems to prevent unauthorised computer access;

- Ensuring that third parties that require access to your information take such steps as are reasonable to ensure that they do not breach our privacy obligations; and

- Securely destroying your personal information when your personal information is no longer needed.

When purchasing from us, your financial details are passed through a secure server using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.


SYSTEM SECURITY

Violations of system or network security may result in civil or criminal liability. Scanlan Theodore may investigate occurrences and may involve, and cooperate with, law enforcement authorities in prosecuting any user or users who are involved in such violations. You are prohibited from violating or attempting to violate the security of the Services and you agree not to do any of the following: (a) use, display, mirror or frame the Services or any individual element within the Services, Scanlan Theodore’s name, any Scanlan Theodore trademark, logo or other proprietary information, or the layout and design of any page or form contained on a page, without Scanlan Theodore’s express written consent; (b) access, tamper with, or use non-public areas of the Services, Scanlan Theodore’s computer systems, or the technical delivery systems of Scanlan Theodore’s providers; (c) avoid, bypass, remove, deactivate, impair, descramble or otherwise circumvent any technological measure implemented by Scanlan Theodore or any of Scanlan Theodore’s providers or any other third party (including another user) to protect the Services or Content; (d) attempt to access or search the Services or Content or download Content from the Services through the use of any engine, software, tool, agent, device or mechanism (including spiders, robots, crawlers, data mining tools and the like) other than the software and/or search agents provided by Scanlan Theodore or other generally available third-party web browsers; (e) access data not intended for you or log on to a Scanlan Theodore server or account you are not authorized to access; (f) attempt (or succeed in an attempt) to probe, scan or test the vulnerability of a system or network or to breach security or authentication measures without proper authorization; · attempt (or succeed in an attempt) to interfere in any way with, gain unauthorized access to, damage or disrupt any part of the Services, or any Site's or Scanlan Theodore’s networks or network security, or use any Site's service to gain unauthorized access to any other computer system; (g) use the Services or Content, or any portion thereof, for any commercial purpose or for the benefit of any third party or in any manner not permitted by this Agreement; (h) forge any TCP/IP packet header or any part of the header information in any email or newsgroup posting, or in any way use the Services or Content to send altered, deceptive or false source-identifying information; or (i) attempt to decipher, decompile, disassemble or reverse engineer any of the software used to provide the Services or Content.


SHOPIFY

Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases, and the general Shopify application. They store your data on a secure server behind a firewall.

If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.

For more insight, you may also want to read Shopify’s Terms of Service or Privacy Statement.


WHEN WE MAY TRANSFER YOUR INFORMATION TO OTHER PARTIES

We may from time to time supply the owners or operators of third-party websites from which it is possible to link to Scanlan Theodore with information relating to the number of users accessing the Site from such third-party websites or applications. You will not personally be identifiable from this information.

In delivering our products or collecting and using your personal information, we may be required to disclose some of your personal information to third party organisations, including external service providers; our legal, accounting, financial or other professional advisors; and regulatory or government authorities as required by law.

The Website may contain links to other websites. Scanlan Theodore is not responsible for the availability of, or any content or material contained in, or obtained through, any such websites. Any link to another website, and reference to third-party information, products or services linked to this Website, is not, and should not be construed as, an express or implied endorsement by Scanlan Theodore. Any questions or comments relating to such other websites should be addressed to the operator or operators of those websites.

We may sell, transfer, or otherwise share some or all of its assets, including your personal information, in connection with a merger, acquisition, reorganization or sale of assets or in the event of bankruptcy. Generally, information will be anonymised but this may not always be possible. The recipient of any personal information will be bound by confidentiality obligations.


OVERSEAS TRANSFERS OF YOUR DATA

We control and operate the Services from the United States. We do not represent that Content on the Services is appropriate or available for use in other locations. You agree to comply with all applicable laws, rules and regulations in connection with your use of the Services.

In addition to handling your information within the United States, we may transfer your information to our head office in Victoria, Australia but only where it is required for reporting, business consolidation or other business requirements. While Australia does not have the same data protection laws as the GDPR, we will ensure the transfer complies with data protection law under the GDPR and all personal information will be secure. Our head office is under the same duty of confidentiality and privacy when dealing with your information as our United States office(s)

Software, if any, that may be downloaded from the Services is subject to export controls under the laws and regulations of the United States. By visiting and using any of the Services, you acknowledge that you are not a national of, or resident within, any of the countries that are subject to trade embargo under these laws and regulations or listed on any of the United States government's lists of prohibited and restricted parties.


HOW LONG WE WILL KEEP YOUR INFORMATION

We will retain your personal information for the time period reasonably necessary to achieve the purposes described in this Privacy Policy, or any other notice provided at the time of collection, taking into account applicable statutes of limitation and records retention requirements under applicable law.

We will also retain Usage Data for internal analysis purposes. This information is generally retained for a shorter period of time than your personal information.


YOUR RIGHTS UNDER THE GDPR

You have the following rights under the GDPR:

- The right to access a copy of your personal information;

- The right to require us to correct any mistakes to your personal information;

- The right to require us to delete your personal information, in certain situations;

- The right to require us to restrict processing of your personal information, in certain situations;

- The right to object;

- The right not to be subject to a decision based solely on automated processing that produces legal affects concerning you or significantly affects you.

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner's Office (ICO) on individuals rights under the General Data Protection Regulation.

If you would like to exercise any of these rights, please contact us at admin@scanlantheodore.com.


CALIFORNIA PRIVACY RIGHTS

This section applies solely to the personal information collected online of California customers. Under the California Consumer Privacy Act (“CCPA”), customers may:

- Request the following information from us, for the twelve (12) month period preceding your request:

- The categories of Personal Data that we collect, use, disclose, and sell (if applicable);

- The categories of sources from which Personal Data was collected;

- Our business or commercial purpose for collecting or selling (if applicable) Personal Data;

- The categories of third parties with whom we share Personal Data; and

- The specific pieces of Personal Data that we have collected about you;

- Request that we delete your Personal Data (and request our service providers do the same), by contacting us at admin@scanlantheodore.com with "Privacy" as the subject line of the email; or

- Authorize another person (your “agent”) to submit a request on your behalf. Please note that we are required to verify that your agent has been properly authorized to request information on your behalf and this may take additional time to fulfill your request.

Please note that we are not required to:

- Retain any personal information about you that was collected for a single one-time transaction if, in the ordinary course of business, that information about you is not retained;

- Reidentify or otherwise link any data that, in the ordinary course of business, is not maintained in a manner that would be considered personal information; or

- Provide the personal information to you more than twice in a 12-month period.

In connection with any information we may sell or disclose to a third party for a business purpose, you have the right to know:

- The categories of personal information about you that we sold and the categories of third parties to whom the personal information was sold; and

- The categories of personal information that we disclosed about you for a business purpose.

You have the right under the California Consumer Privacy Act of 2018 (CCPA) and certain other privacy and data protection laws, as applicable, to opt-out of the sale or disclosure of your personal information. If you exercise your right to opt-out of the sale or disclosure of your personal information, we will refrain from selling your personal information, unless you subsequently provide express authorization for the sale of your personal information.

Further, you have the right to not be discriminated against by us because you exercised any of your rights under the CCPA. This means we cannot, among other things:

- Deny goods or services to you;

- Charge different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties;

- Provide a different level or quality of goods or services to you; or

- Suggest that you will receive a different price or rate for goods or services or a different level or quality of goods or services. Please note however, that we may charge a different price or rate or provide a different level or quality of goods or services to you, if that difference is reasonably related to the value provided to our business by your personal information.


OUR COMPLIANCE

All Personal Data stored on our platform is treated as confidential. It is stored securely and is only accessed by authorised personnel. Our collection is limited in relation to what is necessary, for the purpose for which the Personal Data is processed and kept only for so long as is necessary for the purpose for which the Personal Data was collected. We implement and maintain appropriate technical, security and organisational measures to protect Personal Data against unauthorised or unlawful processing or use, and against accidental loss, destruction, damage, theft or disclosure. We ensure the encryption and pseudonymisation of Personal Data and we have adequate cyber security measures in place. In the event that your personal information is affected by a data breach, you will be notified.


YOUR ACKNOWLEDGEMENT

By providing Scanlan Theodore with your Personal Data, you consent to us disclosing it to third parties who may reside outside the United States.

If you do not want us to share your Personal Information with these third-party service providers, contact us at admin@scanlantheodore.com with "Privacy" as the subject line of the email.


GOVERNING LAW

this Agreement and any action related thereto will be governed by the laws of the State of New York without regard to its conflict of laws provisions.


HOW TO EXERCISE YOUR RIGHTS IN RELATION TO YOUR INFORMATION

You have the right to access personal information held by Scanlan Theodore about you, subject to the restrictions provided by law. We endeavour to keep information about you as accurate as possible. If you are concerned about our use of your personal data, you provide us, or if you would like to remove, change or correct the information you have supplied to us, you are entitled to do so by contacting us at admin@scanlantheodore.com with "Privacy" as the subject line of the email.


CONSENT

When you provide Scanlan Theodore with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.

If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time, by contacting us at admin@scanlantheodore.com.

If you withdraw your consent to the use of your Personal Data, you may not have access to our Services, and we might not be able to provide you with our goods/services. In some circumstances, where we have a legal basis to do so, we may continue to process your information after you have withdrawn consent. For example, if it is necessary to comply with an independent legal obligation or if it is necessary to do so to protect our legitimate interest in keeping our Services secure.


HOW TO MAKE A PRIVACY COMPLAINT

If you feel that your data has not been handled correctly or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have a right to lodge a complaint with the Federal Trade Commissioner through their website: https://www.ftc.gov/about-ftc/contact


FURTHER INFORMATION

We cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We will disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), to protect the property and rights of Scanlan Theodore or a third party, to protect the safety of the public or any person, or to prevent or stop activity we may consider to be, or to pose a risk of being, illegal, unethical or legally actionable activity.


NOTICES & CONTACT

If you would like to: access, correct, amend or delete any personal information we have about you, exercise any of your applicable privacy rights, or are seeking further information contact our Privacy Compliance Officer at admin@scanlantheodore.com.

Version Date: April 2024