1. Purpose and Scope
Thank you for visiting tactandstone.com, a general audience site. This website is operated by Tact and Stone LLC ("Tact & Stone") (sometimes referred to herein as "we", "our", or "us").
Persons under the age of 16. Our Website is not intended for children under 16 years of age. No one under age 16 may provide personal data to the Website. We do not knowingly collect personal data from children under 16. If we learn we have collected personal data from a child under 16 without parent consent, we will delete that information. If you believe we might have information from or about a child under 16, please contact us at email@example.com.
What is Personal Data?
For the purposes of this policy, personal data is information that is: (i) about an identified or identifiable individual, (ii) received by us, and (iii) recorded in any form. personal data does not include anonymous or non-personal information (i.e., information that cannot be associated with or tracked back to a specific individual) (hereinafter “Personal Data").
2. Information We Collect.
At some Sites, you may be able to order products, enter contests, vote in polls or otherwise express an opinion, subscribe to one of our services such as our online newsletters, or participate in one of our online forums or communities. In the course of these various offerings, we often seek to collect various forms of Personal Data. This includes information:
- By which you may be personally identified, such as your first and last name, mailing address, e-mail address, telephone number, credit card of other payments information, and social media information;
- That is about you but individually does not identify you, such as your Internet Protocol (“IP") address;
- About your Internet connection, the equipment you use to access our Sites (including your browser and operating system) and usage details, and the actions you take on our Sites (including sites visited before and after one of our Sites, location information, the Site content you have accessed and the advertisements you have been shown or clicked on). See Information We Collect Through Automatic Data Collection Technologies.
We collect this information:
- Directly from you when you provide it to us;
- Automatically as you navigate through the site. Information collected automatically may include usage details, IP addresses, and information collected through cookies, web beacons, and other tracking technologies; and
- From third parties, for example, our business partners, including processors described below in Information Sharing and Disclosure.
At some Sites, you may also be able to submit information about other people. For example, you might submit a person's name and e-mail address to send an electronic message and, if you order a gift online and want it sent directly to the recipient, you might submit the recipient's name and address. Examples of the types of Personal Data that may be collected about other people at these pages include: recipient's name, mailing address, e-mail address, and telephone number.
At certain parts of some of our Sites, only persons who provide us with the requested Personal Data will be able to order products, programs, and services or otherwise participate in the Site's activities and offerings.
Social Media Information. You also can engage with our content, such as video, games, applications, and other offerings, on or through third-party social media sites, such as Facebook, or third-party social media plug-ins and applications. When you engage with our content on or through third party social media sites, plug-ins and applications, you may allow us to have access to certain information from your social media profile (e.g., name, e-mail address, photo, gender, birthday, location, your list of friends, people you follow or who follow you, the posts or the likes you make) to deliver the content or as part of the operation of the application.
When you provide information from your social media account, it can help enable us to do things like (1) give you exclusive content, (2) personalize your online experience with us within and outside our applications or Sites, and (3) contact you through the social media sites or directly by sending you the latest news, special offerings, and rewards. By doing so, you consent to the use of this information in accordance with this policy. When you provide personal information to us through a social media application it may be publicly viewed by other members of these sites. We cannot prevent further use of the information by third parties.
We may also obtain non-personally identifiable information (e.g., content viewed, game performance, high scores, and information about advertisements within the content you have been shown or may have clicked on) from your interaction with content on your social media account.
Information We Collect Through Automatic Data Collection Technologies.
As you navigate through and interact with our Sites, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:
- Details of your visits to our Website, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Website; and
- Information about your computer and internet connection, including your IP address, operating system, and browser type.
We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). We do honor Do Not Track signals. Please email us at firstname.lastname@example.org for information on how you can opt out of behavioral tracking on this website and how we respond to specific web browser signals and other mechanisms that enable consumers to exercise choice about behavioral tracking.
The information we collect automatically may include personal information, or we may associate it with personal information we collect in other ways or receive from third parties. It helps us to improve our Website and to deliver a better and more personalized service, including by enabling us to:
- Estimate our audience size and usage patterns;
- Store information about your preferences, allowing us to customize our Website according to your individual interests;
- Speed up your searches; or
- Recognize you when you return to our Website.
The technologies we use for this automatic data collection may include:
- Flash Cookies. Certain features of our Website may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on our Website. Flash cookies are not managed by the same browser settings as are used for browser cookies.
- Web Beacons. Pages of the Website and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
3. How We Use the Information.
The Personal Data we collect is used and disclosed as is necessary to provide services to you and as reasonably required for our business purposes, including:
As needed to fulfill your requests. We may use Personal Data to fulfill your requests for our products, programs, and services, to respond to your inquiries about our offerings, or for the purposes for which you provided the information.
As needed to pursue our interests with you in mind. We sometimes use this information to communicate with you, such as to notify you when you have won one of our contests or when we make changes to our terms of service, or to contact you about your account with us. The information we collect in connection with our online forums and communities is used to provide an interactive experience. We use this information to facilitate participation in these online forums and communities and, from time to time, to offer you products, programs, or services.
If you choose to submit content for publication (e.g., a letter to our editors, a posting to a blog or a discussion board, or a video), we may publish your screen name and other information you have provided to us. Without limiting the generality of the foregoing, if you register and create a profile with our site, the screen name you select as well as other content you submit to your profile (e.g., photos, comments, video, reviews) will be displayed publicly on the Sites and may be reused and redistributed by us in our discretion.
We use information that we collect to improve the design and content of our Sites, to deliver more relevant marketing messages and advertisements and to enable us to personalize your Internet experience. We also may use this information to analyze usage of our Sites, as well as to offer you products, programs, or services.
For any other purpose with your consent as required by applicable law.
4. Information Sharing and Disclosure.
We may disclose Personal Data to the following types of third parties:
Subsidiaries and Affiliates
We may share Personal Data with other members or agents of our corporate group in order to work with them, including affiliates. We may also transfer Personal Data in the event of an audit or if we sell or transfer all or a portion of our business or assets (including in the event of a merger, acquisition, joint venture, reorganization, dissolution, or liquidation).
Partners and Affiliated Businesses Not Controlled by Us
We may partner with other companies to jointly offer products or services. If you purchase or specifically express interest in a jointly offered product or service from us, we may share Personal Data collected in connection with your purchase or expression of interest with our partners. We contractually require these third parties to keep Personal Data confidential and use if only for the purposes for which we disclose it to them. If you do not wish for your information to be shared in this manner, you may choose not to purchase or specifically express interest in a jointly offered product or service.
It may be necessary for us to disclose your Personal Data, either by law, legal process, litigation, or requests from public and governmental authorities. We may also disclose information about you if we determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate. We may also disclose Personal Data if we determine that disclosure is reasonably necessary to enforce our terms and conditions or protect our operations or users.
Although we take appropriate measures to safeguard against unauthorized disclosures of information, we cannot assure you that personally identifiable information that we collect will never be disclosed in a manner that is inconsistent with this privacy statement.
5. Rights and Choice.
We offer Site Visitors and Customers who provide Personal Data the means to choose how we use the information we collect. To the extent required by applicable law, Tact & Stone obtains opt-in consent for certain uses and disclosures of Personal Data. You have a right to withdraw such consent at any time. We shall make reasonable efforts to accommodate individual privacy preferences.
Account Profile. To update your account information or have your account deleted, please email email@example.com. Requests to access, change, or delete your information will be handled within 30 days.
Promotional Offers. If you do not wish to have your information used by the Company to promote our own or third parties’ products or services, you can opt-out by checking the relevant box located on the form on which we collect your data. You can also always opt-out by sending us an email stating your request to firstname.lastname@example.org.
You may manage your receipt of marketing and non-transactional communications by clicking on the "unsubscribe" link located on the bottom of marketing emails. Additionally, you may send a request specifying your communications preferences to email@example.com. Customers cannot opt out of receiving transactional emails related to purchases or their account.
Targeted Advertising. If you do not want us to use information that we collect or that you provide to us to deliver advertisements according to target-audience preferences, you can contact us for information about how to opt-out at firstname.lastname@example.org. For certain opt-outs to function, you must have your browser set to accept browser cookies.
We do not control third parties’ collection or use of your information to serve interest-based advertising. However these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative ("NAI") on the NAI’s website.
Exceptions. We may disclose your Personal Data without offering an opportunity to opt out, when (i) we retain third-party processors to perform services on our behalf and pursuant to our instructions, (ii) required by law or legal process, or (iii) responding to lawful requests from public authorities, including to meet national security, public interest, or law enforcement requirements.
5.2. EU Persons
We limit the processing of Personal Data of persons in the EU (“EU Personal Data") to that which is relevant for the purposes of the particular processing. We do not process EU Personal Data in ways that are inconsistent with the purposes for which the information was collected or subsequently authorized by you.
In addition, to the extent necessary for these purposes, we take reasonable steps to ensure that the EU Personal Data we process is (i) reliable for its intended use, and (ii) accurate, complete and current. In this regard, we rely on you to update and correct EU Personal Data to the extent necessary for the purposes for which the information was collected or subsequently authorized. You may contact us at email@example.com to request that we update or correct relevant EU Personal Data. Subject to applicable law, we retain EU Personal Data in a form that identifies or renders you identifiable only for as long as it serves a purpose that is compatible with the purposes for which the Personal Data was collected or subsequently authorized by you.
If we decide to process EU Personal Data for purposes other than what is necessary to provide services to you or where we believe that your interests may override ours, persons in the EU will receive a notice detailing:
- the type of Personal Data to be processed;
- the purpose for the processing and a description of how the processing is based on legitimate interests;
- the categories of recipients of disclosures of the Personal Data;
- the period for which the Personal Data will be stored or the criteria for determining the period;
- how Customers and Site Visitors can exercise the rights of access, correction, erasure, objection, and the right to withdraw consent;
- the right to file a complaint with an EU Data Protection Authority;
- whether the Customer or Site Visitor is obliged to provide the data by statute, contract, or for another reason, and the possible consequences of failing to provide the data; and
- whether the Personal Data will be subject to automated processing and, if so, the logic and the consequences of the processing for the data subject.
Such notices will be clear, conspicuous, and readily available to affected EU Persons. A notice will require an unambiguous, affirmative, opt-in consent to the particular use or processing of the EU Personal Data.
With respect to transfers of your Personal Data to third-party data processors, we will:
- enter into a contract with each relevant data processor,
- transfer Personal Data to each such data processor only for limited and specified purposes,
- ascertain that the data processor is obligated to provide the Personal Data with at least the same level of privacy protection as is required by applicable law,
- take reasonable and appropriate steps to ensure that the data processor effectively processes the Personal Data in a manner consistent with our obligations under applicable law,
- require the data processor to notify us if the data processor determines that it can no longer meet its obligation to provide the same level of protection as is required by our contract or applicable law,
- upon notice, including under (e) above, take reasonable and appropriate steps to stop and remediate unauthorized processing of the Personal Data by the data processor.
You generally have the right to access your Personal Data. Accordingly, where appropriate, we provide you with reasonable access to the Personal Data we maintain about you. We also provide you a reasonable opportunity to correct, amend, or delete your information. For example, if you created a password-protected account within our site, you can access that account to review the information you provided.
We may limit these opportunities where the burden or expense of honoring a request would be disproportionate to the risks to your privacy, or where the rights of persons other than you would be violated. Other reasons for denying requests or limiting access include (i) interference with the execution or enforcement of the law or with private causes of action, including the prevention, investigation, or detection of offenses; (ii) breaching a legal or other professional privilege or obligation; (iii) prejudicing security investigations or grievance proceedings or in connection with succession planning and corporate re-organizations. Please contact firstname.lastname@example.org to request access to your Personal Data. If access cannot be granted, we will respond with a reason for denying your request.
5.4. Grievance Procedure
6. Cookies & Web Beacons.
To enhance your online experience, we may use "cookies" or similar technologies. Cookies are text files placed in your computer's browser to store your preferences. Cookies do not contain personally identifiable information; however, once you choose to furnish a site with personally identifiable information, this information may be linked to the data stored in the cookie.
We, our third party service providers, advertisers or our partners may also use "web beacons" or clear .gifs, or similar technologies, which are small pieces of code placed on a web page, to monitor the behavior and collect data about the visitors viewing a web page. For example, web beacons may be used to count the users who visit a web page or to deliver a cookie to the browser of a visitor viewing that page.
7. Control and Security
We have put in place reasonable physical, electronic, and managerial procedures to safeguard and help prevent unauthorized access, to maintain data security, and to use correctly the information we collect online. We follow industry-standard practices to protect the data we collect and maintain, including Transport Layer Security (TLS), Secure Sockets Layer (SSL) to encrypt information as it travels over the Internet. Payment processing is protected using Payment Card Industry Data Security Standard (PCI DSS). The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website.
7.1. Data Breach
If a breach of Personal Data occurs, we will notify the relevant authorities within 72 hours, or as otherwise required by applicable law, subject to likelihood of risk to the Customer or Site Visitor. Affected Customers or Site Visitors will also be notified regarding the breach.
7.2. Record Keeping
As required by applicable law, we will maintain relevant records of:
- the purposes of Personal Data processing;
- the categories of data subjects and of Personal Data processed;
- the categories of recipients, including those in third countries;
- the countries to which Personal Data will be transferred and the instrument used to provide an adequate level of protection;
- where possible, the envisaged retention periods for different categories of Personal Data; and
- a general description of the security measures used to protect Personal Data.
These records shall be provided to data protection authorities upon request.
7.3. Auditing Compliance