effective date: March 3, 2022
- What Data MINNOW collects.
- How MINNOW uses the Data.
- That MINNOW does not share your Data except in limited circumstances.
- What choices and rights are available to you regarding collection, use and distribution of your Data.
- Our legal basis for collecting your Data.
Lawful basis for processing
When you enter into an agreement with us, either by accessing the Services, buying our Products, by executing an agreement in hard copy, or by clicking “I Accept” or similar language online, we will process your Data for the purposes of fulfilling the terms of our contract with you. In that case, our processing of your Data is based on the contract, so your withdrawal of consent will only be effective after the purposes for processing that Data have been fulfilled and after we no longer have a legal obligation to keep that Data.
In all cases, we will comply with applicable law and we will cease processing your Data after the legal right, obligation, or other lawful basis expires.
What information do we collect?
We collect information from you when you register on our Website, place an order, subscribe to our newsletter, respond to a survey or fill out a form. When ordering or registering on our Website, as deemed appropriate, you may be asked to enter your: name, e-mail address, mailing address, phone number or credit card information. You may, however, visit our Website anonymously.
What do we use your information for?
Like most standard websites, we use log files. This includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, platform type, date/time stamp, and number of clicks to analyze trends, administer the site, track user’s movement in the aggregate, and gather broad demographic information for aggregate use. We use a tracking utility that collates data from log files to analyze user movement.
Communicate Special Offers and Updates
We send all new members a welcoming email to verify the desire to receive email or other electronic messages from us. Established members will occasionally receive information on products, services, special deals, and a newsletter. Out of respect for the privacy of our users, we present the option to not receive these types of communications. Please see the Choice/Opt-Out section.
If a user wishes to subscribe to our newsletter, we ask for contact information such as name and email address. Out of respect for our users' privacy, we provide a way for the user to opt out of these communications. Please see the Choice/Opt-Out section.
Provide Service Announcements
On rare occasions, it is necessary to send out a strictly service-related announcement. For instance, if our Services are temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account. However, these communications are not promotional in nature and we only send you these messages after you have explicitly signed up for our Services.
We communicate with users on a regular basis to provide requested services and with regard to issues relating to their account, we may reply via email or phone.
Please note, that we never sell your Data to any third person. We only share your Data with third parties to provide you the Services.
How do we protect your information?
We implement a variety of security measures to maintain the safety of your Data when you place an order or enter, submit, or access your Data.
Our Website incorporates physical, electronic, and administrative procedures to safeguard the confidentiality of your Data, including Secure Sockets Layer (“SSL”) for all financial transactions through the Website. We use SSL encryption to protect your Data online, and we also take several steps to protect your Data in our facilities. Access to your Data is restricted. Only employees who need access to your Data to perform a specific job are granted access to your Data. Finally, we rely on third-party service providers for the physical security of some of our computer hardware. We believe that their security procedures are adequate. For example, when you visit the Website, you access servers that are kept in a secure physical environment, behind a locked cage and a hardware firewall.
While we use industry-standard precautions to safeguard your Data, we cannot guarantee complete security. 100% complete security does not presently exist anywhere online or offline.
After a transaction, your Data will not be stored on our servers.
Though we make every effort to preserve user privacy, we may need to disclose Data when required by law where we have a good-faith belief that such action is necessary to comply with a current judicial proceeding, a court order or legal process served on us. Where possible, we will notify affected users before disclosing Data in response to a subpoena.
In the event MINNOW goes through a business transition, such as a merger, being acquired by another company, or selling a portion of its assets, users’ Data will, in most instances, be part of the assets transferred.
Users who no longer wish to receive our newsletter or promotional communications may opt out of receiving these communications by clicking on the unsubscribe link inside the email.
Technologies we use
The technologies we use for automatic Data collection may include the following:
Web Beacons. Pages of the Services and our emails may contain small electronic files known as web beacons (also referred to as clear gifs. pixel tags and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
Widgets. We may use technologies such as widgets or APIs to display parts of our Services on sites that are operated by our business partners.
Other Technologies. We may also use device identifiers, local storage, html modifiers, and different types of caching to help us understand the devices and users who access the Services. Those methods include device identifiers that are either hardware-based or software-based, persistent or non-persistent, and which may identify either a device or a software module within a device (such as a web browser).
Your rights regarding your Data
Under applicable data protection, privacy, and other laws, you may have certain rights related to your access and control of your Data. Such rights may include the following:
- The right to access, correct, update, or request deletion of your Data.
- The right to object to processing or restrict the processing of your Data (Please note that if you exercise this right, it may limit or eliminate our ability to provide you the Services).
- The right to request portability of your Data.
- The right to opt-out of marketing communications we send you. You can exercise this right by clicking the "Unsubscribe" or "Opt-Out" link found in these communications.
- The right to not be subject to a decision based solely on automated processing, including profiling, known as Automatic Decision Making. Please note that we currently do not employ any Automatic Decision-Making processes in providing the Services.
- The right to submit a complaint to any applicable regulatory authority about our processing activities.
- The right to opt-out of us sharing (as defined in the CPRA) your Data, including for direct marketing purposes, subject to certain legal exceptions.
- The right to limit use, disclosure, and restrict sensitive personal information (as defined in the CPRA).
We may use additional processes to verify your identity before we reveal or delete any of your Data, including two-factor or two-step authentication measures to ensure we can identify you.
Further, although we currently do not process Data without consent, if we at any time in the future process Data without your express consent, you may opt-out or withdraw consent at any time.
Please note that exercising any of the above rights may limit or eliminate our ability to provide you the Services. If so, we may terminate the Services due to such requests.
We will try to comply with your request(s) as soon as reasonably practicable and at the very least as required under applicable law. Upon receipt of your written request, we will provide you with a copy of your information, although in certain limited circumstances we may not be able to make all relevant information available to you, such as where that information also pertains to another user. In such circumstances we will provide reasons for the denial to you upon request.
Please also note that if you do opt-out of receiving marketing-related emails from us, we may still send you messages for administrative or other purposes directly relating to your use of the Services, and you cannot opt-out from receiving those messages while continuing to use the Services.
Further, you may opt-out or disable certain functions on your particular device, preventing us from collecting Data. If you disable such features, your ability to use and access the Services may be limited.
To exercise any of these rights, or if you have any questions about our processing of your Data, please contact us at firstname.lastname@example.org.
A. Privacy for EU/UK Residents
We are based in the United States. By accessing or using the Services or otherwise providing information to us, you understand that your information will be subject to processing, transfer, and storage in and to the United States.
Pursuant to the GDPR, residents of the EU (and the EEA, as applicable) have the right to obtain our confirmation of whether we maintain personal information relating to them in the United States. If you are a resident of Europe, upon request from you, we will provide you with access to the Data that we hold about you. Please contact us if you have any questions.
Further, if you are a resident of the United Kingdom ("UK"), to the extent the GDPR as incorporated into UK law pursuant to s.3 of the European Union (Withdrawal Act) 2018 (as amended, the "UK GDPR") is different than the GDPR, we will follow all supplemental requirements under the UK GDPR and you have all rights as a UK citizen under the UK GDPR.
B. Privacy for California Residents
California adopted the California Consumer Privacy Act (“CCPA”), which took effect at the beginning of 2020 and has now adopted the California Privacy Rights Act ("CPRA"), portions of which took effect January 1, 2022. We comply with the requirements of the CCPA and CPRA to the extent they apply to us.
If you are a California resident, you may request to exercise your rights for any Data we have processed in the 12 months prior to your request. Such request covers any categories, sources, purposes, and, if applicable, third parties to whom we share the Data. Further, you can exercise any of your rights free of discrimination, for example, we cannot increase the price of the Services or decrease the quality of the Services because you exercise your rights.
For more information, please direct your questions to us at email@example.com.
C. Privacy for Other Jurisdictions