Last revised May 2, 2023.
PERSONAL INFORMATION WE COLLECT
Device Information, Cookies, and Tracking Technologies
When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically collected information as “Device Information”.
We collect Device Information using the following technologies:
- “Cookies” are data files that websites place on your device or computer and often include an anonymous unique identifier.
- “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
- “Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse the Site.
You may also use your web browser to enable, disable, or delete cookies. To do this, follow the instructions provided by your web browser. Each web browser is different and may appear differently depending on the device you are using, so we encourage you to review the instructions provided by your specific web browser. If you are in the habit of using various browsers, then you will want to address the cookie controls in each of the browsers you use. Below are links to the cookie controls for some of the more common web browsers:
- Internet Explorer
- Mozilla Firefox
- Google Chrome
- Flash cookies
If you do not see your browser listed above, we suggest that you either look in your browser's help setting or search for “cookies” together with your browser name on the Internet. You may revoke your consent at any time.
Note that using your web browser to disable cookies may reduce the functionality of our Site. For more information about how to manage and delete cookies, visit aboutcookies.org or https://consumer.ftc.gov/articles/how-protect-your-privacy-online.
Order and Contact Information
Additionally when you make a purchase or attempt to make a purchase through the Site, and when you register a User account, we collect certain information from you, including your name, billing address, shipping address, payment information (including email address, and phone number), and where applicable, your User account login credentials. We refer to this information as “Order Information”. Note that buffr does not collect or store your credit card information, but partners with a trusted third-party payment processor to do so. [DRAFTER’S NOTE: IS THIS STATEMENT ALSO TRUE FOR USERS WHO REGISTER A USER ACCOUNT? IF NOT, WE SHOULD CLARIFY.] See the below the section captioned “SHARING YOUR PERSONAL INFORMATION”.
HOW DO WE USE YOUR PERSONAL INFORMATION?
We use the Order Information that we collect to fulfill any orders placed through the Site (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations). Additionally, we use this Order Information to:
- Communicate with you;
- Screen our orders for potential risk or fraud; and
- When in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the appropriateness and effectiveness of our marketing and advertising campaigns).
We use the information that you give us through the Contact page to serve the purposes for which you reach out to us.
SHARING YOUR PERSONAL INFORMATION
We never sell, trade, or rent your Personal Information to third parties for their own use.
We also use Google Analytics to help us understand how our customers use the Site -- you can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.
BEHAVIOURAL OR TARGETED ADVERTISING
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications concerning buffr products and news we believe may be of interest to you. [DRAFTER’S NOTE: IF YOU ARE USING TARGETED ADS TO PROMOTE NON-BUFFR PRODUCTS ETC., THEN WE NEED TO DISCUSS FURTHER AND REVISE ACCORDINGLY.] For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
You can opt out of targeted advertising by using the links below:
- Facebook: https://www.facebook.com/settings/?tab=ads
- Google: https://www.google.com/settings/ads/anonymous
- Bing: https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads
Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.
DO NOT TRACK
Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser.
YOUR RIGHTS AND CHOICES
Depending on your location, you may have certain privacy rights under applicable state, federal, or international privacy laws. If or when such jurisdiction-specific privacy rights become applicable to our Site, we will provide any required notices under such laws in this section.
If you are a resident of a jurisdiction in which a particular privacy law applies and you wish to submit a request to exercise applicable privacy rights, please contact us using the information below in the “CONTACT US” section. Please be advised that buffr may not be a covered entity under such law, or the rights may be subject to some exceptions. In our response to you, should we not be a covered entity or should an exception exist, we will communicate why the law does not apply to us and/or which exception applies, as the case may be.
In no event will we discriminate against you for attempting to exercise such rights, nor will we deny you services, charge you a different price, or provide you with a lesser quality of services.
Users in Europe
If you are a User located in the European Economic Area, you may have the following rights under the European Union General Data Protection Regulation, including the right to:
- access and obtain one copy of your data on request in a structured, commonly used, and machine-readable format;
- request that we transmit to a third party the data that we have received directly from you (as opposed to data that we may receive about you from sources other than you), provided the data processing in question is based on the enrollment contract and is being carried out by automated means;
- request that we change incorrect or incomplete data;
- request that we delete or stop processing your data under certain circumstances and subject to certain limitations, for example where the data is no longer necessary for the purposes for which we collected it;
- object to the processing of your data where we are relying only on either the necessity of public interest or our own legitimate interests as the legal ground for processing your data; and
- ask us to restrict processing your data for a period under certain circumstances, for example if you are contesting the accuracy of your personal data or if there is a dispute about the lawfulness of certain processing.
If you would like to exercise these rights, please contact us through the contact information below. If you are dissatisfied with our handling of your request, we ask that you give us the opportunity to resolve the issue; however, you may have a right to lodge a complaint with the data protection authority where you are located.
Additionally, if you are a User located in the European Economic Area, we note that we are processing your Personal Information in order to fulfill contracts we might have with you (for example, if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that we transfer your information outside of Europe, including to the United States.
CROSS BORDER TRANSFERS
We may transfer your Personal Information to — and maintain it on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction. If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including personal information, to the United States and process it there.
We will retain your Personal Information only for as long as reasonably necessary to carry out the purposes for which you gave it to us, subject to our reasonable records retention policies, unless a longer period is required by applicable law. When those purposes, or legal requirements as the case may be, no longer apply, we will securely delete your personal information.
We intend this Site for Users eighteen (18) or older. It is not in any way designed to attract children. If we discover that a person under the age of eighteen (18) has submitted Personal Information to our Sites, or that someone has inappropriately done so on their behalf, we will delete such information from our databases as soon as practicable and in accordance with applicable law.
TECHNICAL, PHYSICAL, AND ADMINISTRATIVE SECURITY
We have implemented commercially reasonable security safeguards to protect your Personal Information against loss or theft, as well as unauthorized access, disclosure, copying, use or modification. Methods of protection include: physical measures (e.g., locked facilities and restricted access to offices); organizational measures (e.g., authenticated access to computer systems and limiting employee access only to what the employee needs to perform their job functions); and technological measures (e.g., the use of complex passwords, firewalls, and encryption of data in transit).
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e‑mail at firstname.lastname@example.org or by mail using the details provided below:
P.O. Box 100, Cos Cob, CT 06807