What personal information do we collect from the people that visit our blog, website or app?
When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, mailing address, phone number, or other details to help you with your experience.
When do we collect information?
We collect information from you when you register on our site, place an order, subscribe to a newsletter, respond to a survey, fill out a form or enter information on our site.
Log file information
We run a secure site with scanning, virus checks, malware identification, etc. As part of that set up, Log file information is automatically reported by your browser or mobile device each time you access our Services. When you use our Services, our servers automatically record certain log file information. These server logs may include anonymous information such as your web request, Internet Protocol (“IP”) address, browser type, referring / exit pages and URLs, number of clicks and how you interact with links on the Service, domain names, landing pages, pages viewed, and other such information.
How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
To personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested.
To improve our website in order to better serve you.
To allow us to better service you in responding to your customer service requests.
To administer a contest, promotion, survey or other site feature.
To quickly process your transactions.
To ask for ratings and reviews of services or products
To follow up with them after correspondence (live chat, email or phone inquiries)
Sharing of Your Information
We will not rent or sell your information to any third parties outside of gracecallaway.com (including any parent, subsidiaries and affiliates) without your consent, except as noted below:
Who can see User Content
Any User Content that you voluntarily disclose (e.g., Facebook, Twitter, on blogs open to public reading) and made available to your friends or the public cannot be removed by us. Check your settings carefully and be aware of how your posts are being made public or not. Once you make a post on one of our blogs or comments pages, or Facebook or Twitter feeds, User Content may not be complete removed even though it has been deleted from the site. It is possible that content will remain viewable in cached and archived pages of Internet search engines and on other sites that have republished us, or if other Users have copied or saved that information. If you do not wish your User Content to be available to the public, please don’t post it to our blogs, comment pages, or social media sites which are all public.
Who can see your IP address
If you post User Content on any public site we provide while not logged in, your IP address will be published with your User Content in order to attribute your contribution to the site. Persons and entities who may see IP addresses include gracecallaway.com domain host, assistants, website maintenance personal, and website designers.
Instances where we are required to share your information:
We will disclose your information where required to do so by law or subpoena or if we reasonably believe that such action is necessary to (a) comply with the law and the reasonable requests of law enforcement; (b) to protect the security, quality or integrity of our Sites; and/or (c) to exercise or protect the rights, property, or personal safety of our Users, or others.
Sharing certain service type information we collect about you:
We may share certain service type information, including information obtained through tools such as cookies, log files, device identifiers, location data and clear gifs (such as anonymous usage data, referring/exit pages and URLs, platform types, number of clicks, etc.): (i) with our third-party business partners for the purposes described in the section above on “How We Collect and Use Information.” We may also aggregate or otherwise strip data of all personally identifying characteristics and may share that aggregated, anonymized data with third parties.
How do we protect your information?
We do not use vulnerability scanning and/or scanning to PCI standards.
An external PCI compliant payment gateway handles all CC transactions.
We use regular Malware Scanning.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user places an order enters, submits, or accesses their information to maintain the safety of your personal information.
All transactions are processed through a gateway provider and are not stored or processed on our servers.
Clear gifs/web beacons information
When you use any services, we may employ clear gifs (also known as web beacons) which are used to anonymously track the online usage patterns of our Users. In addition, we may also use clear gifs in HTML-based emails sent to our users to track which emails are opened and which links are clicked by recipients. The information allows for more accurate reporting and improvement of the content we provide you.
Understand and save user’s preferences for future visits.
Keep track of advertisements.
Compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. We may also use trusted third-party services that track this information on our behalf.
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since each browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.
If users disable cookies in their browser:
If you turn cookies off, some of the features that make your site experience more efficient may not function properly.
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when it’s release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property or safety.
However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
Information we may receive from third parties
We may receive information about you from third parties. For example, if you sign up for an email list on gracecallaway.com you will be added to my email list for newsletters and other correspondence about our products, services, events and the like.
If you use a third-party connection, for example, through Facebook or Twitter by “following,” “liking,” gracecallaway.com pages, that third party may pass certain information about your use of its service. This information could include, but is not limited to, the user ID associated with your account (for example, your Facebook UID), an access token necessary to access that service, any information that you have permitted the third party to share with us, and any information you have made public in connection with that service. If you allow us access to your friends list, your friends’ user IDs, and your connection to those friends, may be used and stored to make your experience more social, and to allow you to invite your friends to use our Services as well as provide you with updates if and when your friends signup to our email list. You should always review, and if necessary, adjust your privacy settings on third-party websites and services, Like Facebook, Twitter, Instagram etc. before using them to link to other places.
When you access GraceCallaway.com by or through a mobile device (including but not limited to smart-phones or tablets), we may access, collect, monitor and/or remotely store one or more “device identifiers,” such as a universally unique identifier (“UUID”). Device identifiers are small data files or similar data structures stored on or associated with your mobile device, which uniquely identify your mobile device. A device identifier may be data stored in connection with the device hardware, data stored in connection with the device’s operating system or other software, or data sent to the device by gracecallaway.com. A device identifier may convey information to us about how you browse and use our site. A device identifier may remain persistently on your device, to help you log in faster and enhance your navigation through our site.
Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users.
We use Google AdSense Advertising on our website.
We have implemented the following:
- Remarketing with Google AdSense
- Google Display Network Impression Reporting
- Demographics and Interests Reporting
We, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website.
Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt Out Browser add on.
California Online Privacy Protection Act
According to CalOPPA, we agree to the following:
Users can visit our site anonymously.
You can change your personal information by emailing us.
Upon request, we will permit you to request or make changes or updates to your Personal Information for legitimate purposes. You will be required to provide identification prior to approving such requests. We reserve the right to decline any requests that are unreasonably repetitive or systematic, require unreasonable time or effort of our technical or administrative personnel, or undermine the privacy rights of others.
How does our site handle Do Not Track signals?
At this time, we don’t honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place. To prevent communication errors between browsers and our website, we currently do not respond to “Do Not Track” signals. There is no uniform way in which browsers communicate Do Not Track signals to websites making it impractical to honor every request. We will reexamine our policy and our ability to comply with Do Not Track signals as technology improves between browsers and websites.
Does our site allow third-party behavioral tracking?
It’s also important to note that we allow third-party behavioral tracking.
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not specifically market to children under the age of 13 years old.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
We will notify the users via in-site notification within 7 business days.
We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
Send information, respond to inquiries, and/or other requests or questions
Process orders and to send information and updates pertaining to orders.
Send you additional information related to your product and/or service
Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.
To be in accordance with CANSPAM, we agree to the following:
Not use false or misleading subjects or email addresses.
Identify the message as an advertisement in some reasonable way.
Include the physical address of our business or site headquarters.
Monitor third-party email marketing services for compliance, if one is used.
Honor unsubscribe requests quickly.
Allow users to unsubscribe by using the link at the bottom of each email.
If at any time you would like to unsubscribe from receiving future emails
Follow the instructions at the bottom of each email and we will promptly remove you from ALL correspondence.
Onward Transfer Outside Your Country of Residence
If you reside outside the United States, usage of this site constitutes consent to the transfer of Personal Information outside your country of residence to the United States. Personal Information collected on this site will be stored and processed in our servers located only in the United States.
We will implement reasonable and appropriate security procedures consistent with prevailing industry standards to protect data from unauthorized access by physical and electronic intrusion. Unfortunately, no data transmission over the Internet or method of data storage can be guaranteed 100% secure. Therefore, while we strive to protect your Personal Information by following generally accepted industry standards, we cannot ensure or warrant the absolute security of any information you transmit to us or archive at this site. When you transmit Personal Information through our registration process or if you purchase products or services, we encrypt that information in transit using secure socket layer technology (SSL).
We may directly collect analytics data, or use third-party analytics tools and services, like Google Analytics, to help us measure traffic and usage trends for our web pages, email newsletters, promotions, and social media connections. These tools collect information sent by your browser or mobile device, including the pages you visit and other information that assists us in improving the Service. We collect and use this analytics information in aggregate form such that it cannot reasonably be manipulated to identify any particular individual user.