1. Interpretation and Definitions
Account means the unique account created for you to access our Services or parts of our Services.
Data Controller for the purposes of the General Data Protection Regulation (the "GDPR"), we are the Data Controller of your Personal Data, meaning that we determine the purposes and means by which your Personal Data are, or are to be processed.
Data Subject means any identified or identifiable natural person who is the subject of Personal Data.
Do Not Track (DNT) is a concept that has been promoted by US regulatory authorities, in particular the U.S. Federal Trade Commission (FTC), for the Internet industry to develop and implement a mechanism for allowing internet users to control the tracking of their online activities across websites.
Personal Data means any information, which on its own or combined with other information, relates to and identifies, whether directly or indirectly, a living individual.
Services refers to the Site and related technology offered by HeyCarson.
2. Collection of Personal Data
We will only collect Personal Data that is necessary for and directly related to the provision of our Services. There are two types of data that we collect:
(i)Information You Provide to Us
We ask for and collection information, including Personal Data, about you when you use our Services. This information may include, but is not limited to:
(ii)Information We Collect Automatically
When you use our Services, we may automatically collect or receive certain information about your usage of our Services (collectively the "Usage Data"). In some countries, including countries in the European Economic Area (the "EEA"), such information is considered Personal Data under applicable data protection laws. This includes:
3. Sensitive or Special Categories of Personal Data
Different rules apply to the process of Personal Data concerning race, ethnic origin, political opinions or beliefs, religious or other beliefs, trade union memberships, physical or mental health, sexual life or orientation and any offences committed. We do not require, collect, or process such sensitive or special categories of Personal Data.
4. Use of Personal Data
We will only process and use your Personal Data where we are permitted to do so by applicable laws. In particular, we may use the Personal Data we collect or receive for the following purposes:
(i)To Provide, Improve and Develop our Services
(ii)To Provide, Personalize, Measure and Optimize our Advertising and Marketing
(iii)To Provide a Safe Website for Users and to Safeguard our Services and your Personal Data
5. Disclosure of Personal Data
We may share your Personal Data in the following situations:
(i)Third Party Service Providers
We may share your Personal Data with third party service providers to monitor and analyze your use of our Site, to advertise on third party websites to you after you have visited our Site, to facilitate payment processing, and/or to contact you. These third-party service providers have access to your Personal Data only to carry out their specified task, and they are obligated not to disclose or use your Personal Data for any other purpose.
The Payment Processors that we work with are:
We may share your Personal Data with our business partners to offer you certain products, services or promotions.
(iv)Third Parties Permitted By Law
Under certain circumstances, we may also share your Personal Data where disclosure is legally permissible and necessary, and this includes, but is not limited to (i) preventing, investigating, or taking action against illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our agreements, or as otherwise required by law; and (ii) defending our legal rights, responding to lawful court orders, subpoenas, warrants, or other requests by public authorities (including to meet national security or law enforcement requirements).
6. International Transfers
Please contact us as per the instructions in Section 17 below if you would like to see a copy of the specific safeguards applied to the export of your Personal Data.
7. Storage and Retention of Personal Data
8. Security of Personal Data
We are continuously implementing and updating appropriate technical and administrative measures to help protect your Personal Data against unauthorized access, loss, misuse, destruction, or alteration. At HeyCarson, only authorized persons are provided access to the Personal Data we collect from you, and such individuals have agreed and are obliged to keep such information confidential.
9. Privacy Obligations under the GDPR
Under the GDPR, our use of your Personal Data must be justified under one of several legal grounds. The principal legal grounds that justify our use of your Personal Data is as follows:
In any case, we will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement.
10. Access and Correction of Personal Data
Access. You have the right to access, update or delete Personal Data that we are processing about you. Whenever made possible, you can access, update or request deletion of your Personal Data directly within your Account settings. If you are unable to perform these actions yourself, please contact us to assist you.
Correction. You have the right to rectify or correct any incomplete or inaccurate Personal Data that we hold about you.
Right to Object: You have the right to object to our processing of your Personal Data where we are relying on a legitimate interest as the legal basis for processing your Personal Data or if we are processing your Personal Data to send you direct marketing materials.
Restriction: You have the right to restrict us from processing your Personal Data if you think the Personal Data is inaccurate (until or unless such Personal Data is corrected or confirmed to be correct), if the processing is unlawful, or if it is no longer necessary for us to process the Personal Data, subject to any legal or other obligation that we have that overrides your rights herein;
Deletion: You have the right to request that we delete Personal Data that we do not have a legal basis to hold.
Data Portability: You have the right to obtain Personal Data we hold about you, in a structured, electronic format, and to transmit such data to another data controller, provided that it is Personal Data that you provided to us and the processing is carried out by automated means or is based on your consent or for contract performance.
Withdraw Consent: You have the right to withdraw your consent to us using and processing your Personal Data. However, if you withdraw your consent, we may not be able to provide you with access to certain specific functionalities of the Site.
Please note that we may ask you to verify your identity before responding to such requests, and we reserve the right to charge a reasonable fee for processing any data access or correction request.
If you are in the EEA, you also have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the EEA.
11. Tracking Technologies and Cookies
Cookies can be "Persistent" or "Session" Cookies. Persistent Cookies remain on your personal computer or mobile device when you go offline, while Session Cookies are deleted as soon as you close your web browser.
We use both Session and Persistent Cookies for the purposes set out below:
(i) Necessary / Essential Cookies
Type: Session Cookies
Administered by: Us
Purpose: These cookies are essential to provide you with services available through the Site and to enable you to use some of its features. They help to authenticate users and prevent fraudulent use of user Accounts. Without these cookies, the services that you have asked for cannot be provided, and we only use these cookies to provide you with those services.
(ii) Cookies Policy / Notice Acceptance Cookies
Type: Persistent Cookies
Administered by: Us
(iii) Functionality Cookies
Type: Persistent Cookies
Administered by: Us
Purpose: These cookies allow us to remember choices you make when you use the Site, such as remembering your login details or language preference. The purpose of these cookies is to provide you with a more personalized experience and to avoid you having to re-enter your preferences every time you use the Site.
(iv) Tracking and Performance Cookies
Type: Persistent Cookies
Administered by: Third-Parties
Purpose: These cookies are used to track information about traffic to the Site and how users use the Site. The information gathered via these cookies may directly or indirectly identify you as an individual visitor. This is because the information collected is typically linked to a pseudonymous identifier associated with the device you use to access the Site. We may also use these cookies to test new pages, features or new functionality of the Site to see how our users react to them. The Data Subject may, at any time, prevent the setting of cookies through our Site by means of a corresponding setting of the Internet browser used, and may thus permanently deny the setting of cookies. Furthermore, already set cookies may be deleted at any time via an Internet browser or other software programs. This is possible in all popular Internet browsers. If the Data Subject deactivates the setting of cookies in the Internet browser used, not all functions of our Site may be entirely usable.
12. "Do Not Track" Policy as Required by California Online Privacy Protection Act (CalOPPA)
Our Services do not respond to Do Not Track signals. However, some third-party websites do keep track of your browsing activities. If you are visiting such websites, you can set your preferences in your web browser to inform websites that you do not want to be tracked. You can enable or disable DNT by visiting the preferences or settings page of your web browser.
13. Links to Other Sites
14. Children's Privacy
16. Contact Us