Effective Date: [September 3, 2019]
If you have any questions or wish to exercise your rights and choices, please contact us as set out in the “Contact Us” section below.
1. How and what information is collected from me?
Information your provide
We and our Service Providers (defined below) may collect information you provide directly via the Site. For example, we collect information when you access our content, conduct a search on this Site, place an order for merchandise, complete a questionnaire or an entry form for sweepstakes or contests, participate in forums, chat rooms or other community features, or communicate with us through the Site.
Information collected automatically
The methods that may be used on the Site to collect usage information include various technologies (“Tracking Technologies”), including the following:
· Log Files, which are files that record log information which is data about your use of the Site, such as IP address, browser type, internet service provider, referring/exit pages, operating system, date/time stamps, and related data, which is stored in log files.
Internet cookies are small files that may be placed on your device for record-keeping purposes, and may be either session cookies or tracking cookies. Session cookies make it easier for you to navigate the Site and expire when you close your browser. Tracking cookies help in understanding how you use the Site, and remain longer. The Site may associate some or all of these types of cookies with your devices. Cookies may remain on your device for extended periods of time. Cookies are used, among other reasons, to (a) remind us of who you are in order to deliver you better service, (b) estimate our audience size by determining repeat usage of the website to help target advertisements based on user interests and behavior, (c) track your progress and entries in promotions, sweepstakes and contests, if any, and (d) measure certain traffic patterns for use as a research tool to understand how our users’ habits are similar or different from one another.
Web Beacons (“Tracking Pixels”)
o Location-identifying Technologies
Location-aware technologies locate (sometimes precisely) you for purposes such as verifying your location and delivering or restricting relevant content based on your location.
o Device Fingerprinting.
Some information about your use of the Site and certain Third Party Services (defined below) may be collected using Tracking Technologies across time and services and used by us and third parties for purposes such as to associate different devices you use, and deliver relevant ads and/or other content to you on the Site and certain Third Party Services.
For further information on Tracking Technologies and your choices regarding them, please see Sections 5, 7, and 8.
Information from other sources
For further information on Third Party Services, see the “Third Parties” section below.
2. How is my information used?
Manage our Site and support your customer relationship with Company;
Perform services requested by you;
Respond to your comments, questions, and requests, and provide customer service;
Send you technical notices, updates, security alerts, information regarding changes to our policies, and support and administrative messages;
Prevent and address fraud, breach of policies or terms, and threats or harm;
Monitor and analyze trends, usage, and activities;
Conduct research, including focus groups and surveys;
Improve the Site or other Company websites, applications, marketing efforts, products and services;
· Serve advertising tailored to your interests on our Site and Third Party Services; and
Fulfill any other purpose disclosed to you or with your consent.
We also want to help you quickly find information regarding the Site and alert you to specific offers, updated information, rewards, events, and other new products and services that are available. Accordingly, we may send you direct mailings by email about our various products and services or third party products and services we feel may be of interest to you. For information about how to manage these communications and marketing efforts, please see Section 9.
Notwithstanding the above, we may use information that does not identify you (including information that has been aggregated or de-identified) for any purpose except as prohibited by applicable law.
3. How and with whom does Company share my information?
Company may share information about you with any party with your consent or, in any event, with Company’s parents, affiliates, and subsidiaries for internal business purposes.
Company also may share information about you with the following groups: (a) businesses which Company engages in joint and co-branded offerings and sponsorships for their own internal business purposes, (b) persons and entities that participate in Company’s events, such as chefs and restaurants, artists and performers, exhibitors and beneficiaries, and beverage experts for their own internal business purposes, (c) Company’s agents, vendors, consultants and other third party service providers (“Service Providers”) in order to facilitate the performance of only those functions which are assigned to them, such as Site operation and maintenance, order fulfillment, data analysis, marketing assistance, provision of search results and links, credit card payment processing, and customer service, and (d) entities with which Company may merge, consolidate, sell to, or acquire, or which may acquire all or substantially all of Company’s assets, as information about you likely will be one of the transferred assets. To the extent we share information with our Service Providers, those Service Providers are prohibited from using your personal information for any purpose other than to provide assistance, although we may permit them to use aggregate information which does not identify you or de-identified data for other purposes.
In addition, Company may share information about you in order to (x) investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, and violations of the Terms of Service, (y) comply with the law, or respond to subpoenas, court orders, or legal process, and (z) establish or exercise our legal rights, or defend against legal claims, and as otherwise required by law.
We may also share information about you with our affiliates, business partners, and other third parties for their own direct marketing purposes (California residents have certain rights set forth in “Your California Privacy Rights” below).
Notwithstanding the foregoing, Company does research on our users’ demographics, interests and behavior based on the information provided to us during your use of this Site. This research is compiled and analyzed on an aggregated basis. Company may share aggregated data which does not identify you or de-identified information with others for any purpose. Finally, we may share information to fulfill any other purpose disclosed to you or with your consent.
4. Sweepstakes, Contests, Promotions
We may offer sweepstakes, contests, surveys, and other promotions (each, a “Promotion”) jointly sponsored or offered by third parties that may require submitting personal information. If you voluntarily choose to enter a Promotion, your personal information may be disclosed to third parties for administrative purposes and as required by law (e.g., on a winners list). By entering, you agree to the official rules that govern that Promotion, and may, except where prohibited by applicable law, allow the sponsor and/or other parties to use your name, voice and/or likeness in advertising or marketing materials.
5. What should I know about third parties?
Our Site contains content from and hyperlinks to websites, locations, platforms, and services operated and owned by third parties (“Third Party Services”). For example, you may be able to purchase tickets to our events from a Third Party Service, such as Eventbrite. In addition, our Site contains features that allow you interact with, connect to, or access our Site through certain Third Party Services and third party devices (“Third Party Features”). For example, you use a Third Party Feature when you “like” or “share” content over social media through our Site. If you use a Third Party Feature, both we and the applicable third party may have access to and use information associated with your use of the Third Party Feature. Some examples of Third Party Features include the following:
• Liking, Sharing, and Logging-In. We may embed a pixel or SDK on our Site that allows you to “like” or “share” content on Third Party Services, including social networks such as Facebook and Twitter. If you choose to engage with such a Third Party Service through our Site, we may collect any information you have authorized the Third Party Service to share with us (such as your user ID, billing information, public profile information, email address, birthday, friends list, and other account and profile data). Likewise, if you choose to engage with such a Third Party Service through our Site or visit our Site while logged in to that Third Party Service on your device, the Third Party Service may receive information about your activities on our Site and be able to associate that information with information the Third Party Service already has about you.
We serve ads on and through Third Party Services, such as Facebook and Google, that are targeted to reach people (or people similar to people) who have visited our Site or are identified in one or more of our databases (“Matched Ads”). For example, we use Facebook Custom Audiences to serve Matched Ads. This is done by us uploading a customer list to the Third Party Service or incorporating a pixel from the Third Party Service on our Site, and the Third Party Service matching common factors between our data and their data. To opt-out of us using your data for Matched Ads, please contact us as set forth in section 17 and specify that you wish to opt-out of Matched Ads. We will request that the applicable Third Party Services not serve you Matched Ads based on information we provide to it. You may also contact the applicable Third Party Services to opt-out. We are not responsible for such Third Party Services’ failure to comply with our or your opt-out instructions.
For further information on Tracking Technologies and your choices regarding them, please see Sections 1, 7, and 8.
6. How do I access, update or delete my information?
You can request access to certain account information that you have voluntarily submitted to Company, correct factual inaccuracies in such information, and remove and/or update such information by contacting us at the address specified in Section 17. We may require additional information from you to allow us to confirm your identity. Please note that we will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. California residents and data subjects in Europe have additional rights as set out in Sections 11, 12, and 18 below.
7. How do I exercise choice with regard to tracking technologies in general?
Your browser settings may allow you to automatically transmit a “Do Not Track” signal to online services you visit. Note, however, there is no industry consensus as to what site and app operators should do with regard to these signals. Accordingly, we do not monitor or take action with respect to “Do Not Track” signals or other mechanisms. For more information on “Do Not Track,” visit http://www.allaboutdnt.com.
You can reset your device Ad Id at any time through your device settings, which is designed to allow you to limit the use of information collected about you. You can stop all collection of precise location data through an app by uninstalling the app or withdrawing your consent through your device settings.
8. How do I exercise choice with regard to analytics and online advertising?
You may choose whether to receive Interest-based Advertising by submitting opt-outs. Some of the advertisers and Service Providers that perform advertising-related services for us and our partners may participate in the Digital Advertising Alliance ("DAA") Self-Regulatory Program for Online Behavioral Advertising. To learn more about how you can exercise certain choices regarding Interest-based Advertising, visit http://www.aboutads.info/choices. Some of these companies may also be members of the Network Advertising Initiative (“NAI”). To learn more about the NAI and your opt-out options for their members, see http://www.networkadvertising.org/choices/. Please be aware that, even if you are able to opt-out of certain kinds of Interest-based Advertising, you may continue to receive other types of ads. Opting-out only means that those selected members should no longer deliver certain Interest-based Advertising to you, but does not mean you will no longer receive any targeted content and/or ads (e.g., from other ad networks). Company is not responsible for effectiveness of, or compliance with, any third-parties’ opt-out options or programs or the accuracy of their statements regarding their programs. You may also limit our use of information collected from or about your mobile device for purposes of serving online behavioral advertising to you by going to your device settings and selecting “Limit Ad Tracking” (for iOS devices) or “Opt out of Interest-Based Ads” (for Android devices).
Third party websites and applications may display ads from Company that are targeted to reach people on those websites or applications who are also identified on one of more of Company’s databases. This is done by matching common factors between Company’s databases and the databases of these third parties. For instance, we may share your email address with Facebook as part of Facebook’s Matched Ads services. If we use Facebook’s Matched aAds services, you should be able to hover over the box in the right corner of such a Facebook ad and find out how to opt-out with us from such list. If you opt-out with us from Facebook Matched Ads services, we will remove the matching personal information from that Facebook list, however, this will not take effect immediately and if you have multiple emails or other accounts you may have to opt-out separately for each one. We are not responsible for such third parties’ failure to comply with your or our opt-out instructions.
9. How do I exercise choice with regard to your communications with me?
If you do not want to receive promotional emails from us, simply “opt-out” by following the instructions as provided in emails to click on the unsubscribe link or by contacting firstname.lastname@example.org with the word UNSUBSCRIBE in the subject field of the email. Please note that your opt-out is limited to the email address used and will not affect subsequent subscriptions or non-promotional communications, such as those about your account, transactions, servicing, or Company’s ongoing business relations.
10. What does “opt-out” mean?
To “opt-out” means that you have notified Company that we no longer have permission to use your information for a particular purpose. For more information about your opt-out options, please see Sections 7, 8 and 9 above.
11. Your California Privacy Rights
California’s “Shine the Light” law permits customers in California to request certain details about how certain types of their information are shared with third parties and, in some cases, affiliates, for those third parties’ and affiliates’ own direct marketing purposes. Under the law, a business should either provide California customers certain information upon request or permit California customers to opt-in to, or opt-out of, this type of sharing.
Company may share personal information as defined by California’s “Shine the Light” law with third parties and/or affiliates for such third parties’ and affiliates’ own direct marketing purposes. If you are a California resident and wish to obtain information about our compliance with this law, please email us at email@example.com or send a letter to the address specified in Section 17. Requests must include “California Privacy Rights Request” in the first line of the description and include your name, street address, city, state, and ZIP code. Please note that Company is not required to respond to requests made by means other than through the provided email address or mail address.
Any California residents under the age of eighteen (18) who have registered to use the Site and have posted content or information on the Site, can request that such information be removed from the Site by sending an e-mail to us at firstname.lastname@example.org. Requests must state that the user personally posted such content or information and detail where the content or information is posted. We will make reasonable good faith efforts to remove the post from prospective public view.
12. Your European Privacy Rights.
Data subjects in Europe have additional rights as set out in the “Additional Disclosures for Data Subjects in Europe” section 18 below.
The Site is not intended for use by children under thirteen (13). We will not knowingly collect any personal information as defined by the U.S. Children’s Privacy Protection Act (“COPPA”) submitted by visitors to the Site who are under the age of 13 in a manner that is not permitted by COPPA. If you are a parent or guardian and believe Company has collected such information in a manner not permitted by COPPA, please email us at email@example.com or send a letter to the address specified in Section 16, and we will remove such data to the extent required by COPPA.
14. Data Security
Company uses reasonable measures to protect your personal information and, to that end, uses tools such as encryption, passwords, and physical security to protect your personal information against unauthorized access and disclosure. However, no website can be absolutely secure, and third parties may unlawfully intercept or access transmissions or private communications, and other users may abuse or misuse your personal information that they collect from this Site. Therefore, we do not promise, and you should not expect, that your personal information or private communications will always remain absolutely private.
15. Privacy Shield and International Transfer
Company will comply with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set out by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from the European Union and Switzerland to the U.S., respectively. Company will certify that it adheres to the Privacy Shield Principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, and recourse, enforcement and liability.
In accordance with our obligations under Privacy Shield, and subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission, we hereby affirm our commitment to subject to the Privacy Shield Principles all personal data transferred from the European Union and Switzerland in reliance on Privacy Shield. This means that, in addition to our other obligations under the Privacy Shield Principles, we shall be liable to you for any third party agent to which we transfer your personal data and that processes such personal data in a manner that violates the Privacy Shield Principles, unless we can demonstrate that we are not responsible for the resulting damages.
In the event that you have any inquiry, dispute, or claim arising out of or relating to our compliance with Privacy Shield, please contact us as set out in section 17 below. If we are unable to resolve your complaint directly, you may submit your complaint at no cost to you to JAMS at https://www.jamsadr.com/file-an-eu-us-privacy-shield-or-safe-harbor-claim. In the event there are residual complaints that have not been resolved by JAMS, or any other means, you may seek a non-monetary remedy through binding arbitration to be provided to you in accordance with the Privacy Shield Principles.
To learn more about the Privacy Shield Framework, and to view Company’s certification, please visit https://www.privacyshield.gov/.
16. Other legal notices.
17. Contact us
If you have any concern about your privacy in connection with this policy, please send a thorough description to firstname.lastname@example.org, and we will try to resolve it. You can also send a letter to the following address:
Marcus Samuelsson Group LLC
Marcus Samuelsson Group
273 Lenox Avenue
New York, NY 10027
Fax: 1 (646) 514-0555
18. Additional Disclosures for Data Subjects in Europe.
A. Data Controller.
Data protection laws in Europe make a distinction between organizations that process personal data for their own purposes (known as “controllers”) and organizations that process personal data on behalf of other organizations (known as “processors”).
B. Lawful Basis for Processing.
Data protection laws in Europe require a “lawful basis” for processing personal data. Our lawful bases include where: (a) you have given consent to the processing for one or more specific purposes, either to us or to our Service Providers, partners, or customers; (b) processing is necessary for the performance of a contract with you; (c) processing is necessary for compliance with a legal obligation; or (d) processing is necessary for the purposes of the legitimate interests pursued by us or a third party, and your interests and fundamental rights and freedoms do not override those interests.
C. Your European Privacy Rights.
If you are a data subject in Europe, you have the right to access, rectify, or erase any personal data we have collected about you. You also have the right to data portability and the right to restrict or object to our processing of personal data we have collected about you. In addition, you have the right to ask us not to process your personal data (or provide it to third parties to process) for marketing purposes or purposes materially different than for which it was originally collected or subsequently authorized by you. You may withdraw your consent at any time for any data processing we do based on consent you have provided to us.
You may exercise your rights by submitting a written request to us at the address set out in section 17 above. We will respond to your request within 30 days. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions.
If your personal data has been processed by us on behalf of a customer and you wish to exercise any rights you have with such personal data, please inquire with our customer directly. If you wish to make your request directly to us, please provide the name of our customer on whose behalf we processed your personal data. We will refer your request to that customer, and will support them to the extent required by applicable law in responding to your request.
If you have a complaint about our use of your personal data or response to your requests regarding your personal data, you may submit a complaint to the data protection regulator in your jurisdiction. We would, however, appreciate the opportunity to address your concerns before you approach a data protection regulator, and would welcome you directing an inquiry to us first as specified in the “Contact Us” section above.