PRIVACY AND COOKIES POLICY
Effective Date: May 15, 2022
For EEA / UK residents:
If you are resident in the European Economic Area (“EEA”) / United Kingdom (“UK”), we will comply with the EU and UK General Data Protection Regulations (“GDPR”, as applicable) and/or other applicable data protection and privacy laws in the EEA or UK. For the purposes of the GDPR on the Website, Ice Cream Social is a data “Controller” and you are a “Data Subject” with certain protected privacy rights concerning your “Personal Data.”
- Who Collects Your Information On Our Website?
We do. We collect information from you on the Website, and we are responsible for protection of your information.
- What Information Does Ice Cream Social Collect?
- Requested Information. On various pages on the Website, we may request specific Personal Data about you in order to register you for an account to use our Services as a merchant, add you to our email list, facilitate payments for and delivery of our Services, or fulfill your requests for information. You may choose not to provide your Personal Data, but then you might not be able to take advantage of some of the features of our Website and Services. We do not collect any Special Category Data (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data) as defined in the GDPR. Nor do we collect any information about criminal convictions and offenses.
The types of Personal Data we collect and save include:
- Contact and account registration information such as name, email address, physical address, date of birth, and phone number;
- Financial and transactional information such as bank or credit card information, details about payments to and from you and details of products and Services you have purchased or otherwise obtained from us;
- Information that you provide in using our Services, such as information about your customers;
- Marketing and Communications Data including your email address, your preferences in receiving marketing from us and our third parties and your communication preferences;
- Information you provide such as feedback, comments or other messages; and
- Technical and usage information collected in our logs. Such information may include standard web log entries that contain your IP address, page URL, browser plug-in types and versions, device information and identifier, operating system information, and timestamp.
- Aggregate Information. We may also collect anonymous, non-identifying and aggregate information such as the type of browser you are using, device type, the operating system you are using, and the domain name of your Internet service provider. Aggregated data may be derived from your Personal Data, but is not itself Personal Data and it cannot be used, either on its own or together with other data, to directly or indirectly reveal your identity.
- Why Is My Personal Data Being Collected?
We need to collect your Personal Data so that we can respond to your requests for information / demonstrations or to be added to our emailing lists, and to process your requests for access to accounts and payment for our Services. We also collect aggregate information to help us better design the Website. We collect log information for monitoring purposes to help us to diagnose problems with our servers, administer the Website, calculate usage levels, and otherwise provide services to you. Further details on why your Personal Data is being collected and our legal basis for doing so under GDPR (for EEA/UK residents) are provided in Section 15, below.
- How Do We Use the Information We Collect?
- We use the Personal Data you provide for the purposes for which you have submitted it including:
- Responding To Your Inquiries, Feedback and Fulfilling Your Requests. We may use your Personal Data to respond to your inquiries and feedback, and to fulfill your requests for information.
- Creating and Maintaining Your User Account. We use your Personal Data to create and maintain an account for you to allow you to purchase and use the Services we make available on the Website.
- Subscribing To and Paying For Our Services. We use your Personal Data to add your subscriptions to our Services, and process your payment for these Services.
- Participating in Special Promotions.
- Communicating With You About Our Services. We may use your Personal Data to send you marketing information about new services or the Services and other items that may be of interest to you.
- We may use anonymous aggregated information that we collect to improve the design and content of our Website, and to enable us to personalize your Internet experience. We also may use this anonymous aggregated information to analyze how our Website is used, analyze industry trends, as well as to enable us to offer new programs or services.
- What Are Your Choices Regarding Our Marketing Materials?
We strive to provide you with choices regarding certain Personal Data uses, particularly around marketing and advertising. When required under law (including the GDPR), we will obtain your consent to send you marketing and advertising materials. In general, we will provide a button, checkbox or other means where you affirmatively opt-in to receive marketing emails or other communications from us. You can change your preferences or ask us to stop sending you marketing messages and/or remove your email from our mailing lists by contacting us at email@example.com or by following the instructions within the marketing messages that you have received.
- Do We Share Your Personal Data?
- In general, we will not share your Personal Data except:
(a) for the purposes for which you provided it;
(b) with your consent;
(c) as may be required by law, for example with our professional advisors, lawyers, insurers, regulators and other authorities, or as we think necessary to protect our organization or others from injury (e.g., in response to a court order or subpoena, in response to a law enforcement agency request, or when we believe that someone is causing, or is about to cause, injury to or interference with the rights or property of another);
(d) on a confidential basis with persons or organizations with whom we contract, such as our suppliers, to carry out internal site operations or as necessary to render the Services;
(e) with our business partners only in compliance with relevant data protection laws; or
(f) for marketing purposes with your consent with our affiliates including without limitation TicketSocket, Inc. (https://ticketsocket.com/).
We may also share aggregate anonymous information with others, including affiliated and non-affiliated organizations.
- What Categories of Personal Data Do We Share?
We share only the categories of Personal Data required for us to carry out our internal operations or as necessary to render our Services that you have requested. These categories include your contact and registration information, financial and transaction information, information you process through our Services, and your technical and usage information. As discussed above, the categories of third parties with whom we may share such Personal Data include our service providers, suppliers, business partners, affiliates and professional advisors, as well as law enforcement.
- Are There Other Ways My Personal Data Could Be Shared?
- How Can You Access and Control Your Information?
After registering for an account on the Website, you may log-in to the account and edit your Personal Data in your profile. For instructions on how you can further access your Personal Data that we have collected, or how to correct errors or inaccuracies in such information, please send an e-mail to firstname.lastname@example.org. We will also promptly stop using your Personal Data and remove it from our servers and database at any time upon your e-mail request (but please note that merchants who use our Services must maintain at least one email address). To protect your privacy and security, we will take reasonable steps to help verify your identity before granting access, making corrections or removing your information.
- How Do We Store and Protect Your Information?
- After receiving your Personal Data, we will store it on our Website systems for future use. We have physical, electronic, and managerial procedures in place to safeguard and help prevent unauthorized access, maintain data security, and reasonably use the information we collect. Unfortunately, no data transmission over the Internet or data storage solution can ever be completely secure. As a result, although we take industry-standard steps to protect your information (e.g., strong encryption), we cannot ensure or warrant the security of any information you transmit to or receive from us or that we store on our or our service providers’ systems.
- If you are visiting the Website from outside of the USA, you understand that your connection will be through and to servers located in the USA, and the information you provide will be transferred outside your local location (e.g., the EEA/UK), and will be securely stored in our web servers and internal systems located within the USA.
- For EEA/UK citizens: Whenever we transfer your Personal Data outside of the EEA or UK, we ensure a degree of protection is afforded to it that is similar to that of the EEA or UK by ensuring at least one of the following safeguards is implemented:
- We will only transfer your Personal Data to countries that have been deemed to provide an adequate level of protection for Personal Data under EEA or UK laws; or
- Where we use certain service providers, we may use specific contracts approved under EEA or UK laws which give Personal Data the same protection it has in EEA or UK.
- We will only retain your Personal Data for as long as is reasonably necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your Personal Data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
- We store our logs and other technical records indefinitely (or where they contain personal data, for as long as we have a legitimate reason to keep that information in light of the purpose for which it was provided).
- To enhance your online experience with us, our Website may presently or in the future use “cookies.” Cookies are text files that our web server may place on your hard disk to store your preferences. We may use session, persistent, first-party and third-party cookies. Cookies, by themselves, do not tell us your e-mail address or other Personal Data unless you choose to provide this information to us. Once you choose to provide Personal Data, however, this information may be linked to the data stored in a cookie. We have summarized the types of cookies in Section 11.D, below.
- We or our service providers may also use “pixel tags,” “web beacons,” “clear GIFs” embedded links, and other commonly used information-gathering tools in connection with some pages on our Website and HTML-formatted email messages for such purposes as compiling aggregate statistics about Website usage and response rates. A pixel tag is an electronic image (often a single pixel), that is ordinarily not visible to website visitors, and may be associated with cookies on visitors’ hard drives. Pixel tags allow us and our service providers to count users who have visited certain pages of our Website, to deliver customized services, and to help determine the effectiveness of our Website and Services. When used in HTML-formatted email messages, pixel tags can inform the sender of the email whether and when the email has been opened. Please note that we do not use or set these types of technologies on the websites of third parties.
- As you use the Internet, you leave a trail of electronic information at each website you visit. This information, which is sometimes referred to as “Visitor Data”, can be collected and stored by a website’s server. Visitor Data can reveal the type of computer and browsing software you use and the address of the website from which you linked to our Website. We may use Visitor Data as a form of non-Personal Data to determine how much time visitors spend on each page of our Website, how visitors navigate through our Website, and how we may tailor our web pages to better meet the needs of visitors. We will only use this information to improve our Website.
- The types of cookies that we may use on our Website include the following:
- Strictly necessary cookies. These are cookies that are required for the operation of our Website. They include, for example, cookies that enable you to log into secure areas of our Website, use a shopping cart or make use of e-billing services.
- Analytical/performance cookies. These cookies allow us to recognise and count the number of visitors and to see how visitors move around our Website when they are using it. This helps us to improve the way our Website works, for example, by assisting users in easily finding what they are looking for.
- Functionality cookies. These cookies are used to recognise you when you return to our Website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
- Targeting cookies. These cookies record your visit to our Website, the pages you have visited and the links you have followed. We may use this information to make our Website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
|These cookies are used to identify visitors across visits and devices. They are used by AdRoll.com to allow us to engage in real-time bidding for our advertisements so that we can present relevant advertising on third party sites.|
|This cookie is associated with the DoubleClick advertising service from Google, and helps tracking conversion rates for ads.|
|cli_user_preference||The cookie is used to store the yes/no selection the consent given for cookie usage. It does not store any personal data.|
|Google analytics cookies are used to collect information about how visitors use our Website. This information may be used to compile reports and to help us improve the Website.
For more information, read Google’s overview of privacy available at: https://support.google.com/analytics/answer/6004245
- Third Party Tools. Our Website uses the following third party tools.
- How To Manage Cookies
You may manage, disable and remove cookies from your computer using the following methods:
(1) Modify your browser settings:
- Please follow the instructions provided by your browser to manage, disable or remove cookies.
- Please be careful in making your choices. By blocking the receipt of all cookies indiscriminately, including the technical ones, without providing a specific exception for the Website, you may no longer able to surf the Website or to benefit, in whole or in part, from its functionalities. Furthermore, removing the technical cookies could remove the preferences set up by using the Website so that you could no longer find products or services you expect to see.
(2) Use our interactive banner:
- In order to disable first party profiling cookies and/or identifiers (i.e., those cookies that we directly install), you can simply edit your preferences using the interactive banner that is displayed on our Website homepage. Your choice to disable the use of these cookies will not have any consequences on your ability to surf the Website or use its functionalities. You may reinstate cookie functionality at any time.
In order to disable the third parties cookies or identifiers, please see the privacy policies of those third parties.
- Collection of Information by Others
Our Website may include links that take you to certain third party websites. Please check the privacy policies of these other websites to learn how they collect, use, store and share information that you may submit to them or that they collect.
- Children and Young People’s Information
We do not knowingly collect any information from any minors, and we comply with all applicable privacy laws including the GDPR, CCPA, USA Children’s Online Privacy Protection Act (“COPPA”) and associated Federal Trade Commission (“FTC”) rules for collecting Personal Data from minors. Please see the FTC’s website (www.ftc.gov) for more information. If you have concerns about this Website or its Services, wish to find out if your child has accessed our Services, or wish to remove your child’s Personal Data from our servers, please contact us at email@example.com. Our Website will not knowingly accept Personal Data from anyone under 13 years old without consent of a parent or guardian. In the event that we discover that a child under the age of 13 has provided Personal Data to us, we will make efforts to delete the child’s information in accordance with the COPPA. If you believe that your child under 13 has gained access to our Website without your permission, please contact us at firstname.lastname@example.org
- California Privacy Rights
The California Consumer Privacy Act (“CCPA”) enhances privacy rights and consumer protection for residents of California. Under the CCPA, California residents have the rights to: 1) know what Personal Data are being collected about them in the preceding twelve (12) months; 2) know if their Personal Data are sold or disclosed in the preceding twelve (12) months, and to whom; 3) say ‘no’ to the sale of their Personal Data; 4) access and request deletion of their Personal Data; and 5) receive equal service and price from businesses, even after exercising the foregoing privacy rights. California law allows California residents to request information regarding our disclosures in the preceding twelve (12) months, if any, of their Personal Data to third parties. Further, in accordance with the CCPA we provide a specific ‘Do Not Sell My Personal Informationlink on our Website at https://www.icecreamsocial.io/contact-us where you may specifically opt out of any sale of your Personal Data by us. To request access or deletion of your Personal Data, please contact us at email@example.com with “Request for Privacy Information” in the subject line. Please include enough detail for us to locate your file to include your name, email address, and username, if any. After verifying your identity, we will provide you with the requested information within forty-five (45) days of receipt. We reserve our right not to respond to requests submitted to an address other than the one posted in this notice. Please note that the CCPA law does not cover all information sharing. Our disclosure only includes information covered by the law.
- For EEA/UK Residents
- Your Legal Rights
If you are an EEA/UK resident, under the data protection laws that apply to you, you may contact us at firstname.lastname@example.org to exercise your rights to:
- Request access to your Personal Data (commonly known as a “data subject access request”). This enables you to receive a copy of the Personal Data we hold about you and to check that we are lawfully processing it.
- Request corrections of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of any new data you provide to us.
- Request erasure of your Personal Data. This enables you to ask us to delete or remove Personal Data where there is no good reason for us to continue to process it. You also have the right to ask us to delete or remove your Personal Data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your Personal Data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons of which we will notify you, if applicable, at the time of your request.
- Object to processing of your Personal Data where we are relying on a legitimate interest (or those of a third party), and you object to this processing as you feel it impacts your fundamental rights and freedoms. You may also object to our processing your Personal Data for direct marketing purposes. In some cases, we may deny your objection if we can demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
- Request restriction of processing of your Personal Data. You may request us to suspend the processing your Personal Data in the following scenarios:
- If you want us to establish the data’s accuracy.
- Where our use of the data is unlawful but you do not want us to erase it.
- Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims.
- You have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
- Request the transfer of your Personal Data to you or to a third party. Upon request, we will provide to you, or a third party you have chosen, your Personal Data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information that you initially consented for us to use, or that we used in performing our obligations under a contract with you.
- Withdraw consent at any time where we are relying on consent to process your Personal Data. This withdrawal will not, however, affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
- Make a complaint to a regulator. You have the right to make a complaint at any time to your local supervisory authority with regard to data protection issues. We would, however, appreciate the chance to deal with your concerns before you approach any supervisory authority, so please contact us in the first instance.
- Purposes / Legal Basis For Which We Will Use Your Personal Data
For EEA/UK residents, data protection laws require us to explain to you our legal basis for using your Personal Data. Most commonly, we will use your Personal Data under the following legal bases:
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests;
- Where we need to perform our obligations under a contract we are about to enter into, or have entered into with you; and
- Where we need to comply with a legal obligation.
Generally, we do not rely on consent as a legal basis for processing your Personal Data although we will get your consent before sending direct marketing communications to you via email if we are contacting you using details other than your corporate email address. You have the right to withdraw consent to marketing at any time by contacting us.
|Purpose/Activity||Type of Personal Data||Lawful basis for processing|
|To register you as a new client and to create and maintain your merchant or user account||Name, email address, address, username, password, and phone number||Performance of a contract between you and us
Necessary for our legitimate interests (to provide services to our clients)
|To process and deliver your order for our Services including:
(a) Manage payments, fees and charges; and
(b) Collect and recover money owed to us
|Name, email address, address, phone number, credit/debit card/bank details and transaction history.||Performance of a contract between you and us
Necessary for our legitimate interests (to provide services to our clients and to recover debts due to us)
|To manage our relationship with you which will include:
(b) Asking you to provide feedback
|Name, username, email address and transaction history.||Necessary to comply with a legal obligation
Necessary for our legitimate interests (to keep our records updated and to study how our products/services are used)
|To deal with any enquiries, correspondence, concerns or complaints you have raised||Name, username, email address, and information about the issue raised||Legitimate interests (to allow us to respond and deal with any queries, correspondence, concerns or complaints raised by you)|
|To administer and protect our business and the Website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)||Name, username, email address, standard web log entries that contain your IP address, page URL, browser plug-in types and versions, device information and identifier, operating system information, and timestamp||Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)
Necessary to comply with a legal obligation
|To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you||Name, username, email address, standard web log entries that contain your IP address, page URL, browser plug-in types and versions, device information and identifier, operating system information, and timestamp||Consent, when required
Necessary for our legitimate interests in providing our website and promoting our business
|To use data analytics to improve our Website, products/Services, marketing, customer relationships and experiences||Name, username, email address, standard web log entries that contain your IP address, page URL, browser plug-in types and versions, device information and identifier, operating system information, and timestamp||Necessary for our legitimate interests (to define types of customers for our products and Services, to keep our Website updated and relevant, to develop our business and to inform our marketing strategy)|
|To make suggestions and recommendations to you about products or Services that may be of interest to you||Your name and email address||Consent, when required
Necessary for our legitimate interests in providing our website and promoting our business
- Changes to this Policy
- Our Contact Information
Copyright © Ice Cream Social, Inc. All rights reserved. The Website is the property of Ice Cream Social, Inc. and is protected by United States and international copyright, trademark, and other applicable laws. This includes the content, appearance, and design of the Website, as well as the trademarks, product names, graphics, logos, service names, slogans, colors, and designs.