I. IMPORTANT INFORMATION AND WHO WE ARE
II. THE INFORMATION WE COLLECT ABOUT YOU
III. HOW IS YOUR PERSONAL INFORMATION COLLECTED
IV. THIRD PARTY INTERACTIONS
V. THIRD PARTY ANALYTICS PROVIDERS & AD SERVERS; ONLINE TRACKING
VI. HOW WE USE YOUR PERSONAL INFORMATION
VII. DISCLOSURES OF YOUR PERSONAL INFORMATION
VIII. YOUR CHOICES
IX. DATA SECURITY
X. USERS OUTSIDE OF THE UNITED STATES AND INTERNATIONAL TRANSFERS
XI. CALIFORNIA RESIDENTS – YOUR CALIFORNIA PRIVACY RIGHTS
XIII. ADDITIONAL INFORMATION FOR RESIDENTS OF THE EUROPEAN UNION
I. IMPORTANT INFORMATION AND WHO WE ARE
The Sites are not intended for children, and we do not knowingly collect information relating to children. If BLACKDOT discovers that it has inadvertently collected Personal Information from anyone younger than the age of 16, it will delete that information.
The Sites may include links to third-party websites, plug-ins and applications and certain content on the Sites may be hosted and served by third parties that BLACKDOT does not control. Clicking
In addition, BLACKDOT content may be included on web pages and websites that are not associated with BLACKDOT and over which we have no control. These third parties may collect data through the use of their own cookies, web beacons or other technology, independently collect information or solicit Personal Information, and may have the ability to track your use of their websites and services. BLACKDOT is not responsible for the privacy practices or the content of any third party.
Personal Information or personal data means any information about an individual from which that person can be identified. It does not include information where the identity has been removed (“Anonymous Data”).
We and our third-party service providers may collect, use, store and transfer different kinds of Personal Information about you that we have grouped together follows:
• Identity Information includes name, username or similar identifier, title, date of birth, and gender.
• Demographic Information includes zip code, age and/or income.
• Contact Information includes billing address, delivery address, email address and telephone numbers.
• Financial Information includes bank account and payment card details.
• Transaction Information includes details about payments to and from you and other details of products and services you have purchased from us.
• Technical Information includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology or other unique identifier (a set of numbers or characters that is assigned to your computer, mobile phone, or other device when you are on the Internet) (“Device Identifier”) for any computer, mobile phone, tablet or other device (any of which are referred to herein as a “Device”) used to access the Sites.
• Profile Information includes your username and password, purchases or orders made by you, your interests, preferences, and feedback.
• Usage Data includes information about how you use our website, products, and services, including all of the areas within our Site that you visit or use, and the time of day you visited the Site, among other information.
• Marketing and Communications Information includes your preferences in receiving marketing from us and our third parties and your communication preferences.
• Location Information includes information about your location using a variety of technologies, such as GPS, IP address, and connected or nearby Wi-Fi networks.
We do not collect any Special Categories of Personal Information about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
We use different methods to collect information from and about you including through:
• Direct interactions. You may give us your Identity, Demographic, Contact, Financial, Profile, or Marketing and Communications Information by filling in forms or by corresponding with us by mail, phone, email, or otherwise. This includes Personal Information you provide when you:
o purchase our products or services.
o create an account on our Sites.
o subscribe to our service or publications.
o request marketing to be sent to you; or
o Cookies – Cookies are data files sent to and stored on the Device you use to view a website. Cookies can be used for many purposes, including to monitor use of our Sites, to customize content specific to your interests, to ensure that you do not see the same advertisement repeatedly and to store your username and password so you do not have to re-enter it each time you visit the Sites. If you choose to disable cookies on your Device, some features of the Sites or our content may not function properly.
o Web Beacons – Web Beacons are small graphic images or other web programming code (also known as “1×1 GIFs” or “clear GIFs”) that may be included on the Sites and in our e-mail messages. Web beacons may be invisible to you, but any electronic image or other web programming code inserted into a web page or e- mail can act as a web beacon. Web beacons or similar technologies may be used for a number of purposes, including, without limitation, to count visitors to the Sites, to monitor how users navigate the Sites, to count how many e-mails that were sent were actually opened or to count how many particular articles or links were actually viewed.
o Embedded Scripts – Embedded scripts are programming code designed to collect information about your interactions with the Sites, such as the links you click. The code is temporarily downloaded onto your Device from our web server or a third- party service provider, is active only while you are connected to the Sites.
o Technical Information from the following parties:
□ analytics providers.
□ advertising networks; and
□ search information.
o Contact, Financial and Transaction Information from providers of technical, payment and delivery services.
o Contact and Financial Information from companies that facilitate making reservations.
o Identity and Contact Information from publicly available sources.
Certain functionality on the Sites may permit interactions that you initiate between the Sites and a third-party website or service (“Third Party Interactions”). Examples of Third-Party Interactions may include technology that enables you to “like” or “share” content from the Sites on or to other websites or services; to transmit content to the Sites from your account on a third party website or service; and to otherwise connect the Sites to a third party website or service, such as through an application programming interface (API) made available by BLACKDOT or a third party.
If you choose to use Third Party Interactions, information you post or provide access to may be publicly displayed on the Sites or by the provider of the feature that you use. Similarly, if you post information on a third-party platform that references the Sites (e.g., by mentioning one of the Sites or using a hashtag associated with one of the Sites in a tweet or status update), your post may be published on our Sites in accordance with the terms of the third party website or service. In addition, both BLACKDOT and the third party may have access to certain information about you and your use of the Sites and the third-party website or service. In addition, we may receive information about you in connection with other users’ use of Third-Party Interactions (e.g., we may learn that you are a “friend” or “connection” of the third party or receive other information about you that the other user enables us to receive).
BLACKDOT works with certain third parties (including network advertisers, ad agencies, and analytics companies) to provide us with information regarding traffic on the Sites, to serve advertisements, including our advertisements elsewhere online, and to provide us with information regarding the use of the Sites and the effectiveness of our advertisements. For example, if you clicked on one of our advertisements that led you to one of the Sites, our service provider(s) may be able to tell us which advertisement you clicked on and where you were viewing the advertisement. These third parties may set and access their own tracking technologies (including cookies, embedded scripts, and web beacons) and may otherwise collect or have access to your Device Identifier, Usage Data, and related information about you. Cookies and web beacons, including those set by third party network advertisers, may be used to, among other things, target advertisements, prevent you from seeing the same advertisements too many times, conduct research regarding the usefulness of certain advertisements to you, and assist in providing analytics. We may share Device Identifier and Usage Data about visitors with third party advertising companies, analytics providers, and other vendors for similar purposes. While we may use a variety of service providers to perform advertising and analytics services, some of these companies may be members of the Network Advertising Initiative (“NAI”) or the Digital Advertising Alliance (“DAA“) Self-Regulatory Program for Online Behavioral Advertising.
For additional information regarding targeted advertising and the “opt-out” procedures of NAI members and DAA Self-Regulatory Program participating companies, you may visit:
• NAI Opt-Out Tool (for website users): http://www.networkadvertising.org/managing/opt_out.asp
• DAA Consumer Choice (for website users): http://www.aboutads.info/choices/
• DAA AppChoices (for mobile app users): http://youradchoices.com/appchoices
Please note that opting out through these mechanisms does not opt you out of being served advertising. You may continue to receive generic ads while visiting the Site and elsewhere online. Some third parties may collect Personal Information about your online activities over time and across different websites.
Your browser settings may allow you to automatically transmit a “Do Not Track” signal to websites and online services you visit. However, there is no consensus among industry participants as to what “Do Not Track” means in this context. Like many websites and online services, the Sites currently do not alter their practices when they receive a “Do Not Track” signal from a visitor’s browser. To find out more about “Do Not Track,” you may wish to visit http://www.allaboutdnt.com.
We may use the information we collect about you, including Personal Information and Usage Data:
• to provide you with our products and services and related customer service.
• to send you information about BLACKDOT or our products or services, or promotional material from some of our advertisers or third-party business partners.
• to process a transaction you initiate, process payments and provide accurate billing and shipping.
• to provide you with information, products, or services that you have requested or agreed to receive.
• to process your registration with the Sites, including verifying your Contact Information is active and valid.
• to identify you as a user in our system.
• to present our Sites and its contents in a suitable and effective manner for you and for your device.
• to customize and tailor your experience on the Sites, for example, by displaying content that we think you might be interested in.
• to bill you for BLACKDOT products and services.
• to provide improved administration of our Sites and services.
• to send you administrative e-mail notifications, such as order confirmations, order status updates, security, or support and maintenance advisories.
• to market our products or services, including recommending products or services that might be of interest to you.
• to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.
• to contact you with regard to your use of the Sites and, in our discretion, changes to the Site policies or functionality; and
In addition to the above, we may use Anonymous Data to analyze request and usage patterns so that we may enhance the content of our services and improve navigation on the Websites. We reserve the right to use Anonymous Data for any purpose and disclose Anonymous Data to third parties in our sole discretion.
We may use your Identity, Contact, Technical, Usage and Profile Information to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you.
You will receive marketing communications from us if you have requested information from, purchased goods or services from us, or if you provided us with your details when you registered out our Sites and, in each case, you have opted to receive that marketing.
We do not share your Personal Information with unaffiliated third parties for those unaffiliated third parties’ marketing purposes unless you consent to such sharing.
A cookie is a data file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server. Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiration date, unless deleted by the user before the expiration date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed. Cookies do not typically contain any information that personally identifies a user, but Personal Information that we store about you may be linked to the information stored in and obtained from cookies. Based on what function cookies have and the purpose for which cookies are used, there are four categories of cookies: strictly necessary cookies, performance cookies, functional cookies, and marketing cookies.
Strictly necessary cookies
These cookies are essential in order to enable you to move around the Sites and use their features. Without these cookies, some services cannot be provided – for example, remembering previous actions when navigating back to a page in the same session.
Strictly necessary cookies enable features without which you would not be able to use the Sites as intended. These cookies are used exclusively by BLACKDOT. They are only saved on your computer while you are actually browsing the Sites.
These cookies gather information about how a website is used – for example, which pages a visitor opens most often, and whether the user receives error messages from some pages. These cookies do not save information that would allow the user to be identified. The collected information is aggregated, and therefore anonymous. These cookies are used exclusively to improve the performance of the Sites and user experience.
These cookies enable a website to save information which has already been entered (such as username and location), so that it can offer you improved and more personalized functions. Functional cookies are also used to enable features you request such as playing videos. These cookies collect anonymous information and cannot track your movements on other websites.
These cookies are used to deliver advertisements and other communications more relevant to you and your interests. They are also used to limit the number of times you see an advertisement and to help measure the effectiveness of advertising campaigns. They remember whether you have visited a website or not, and this information can be shared with other organizations such as advertisers (this includes advertising technologies on websites such as LinkedIn and Twitter). Cookies for improving group targeting and advertising will often be linked to site functionality provided by other organizations.
Most browsers allow you to refuse all or some browser cookies, or to alert you when websites set or access cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain information about blocking and deleting cookies for some commonly used browsers via the links below:
• Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website- preferences;
• Internet Explorer: https://support.microsoft.com/en-gb/help/17442/windows-internet- explorer-delete-manage-cookies;
• Opera: http://www.opera.com/help/tutorials/security/cookies/; and
• Safari: https://support.apple.com/kb/PH21411
Please note that blocking all cookies will have a negative impact upon the usability of many websites and if you choose to block cookies, you may not be able to use all the features on our Sites.
We may share non-personally identifiable information, such as aggregated user statistics, in our discretion and without restriction.
BLACKDOT may disclose information including Personal Information with its parent, subsidiaries, and affiliates for a variety of purposes, including for business, operational, and marketing purposes. BLACKDOT may, and reserves the right to, share your information with any other company that is not presently, but becomes, a BLACKDOT parent, subsidiary, or affiliate.
B. EXTERNAL THIRD PARTIES Third Party Service Providers
We may share Personal Information with third party service providers in connection with the service providers’ performance of services to, or on behalf of, the Sites, including conducting quality assurance testing; to facilitate creation of accounts; to provide technical support; and/or to provide other services to BLACKDOT. These service providers may store or use your information outside of the EU or United States.
Third Party Payment Processing
For online payments we use the payment services of Stripe (HTTPS://WWW.STRIPE.COM/) and PayPal (HTTP://WWW.PAYPAL.COM). We do not process, record or maintain your credit card or bank account information and we will share transaction data with our payment services providers only to the extent necessary for the purposes of processing your payments, refunding such payments and dealing with complaints and queries relating to such payments and refunds. For more information on how payments are handled, or to understand the data security and privacy afforded such information, please refer to HTTPS://WWWS.STRIPE/PRIVACY and HTTPS://WWW.PAYPAL.COM/US/WEBAPPS/MPP/UA/PRIVACY-FULL.
Administrative & Legal Reasons
We may transfer and disclose information, including Personal Information, to third parties:
• to comply with a valid legal inquiry or process such as a search warrant, subpoena, statute or court order, or if in our opinion such disclosure is required by law.
• to obtain or maintain insurance coverage, manage risks, obtain professional advice, or establish, exercise, or defend legal claims, whether in court proceedings or in an administrative or out-of-court procedure.
• to protect the safety, interests, rights, property, or security of BLACKDOT, you, or any third party.
• to respond to a breach or attempted breach of the security of our Sites.
• at the request of governmental authorities conducting an investigation.
We may also use Technical Information to identify users, and may do so in cooperation with copyright owners, Internet service providers, wireless service providers, or law enforcement agencies in our discretion.
BLACKDOT may also disclose and transfer your Personal Information: (i) to a subsequent owner, co-owner or operator of the Sites or applicable database, or of our products or services; (ii) if BLACKDOT(or any of its affiliated, parent, or subsidiary companies) assigns its rights regarding any of your information to a third party; or (iii) in connection with a corporate merger, consolidation, restructuring, the sale of certain of BLACKDOT’s ownership interests, assets, or both, or other company change, including, without limitation, during the course of any due diligence process. These transfers and disclosures may be carried out without notice to you.
A. ACCESSING, UPDATING, CORRECTING OR DELETING INFORMATION
You can review, request access to, update, correct or delete your Personal Information by contacting us at legal-compliance@BLACKDOT.com.
You may request deletion of your Personal information by contacting us and we will use commercially reasonable efforts to honor your request, but please note that we may be required to keep such information and not delete it (or to keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements). When we delete any information, it will be deleted from the active database, but may remain in our archives. We may also retain information for fraud prevention or similar purposes. Also, note that we may need to delete your user account in order to delete your Personal Information.
You are responsible for maintaining the accuracy of the information you submit to us, such as your contact information. If you contact us with changes, we will make good faith efforts to make requested changes in our then-active databases as soon as reasonably practicable. Note, however, that information may persist internally for our administrative purposes and that residual data may remain on backup media or for other reasons.
You can ask us to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us.
You may choose not to provide us with any Personal Information. In such an event, you may still be able to access and use some of the Sites; however, you may not be able to access and use those portions of the Sites that require your Personal Information. You may opt out of receiving marketing e-mails by following the opt-out instructions provided to you in those e-mails. Please note that we reserve the right to send you certain communications relating to your account or use of any of the Sites (for example, administrative and service announcements, shipping notices, and order or reservation confirmations) and these transactional account messages may be unaffected if you opt-out from marketing communications.
Where we need to collect Personal Information by law, or under the terms of a contract we have with you and you fail to provide that information when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
We strive to provide you with choices regarding certain Personal Information uses, particularly around marketing and advertising. You can opt-out of such communications as outlined in Section B, above
Please note that you may continue to receive service-related and other non-marketing communications.
BLACKDOT takes commercially reasonable security measures to help protect your Personal Information from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your Personal Information to those employees, agents, contractors and other third parties who have a business need to know. However, please note that transmission over the Internet or wireless networks cannot be guaranteed to be completely secure; and therefore, we cannot ensure or warrant the security of any information we collect. You use our Sites and provide us with your information at your own risk.
We have put in place procedures to respond to any suspected Personal Information breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
The Sites are operated in the United States, and BLACKDOT and third-party service providers and partners operate in the United States and other jurisdictions. If you are located outside of the United States, please be aware that any information you provide to us may be transferred to and processed in the United States and other countries. By using the Site, or providing us with any information, you consent to this transfer, processing, and storage of your information in countries where the privacy laws may not be as comprehensive as those in the country where you reside or are a citizen.
23456 Madero Suite 210
Mission Viejo, CA 92691
Attn: General Counsel
A. PERSONAL INFORMATION
We will only use your Personal Data when the law allows us to do so. Most commonly, we will use your Personal Information in the following circumstances:
• Where we need to perform obligations relating to a contract to which you are a party or to take steps at your request before entering into such a contract.
• Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. Our legitimate interests include those related to conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your Personal Information for our legitimate interests. We do not use your Personal Information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.
• Where we need to comply with a legal or regulatory obligation.
Generally, we do not rely on consent as a legal basis for processing your Personal Information other than in relation to sending marketing communications to you via email. You have the right to withdraw consent to marketing at any time by contacting us using the contact information provided above.
We have set out below, in a table format, a description of the ways we plan to use your Personal Data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate. Note that we may process your Personal Data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground, we are relying on to process your Personal Data where more than one ground has been set out in the table below.
Type of Information
Lawful basis for processing including basis of legitimate interest
To register you as a new customer or user
Performance of a contract with you and/or taking steps, at your request, to enter such a contract
To process and deliver products and services including:
(a) Deliver requested goods and services
(b) Manage payments, fees and charges
(c) Collect and recover money owed to us
(e) Marketing and Communications
(a) Performance of a contract with you and/or taking steps, at your request, to enter such a contract(b) Necessary for our legitimate interests (to recover debts due to us)
To manage our relationship with you which will include:
(b) Asking you for feedback
(d) Marketing and Communications
(a) Performance of a contract with you and/or taking steps, at your request, to enter such a contract
(b) Necessary to comply with a legal obligation
(c) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)
To administer and protect our business and the Sites (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)
(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganization or group restructuring exercise)
(b) Necessary to comply with a legal obligation
To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you
(e) Marketing and Communications
Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences
Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)
To make suggestions and recommendations to you about goods or services that may be of interest to you
Necessary for our legitimate interests (to develop our products/services and grow our business)
We will only retain your Personal Data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances, you can ask us to delete your data: see the Request Erasure subsection below for further information.
In some circumstances we may anonymize your Personal Data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
We will only use your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your Personal Data for an unrelated purpose, we will notify you and we will explain the legal basis that allows us to do so.
Please note that we may process your Personal Data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Under certain circumstances, EU Residents may have rights under data protection laws in relation to your Personal Data as outlined below:
• Request access to your Personal Data (commonly known as a “data subject access request”). This enables you to receive a copy of the Personal Data we hold about you and to check that we are lawfully processing it.
• Request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
• Request erasure of your Personal Data. This enables you to ask us to delete or remove Personal Data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your Personal Data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your Personal Data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons that will be notified to you, if applicable, at the time of your request.
• Object to processing of your Personal Data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation that makes you want to object to processing on this ground as you feel it affects your fundamental rights and freedoms. You also have the right to object where we are processing your Personal Data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information that override your rights and freedoms.
• Request restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of your Personal Data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
• Request the transfer of your Personal Data to you or to a third party. We will provide to you, or a third party you have chosen, your Personal Data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
• Withdraw consent at any time where we are relying on consent to process your Personal Data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
If you wish to exercise any of the rights set out above, please contact us at legal- compliance@BLACKDOT.com.
No Fee Usually Required
You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights)