Our Commitment to Privacy
We care about your privacy and understand how important it is to care for personal information. We appreciate your trust.
The Information We Collect
The information we collect falls into two broad categories: (1) information you voluntarily provide to us and (2) information that is automatically collected.
Information You Voluntarily Provide to Us: Generally, you can visit the Company site without providing any personal or sensitive personal data. However, on some pages, we collect personal data in order to provide a service or carry out a transaction requested by you. See below for what personal data is collected and how it is used. We may also ask for feedback relating to our goods or services. Participation is voluntary and you are not required to provide this information. There generally is no negative effect on you if you choose not to provide your personal data. However, since personal data may be needed to process an order, if you choose not to participate, we may not be able to perform a requested service or complete a transaction.
- What is a cookie? A cookie is a small text file that is placed on a computer or other device and is used to identify the user or device and to collect information. Cookies help to track user trends and patterns and also relieve users from having to re-enter their preferences on certain areas of the site where they have previously entered preference information. The cookie types we use to collect personal data and non-personal data include the following attributes: session cookies, persistent cookies, third-party cookies.
- What is a web beacon? A web beacon is an often-transparent graphic image, usually no larger than 1 pixel x 1 pixel that is placed on a website or in an email that is used to monitor the behavior of the user visiting the website or opening the email. It is often used in combination with cookies. We use web beacons to access cookies and to count users who visit our site or open email messages. We collect this information to improve the delivery of our web pages to you and to measure traffic on our site. We sometimes use the non-identifying and aggregate information that is collected as described above to enhance the design of our site and help us understand the needs of our visitors.
- What is a “Share” button? Our website also contains “Share” buttons. Any user who wishes to share content in this manner must have already provided login credentials to the “Share” site. We do not collect any user login information for third-party “Share” sites including those listed below. We have no influence regarding the scope of the data which is collected with the aid of the “Share” buttons, and therefore can only provide you with information for the third-party sites that have been, may be, or are integrated into our website as :
- Facebook, operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). Your rights can be viewed at facebook.com/policy.php.
- Twitter, operated by Twitter, Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. Your rights can be viewed at: https://about.twitter.com/en_us/company/brand-resources.html.
- G+button of the social network Google Plus, operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Your rights can be viewed at google.com/intl/policies/policies/privacy/.
- Pinterest, Pinterest Trademark Agent, 635 High Street, Palo Alto, CA 94301, USA. Your rights can be viewed at pinterest.com/about/privacy.
- LinkedIn, LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Your rights can be viewed at linkedin.com/legal/privacy-policy.
- Gmail, Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Your rights can be viewed at google.com/intl/policies/policies/privacy/.
- TikTok, 5800 Bristol Parkway, Suite 100, Culver City, CA 90230, USA. Your rights can be viewed at https://www.tiktok.com/legal/cookie-policy?lang=en.
How We Use Your Information
We will obtain your consent to collect, use or disclose personal data except where we are authorized or required by law to do so without consent.
California consumers may scroll down for a more fulsome review of how the Company uses your personal information.
In general, consent may be express or implied. We process personal data for these services and business-related purposes:
- Account creation: We use personal data such as your name, email address, mailing address, and phone number to set up and administer your account and to provide customer support and training, send important account and service information, and to allow us to communicate with you. To verify that you are a customer, we may also ask for your system’s serial number.
- Sales orders and service: We use personal data such as your name, email address, mailing address, phone number, and financial and bank information including credit card numbers in order to provide service for a product or for product orders.
- Marketing purposes: We use personal data such as your name, email address, mailing address, and phone number to send marketing communications and to respond to inquiries about The Company, its products, services, and promotional activities to you across various platforms, such as email, phone, text messaging, direct mail and online. We may also collect information about the quality and success of our email marketing (e.g., by analyzing the opening or click rates of our emails).
- Sweepstakes and contest entries: We use personal data such as name, email address, mailing address, and phone number for entry into sweepstakes and contests.
- Surveys and polls: If you choose to participate in a survey or poll, any personal data, such as name, email address, mailing address, and phone number you provide may be used for marketing or market research purposes.
- Legal obligations: We may be required to use and retain personal data for legal and compliance reasons, such as the prevention, detection, or investigation of a crime; loss prevention; or to combat fraud. We may also use personal data to meet our internal and external audit requirements, information security purposes, and as we otherwise believe to be necessary or appropriate: (a) under applicable law, which may include laws outside your country of residence; (b) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include such authorities outside your country of residence; (c) to enforce terms and conditions; and (d) to protect our rights, privacy, safety, or property, or those of other persons.
When We Share Personal Data
The Company will not provide personal data to any third party or use the information for an undisclosed purpose except as otherwise noted at the point where the information is collected and where necessary to provide services or conduct our business operations as described below. We share personal data in accordance with data privacy and security requirements, and we occasionally will share non-personal, anonymized, and statistical data with third parties. We make appropriate efforts to ensure that the entities we share personal data with do not further distribute the information such as entering into non-disclosure agreements.
California consumers may scroll down for a more fulsome review of with whom THE COMPANY shares your personal information.
- Within the Company: The Company is comprised of a U.S.-based operation with several offices / locations around the United States. We are supported by a variety of teams and functions. Personal data may be shared with the Company, our agents and contractors, and our suppliers and service providers if needed to provide services or fulfill product orders, for account administration, to facilitate sales and marketing, for customer and technical support, and to promote business and product development.
- With third-party service providers: We have third-party suppliers and service providers around the world. Personal data will be made available to these parties only when necessary to fulfill the services they provide to us such as software, system, and platform support; direct marketing services; cloud hosting services; advertising; data analytics; and order fulfillment and delivery. Our third-party service providers are not permitted to share or use personal data we make available to them for any purpose other than to fulfill their obligations to the Company.
- With third parties for legal reasons: We will share personal data when we believe we are legally required to, such as:
- Under applicable law or by legal process such as a court order.
- To prevent physical harm or property damage, and to protect our rights, users, systems and services.
- As part of an investigation of suspected or actual unlawful conduct.
- To comply with and respond to requests from government agencies, including law enforcement and other public authorities, which may include such authorities outside your country of residence.
- In the event of a merger, sale, restructure, acquisition, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings).
How We Store and Process Personal Data
- All personal data input by you through the use of this site is submitted directly to the Company in the United States. By submitting your personal data through this site, you are hereby consenting to transfer of your personal data to the Company in the United States.
- Your personal data submitted through this site will be shared with the specific office of the Company necessary in order to provide you with services, products and support specific to your location. That office will also provide you with any marketing or sales communications.
How We Secure Personal Data
The Company takes the security of personal data it collects and retains seriously. We are committed to safeguarding it and protecting against unauthorized access to, or use of, our information assets and any other anticipated threats or hazards to the security and integrity of such assets. Measures we take to safeguard personal data include appropriate policies and procedures to address risk management, appropriate restrictions on access to personal data; monitoring and physical measures for the secure storage and transfer of personal data; training for employees, agents and contractors with access to personal data; and vendor risk management requiring contractual obligations to protect any personal data with which they are entrusted in accordance with our security policies and procedures.
How Long We Keep Personal Data
The Company has policies and procedures relating to the retention of personal data based upon a classification scheme consisting of business functions and process areas, and the classification and types of data and records. We retain personal data for as long as we reasonably require it for business and legal purposes. In determining data retention periods, the Company considers contractual and legal obligations, and the expectations and requirements of customers, vendors, suppliers and others who share their personal data with us. When we no longer need personal data, we securely delete or destroy it.
California Rights Regarding Personal Information
California consumers may scroll down for information on rights to opt out, access, or delete California consumer personal information.
Opting out: To opt out of marketing email, you can use the unsubscribe link found in the email communication you receive from us. You may also use the “Contact Us” option within the relevant service to opt out and elect not to receive further emails from us. Please provide the email address from which you are receiving electronic communications.
Our Special Commitment to Children’s Privacy
Protecting the privacy of the very young is especially important. For that reason, we do not knowingly collect personal data from children under the age of 13. This website is not intended for anyone under the age of 16. If you are younger than 16, you may not use this website.
Do Not Track
"Do Not Track" is a privacy preference that you can set in most browsers that sends a signal to a website that you do not want the website operator to track certain browsing information about you. However, because our site is not configured to detect Do Not Track signals from a user’s computer, we are unable to respond to Do Not Track requests at this time.
How To Contact Us
California residents only – please click here for information on contacting us.
- You may contact us via email at firstname.lastname@example.org
- For marketing preferences and services support relating to updating your account information or email marketing preferences, or for technical support or other help with services, please use the “Contact Us” option for the relevant service.
European residents’ rights to access, correct, or delete European resident personal data. This section supplements the information above and applies solely to European residents. This section is to comply with the European General Data Protection Regulation (GDPR) that provides European residents the right to access and control their personal data. We will endeavor to respond to requests for information about personal data and, where applicable will correct, amend, or delete European residents’ personal data.
- Access to personal data: Requests for European residents’ access to personal data should be submitted via the “Contact Us” option within the relevant service used or by sending us an email at email@example.com. We will comply with requests for access to your personal data, subject to any relevant legal requirements and exemptions. We will make commercially reasonable efforts to provide you reasonable access to any of your personal data we maintain within 30 days of your access request. If we cannot honor your request within the 30-day period, we will inform you when we will be able to provide access. In the event that we cannot provide you access to this information, we will explain why we cannot do so. We will ask for proof of your identity in order to confirm your identity and that you are seeking access to personal data belonging to you, and also sufficient information about your interaction with us so that we can locate any relevant data.
- Correction to and deletion of personal data: The GDPR also provides European residents with the right to correct or amend personal data if it is inaccurate or requires updating, and also the right to request deletion of your personal data. Due to legal requirements and other obligations and factors, this is not always possible. Remember that account information may be corrected, deleted, or updated by using the “Contact Us” option within the relevant service. For inquiries of this nature, please contact us at firstname.lastname@example.org.
- Choices: Some personal data is necessary in order to provide certain services. However, you may choose to limit the Company use of your personal data by adjusting your browser settings, opting out, or you may contact us at email@example.com for more information regarding your choices. Since personal data may be needed to process an order, if you choose not to participate, we may not be able to perform a requested service or complete a transaction.
- Filing a Complaint: EU residents have the right to make a complaint to a data protection regulator in the event of dissatisfaction with how the Company manages their personal data. A list of National Data Protection Authorities can be found here: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm. Please contact us at firstname.lastname@example.org with any requests related to your personal data.
California Consumer Information
This section supplements the information above and applies solely to California consumers. This section is to comply with the California Consumer Privacy Act (CCPA) that provides California residents the right to access and control their “Personal Information,” which is defined by the CCPA as information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California consumer.
The Company will endeavor to respond to California consumers’ requests for information about their Personal Information, subject to any relevant legal requirements and exemptions, and, where applicable and subject to compliance and legal obligations, will opt out of the sale, correct, amend, or delete a California consumer’s Personal Information.
For California residents, there are only two instances where California consumer Personal Information is collected directly by the Company: for job applicants and for consumers ordering products or services from the Company. Outside of job applicants, the collection and/or processing of California consumers’ Personal Information regulated by the CCPA is limited to interactions between California consumers and the Company.
California Resident Personal Information collected by the Company. During the last twelve (12) months, the Company collected the following categories of Personal Information from California consumers:
A real name, Internet Protocol address, email address, other similar identifiers.
Personal Information categories listed in the California Customer Records statute (Cal.
A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some Personal Information included in this category may overlap with other categories.
Protected classification characteristics under California or federal law
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait or other physical patterns, and sleep, health, or exercise data.
Internet or other similar network activity
Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement
Physical location or movements.
Audio, electronic, visual, thermal, olfactory, or similar information
Professional or employment-related information
Current or past job history or performance evaluations
Non-public education information (per the Family Educational
Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
Inferences drawn from other personal information
Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitude.
Personal Information as defined by the CCPA does not include:
- Publicly available information from government records.
- De-identified or aggregated California consumer’s Personal Information.
- California consumer Personal Information excluded from the CCPA’s scope such as:
- health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIS) or clinical trial data;
- personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.
The Company obtains the categories of Personal Information listed above from the following categories of sources:
- Directly from California consumers. For example, from forms submitted on the Company website for product warranty and registration, photo printing and personalized photo product fulfillment, customer service transactions with the service center, entries into sweepstakes and contests, and job applications.
- Directly and indirectly from California consumers. For example, website usage details collected automatically.
- From third parties in connection with the services The Company performs for them or for potential employment or engagement services. For example, from employment agencies, background check providers, former employers, credit reference agencies, or other background check agencies.
- From third party data resellers through contact lists that the Company purchased or rented for purposes of sending marketing-type communications.
- From social media platforms, including Facebook, Twitter, YouTube, Pinterest and Instagram.
The Company Use of California Consumer Personal Information
The Company may use or disclose California consumer Personal Information for one or more of the following business purposes:
- To fulfill or meet the reason for which the information is provided. For example, if a name and contact information is provided to ask a question about a Company offered product or service, or to request service for a Company provided product, the Company will use that Personal Information to respond to the inquiry. If the information is provided to purchase a product or service, it will be used to process payment, facilitate delivery, and may be maintained for service inquiries.
- To provide information about Company products, services and related support that is requested.
- To provide email communications, event registrations and other notices about Company products and services or news that may be of interest.
- For entry into a sweepstakes or contest at the California consumer’s request.
- To consider California consumers for potential employment or engagement.
- To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
- As described at the point where Personal Information is collected or as otherwise set forth in the CCPA.
The Company will not collect additional categories of Personal Information or use the Personal Information collected for materially different, unrelated, or incompatible purposes without providing notice to the California consumer, unless required or permitted by applicable laws. Sharing California Consumer Personal Information. The Company may disclose California consumer Personal Information to a third party for a business purpose. When such a disclosure is for a business purpose, the Company enters into a contract that describes the purpose and requires the recipient to both keep the Personal Information confidential and not use it for any purpose except performing the contract. In the preceding twelve (12) months, the Company has disclosed the following categories of California consumer Personal Information for a business purpose:
- California Customer Records personal information categories
- Professional or employment-related information
The Company disclosed California resident Personal Information for a business purpose to the following categories of third parties:
- Company agents and contractors
- Suppliers and service providers
- Third parties to whom the California consumer or its agents authorize disclosure of Personal Information in connection with products or services we provided to the California consumer.
The Company does not sell Personal Information. California Consumers’ Rights and Choices. The CCPA provides California consumers with specific rights regarding their Personal Information. This section describes California consumers’ rights and explains how to exercise those rights.
- Access to Specific Information and Data Portability Rights. California consumers have the right to request certain information be disclosed to them about The Company collection and use of their Personal Information over the last twelve (12) months. Once the request is received and identity is verified, the Company will disclose to the California consumer:
- The categories of Personal Information collected about the California consumer.
- The categories of sources for the Personal Information collected about the California consumer.
- The business or commercial purpose for collecting or selling that Personal Information.
- The categories of third parties with whom the Personal Information is shared.
- The specific pieces of Personal Information collected about the California consumer (also called a data portability request).
- If the California consumer’s Personal Information was sold or disclosed for a business purpose, two separate lists disclosing:
- sales, identifying the Personal Information categories that each category of recipient purchased; and
- disclosures for a business purpose, identifying the Personal Information categories that each category of recipient obtained.
Note that specific Social Security numbers, driver’s license numbers or California identification card numbers, financial account numbers, health insurance or medical identification numbers or information, account passwords or security questions and answers will not be disclosed to any California consumer.
- Deletion Rights Requests. The CCPA provides California consumers the right to request deletion of their Personal Information collected and retained, subject to certain exceptions. Once a request is received from a California consumer and identity is verified, the Personal Information will be deleted, and any service providers who may have the Personal Information will be directed to delete as well, unless an exception applies. Requests to delete require confirmation of deletion instructions. The Company may deny a deletion request if retaining the Personal Information is necessary for the Company or its service providers to:
- Complete the transaction for which the Personal Information was collected, provide a good or service that was requested, take actions reasonably anticipated within the context of an ongoing business relationship, or otherwise perform a contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 ).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if the California consumer previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on the California consumer’s relationship with The Company.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which the Personal Information was provided by the California consumer.
- Exercising Access, Data Portability and Deletion Rights. Only a California consumer or a person registered with the California Secretary of State that is authorized to act on a California consumer’s behalf (“Authorized Agent”) may make a request to exercise the access, data portability and deletion rights described above. Requests may also be made on behalf of a minor child. Requests for access or data portability may only be made twice within a 12-month period. The request must:
- provide sufficient information that allows the Company to reasonably verify the requestor is the person about whom the Personal Information is collected or an Authorized Agent and
- describe the request with sufficient detail that allows the Company to properly understand, evaluate, and respond to it.
Requests should be made to the entity that collected the California consumer’s Personal Information. If the Company determines that another entity collected the Personal Information and shared it with the Company as a service provider, the requestor will be directed to submit the request to the entity that collected the Personal Information. California consumers or Authorized Agents may submit requests under the CCPA to the Company by:
- Completing and electronically submitting the form found here,
- OR sending an email to the Company at email@example.com
California consumers may learn more about their rights under the CCPA by visiting https://oag.ca.gov/privacy/ccpa or send inquiries to the Company at firstname.lastname@example.org. The Company cannot respond to requests or provide Personal Information if it is unable to verify a requestor’s identity or authority to make the request and confirm the Personal Information relates to the requestor. Making a request does not require you to create an account with the Company. Personal Information provided for identity verification for such requests will only be used to verify the requestor's identity or authority to make the request.
- Response Timing and Format. The Company endeavors to respond to verified requests from California consumers within 45 days of receiving the request. If more time is required to comply with the request, the Company will inform the requestor of the need for an extension (up to an additional 45 days) and the reason in writing. If the requestor has an account with the Company, a response will be delivered to that account. If the requestor does not have an account with the Company, a response will be sent via email or regular mail, at the requestor’s option. Disclosures will only cover the 12-month period preceding the verified request. If the Company is unable to comply with a request, it will explain the reasons why. For verified data portability requests, requestors will be able to select a format to provide the Personal Information in that is readily usable and should allow the requestor to transmit the information from one entity to another without hindrance.
There is no fee or charge for processing or responding to verified requests unless a request is excessive, repetitive, or manifestly unfounded. If the Company determines that a request warrants a fee, it will explain that decision to the requestor and provide a cost estimate prior to complying with the request.
- Identity Verification Requirements. The CCPA requires a verification process to confirm the identity of a California consumer who is exercising their rights as described above. Requests for additional information for verification purposes will be sent via email or regular mail, at the California consumer’s preference. If an Authorized Agent is being utilized for a request under the CCPA, The Company will require proof of the Authorized Agent’s authority for the particular California consumer and the identity verification will occur directly with the California consumer about whom the request is being made. If verification is necessary and the California consumer or its Authorized Agent making the request cannot or does not provide the additional requested information, the request may be denied.
Taking into consideration the type, sensitivity, and value of the Personal Information, the risk of harm posed by any unauthorized access or deletion, the likelihood that fraudulent or malicious actors might seek the information, whether the identity verification process is sufficiently robust to protect against fraudulent requests or being spoofed or fabricated, the nature of the transaction between the California consumer and the Company, and available technology for verification:
- Verification for Password-Protected Accounts. Verification may include using the existing authentication practices for the account.
- Verification for Non-Account Holders:
- Requests to know categories of Personal Information: The CCPA requires the identity of the California consumer be verified to a reasonable degree of certainty, and may include matching at least two data points provided by the California consumer with data points maintained by the Company, and which the Company believes to be reliable for verification purposes.
- Requests to know specific pieces of Personal Information: The CCPA requires the identity of the California consumer be verified to a reasonably high degree of certainty, and may include matching at least three pieces of Personal Information provided by the California consumer with data points maintained by the Company, and which the Company believes to be reliable for verification purposes. Additionally, the California Consumer must complete and submit a declaration under the penalty of perjury with an original signature that the California consumer making the request is the consumer whose Personal Information is the subject of the request.
- Requests to Delete: The verification required for a request to delete depends on the sensitivity of the Personal Information and the risk of harm to the California consumer posed by the unauthorized deletion.
- Non-Discrimination. The Company will not discriminate against a California consumer for exercising any rights under the CCPA. Unless permitted by the CCPA, the Company will not:
- deny goods or services,
- charge different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties,
- provide a different level or quality of goods or services, or
- suggest that a California consumer may receive a different price or rate for goods or services or a different level or quality of goods or services.
The Company may offer certain financial incentives permitted by the CCPA that may result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive offered will reasonably relate to a California consumer’s Personal Information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires a California consumer’s prior opt in consent, which may be revoked at any time.
Thank you for visiting the Company site, which is operated by Milli Mylk, Inc. with an address of 601 W 26th St. Suite 1285, New York, NY 10001.
© 2022 Milli Mylk, Inc. All rights reserved.