EFFECTIVE AS OF DATE OF LAST MODIFICATION: August 14, 2017
EU-U.S. Privacy Shield Statement:
A. INFORMATION WE COLLECT
Our website may collect two kinds of information about you: (1) information that you provide that personally identifies you; and (2) information that does not personally identify you.
1. Personal Information:
Personal Information is any information that identifies you or can be used to identify or contact you, such as your name, date of birth, mailing address, phone number, and other similar information. We do not automatically collect your Personal Information when you visit our website, but in some circumstances, we may request, allow, or otherwise provide you an opportunity to submit your Personal Information in order to use a feature, program, promotion, or some other aspect of our website. For example, you may provide Personal Information when registering with our website, using our online store or in connection with a contest entry; and you may provide certain demographic information about yourself (e.g., age, gender, purchase preference, usage frequency, etc.) when participating in a survey or poll. Certain information may not be personally identifiable when standing alone (e.g., your age), but may become personally identifiable when combined with other information (e.g., your age and name). You may choose whether to provide this information, but at times the information is required to participate in the particular activity, to access to certain content on our website, or to accept a benefit we offer.
2. Non-Personal Information:
Non-personal information is any information that does not personally identify you. Non-personal information can include certain Personal Information that has been de-identified; that is, information that has been rendered anonymous. We and/or our third-party service providers obtain non-personal information about you from information that you provide us, either separately or together with your Personal Information. We and/or our third-party service providers also automatically collect certain non-personal information from you when you access our website.
B. HOW WE USE, COLLECT & SHARE YOUR INFORMATION
1. Personal Information:
2. Non-Personal Information:
We and our service providers may use technologies that automatically collect certain website usage information whenever you visit or interact with the website. This information may include browser type, operating system, the page served, the time, the source of the request, the preceding page view, and other similar information. We may use this information for a variety of purposes, including to enhance or otherwise improve the website. In addition, we may also collect your IP address or some other unique identifier for the particular device you use to access the Internet, as applicable (collectively, referred to herein as a “Device Identifier”). A Device Identifier is a number that is automatically assigned to your computer, and we may identify your device by its Device Identifier. When analyzed, usage information helps us determine how our website is used, such as what types of visitors arrive at the website, what type of content is most popular, what type of content you may find most relevant, and whether users are interested in particular kinds of content and advertising. We may associate your Device Identifier or website usage information with the Personal Information you provide, but we will treat the combined information as Personal Information. We may also acquire and use information from other sources about your visits over time and across other third-party websites in order to serve more targeted advertising to you. Third-party service providers, as well as advertisers, may collect and use information about your visits over time and across the other third-party websites.
Website usage information may be collected using various methods, such as the following:
One type of cookie automatically expires after your session has ended. This is called a session cookie. Your user settings, in particular, are saved as session cookies so that this website can always be used in the form you require. Another permanently stored anonymous cookie contains the version number of your Flash player. In addition to this, user settings, such as language selection, language recognition settings, user IDs for various applications, are saved in both session cookies and permanent cookies by Stampin’ Up! in order to facilitate theuse of the website.
Deactivating cookies will mean that a number of website functions will no longer operate as intended.
Third-Party Ad Server Networks –
Some of the ads you see on the Web or in applications on your mobile device are tailored to your interests and based on your activity online or in the applications on your mobile device. This type of ad tailoring—sometimes called "interest-based" or "online behavioral" advertising—is enabled through various technologies, including browser cookies, mobile advertising identifiers as well as other non-cookie technologies. To learn more about interest based advertising—including how to opt out—you can visit the Network Advertising Initiative’s opt out page at http://optout.networkadvertising.org.
Log files –
Stampin’ Up! uses third-party tracking services that use technology to track non-personal information about visitors to this website. Each time a page is called up, access data are saved in a protocol file, the server log. The data record thus saved contains the following data:
Your IP address (by means of which your computer can be unambiguously identified)
The remote host (name and IP address of the computer requesting the page)
The time, the status, the quantity of data transferred and the Internet page from which you accessed the requested page (referrer)
The product and version information of the browser used (user agent)
A standardized web server log file format is used for this purpose. Provided these data are not urgently required for the technical maintenance of the system or for the system security, they are anonymized instantly and the original protocols are deleted. Anonymization takes place by removal or truncation of the IP address by allocating a code not assigned to a user. Any allocation to an identified or identifiable person is therefore no longer possible. Stampin’ Up! uses protocol data (logs) exclusively in anonymized form for statistical evaluations, without any allocation or references to your personal details. This enables us to detect possible program errors or faulty links, and allows for ongoing development and refinement of the website. Stampin’ Up! does not link the page requests and usage information to individual persons.
Web Beacons –
Web beacons are small graphic images or other web programming code (also known as “clear GIFs”). These may be included in our web pages and email messages. Web beacons may be invisible to you, but any electronic image or other web programming code inserted into a web page or email message can act as a web beacon. Web beacons or similar technologies may be used to count visitors to the website, to monitor how users navigate the website, to count how many emails that were sent were actually opened or to count how many particular articles or links were actually viewed, among other things.
Mobile Device Identifiers –
Some mobile service providers uniquely identify mobile devices and we may receive such device information if you access the website through mobile devices. Some features of our website may require collection of mobile phone numbers, and we may associate that phone number to mobile device identification information. Additionally, some mobile phone service providers operate systems that pinpoint the physical location of devices that use their service. Depending on the provider, we may receive this information.
Embedded Scripts –
An embedded script is programming code that is designed to collect information about your interactions with the website, such as the links you click on. The code is temporarily downloaded onto your Computer from our web server or a third-party service provider, is active only while you are connected to the website, and is deactivated or deleted thereafter.
We use non-personal information in a variety of ways, including to help analyze site traffic, understand customer needs and trends, carry out targeted promotional activities, and to improve our services. We may use your non-personal information by itself or aggregate it with information we have obtained from others. We may share your non-personal information with our affiliated companies and third parties to achieve these objectives, but the aggregate information is anonymous information that does not personally identify you. We may provide our analysis and certain non-personal information to third parties (who may in turn use this information to provide advertisements tailored to your interests), but this will not involve disclosing any of your Personal Information.
C. Other Uses
1. Email Communications:
If you send us an email, we may use your Personal Information to respond to your questions or comments, and we may save your questions or comments for future reference. For security reasons, we do not recommend that you send non-public Personal Information to us by email, such as passwords, social security numbers, or bank account information. We may send you email (a) if you request a particular service or sign up for a feature that involves email communications; (b) if it relates to purchases you have made with us (e.g., product updates, customer support, etc.); (c) if we are sending you information about our other products and services; (d) if you consented to being contacted by email for a particular purpose; (e) if you send us an email or otherwise submit information to us electronically, we may email you to follow-up or otherwise communicate with you with respect thereto; (f) to provide you legal notices or notices with respect to your use of the website; or (g) to otherwise facilitate a transaction between us. You may “opt out” of receiving future commercial email communications from us by clicking the “unsubscribe” link or following the other instructions included at the bottom of most emails we send, or as provided below in Section V, “CHOICE”. We reserve the right to send you transactional emails such as customer service communications.
2. Transfer of Assets:
If another entity acquires us or all (or substantially all) of our assets, the Personal Information and non-personal information we have about you will be transferred to and used by this acquiring entity, though we will take reasonable steps to ensure that your preferences are followed. Also, if any bankruptcy or reorganization proceeding is brought by or against us, all such information may be considered an asset of ours and as such may be sold or transferred to third parties.
Notwithstanding anything herein to the contrary, we reserve the right to disclose any Personal Information or non-personal information about you if we are required to do so by law, and/or if we believe that such action is necessary to (a) fulfill a government request; or (b) conform with the requirements of the law or legal process.
4. Sweepstakes Contests and Promotions:
We may offer sweepstakes, contests, and other promotions through the website that may require registration. By entering any promotion, you are agreeing to the official rules that govern that promotion, which may contain specific requirements of you, including, except where prohibited by law, allowing the sponsor(s) of the promotion to use your name, voice, and/or likeness in advertising or marketing associated with the promotion. If you choose to enter a sweepstakes, contest, or other promotion, Personal Information may be disclosed to third parties or the public in connection with the administration of such promotion, including, without limitation, in connection with winner selection, prize fulfillment, and as required by law or permitted by the promotion’s official rules, such as on a winners’ list.
5. Your California Privacy Rights:
California’s "Shine the Light" law, Civil Code section 1798.83, provides residents of the State of California the right to request a list of all third parties to which we have disclosed certain Personal Information as defined under California law during the preceding year for third-party direct marketing purposes. You are limited to one request per calendar year. In your request, please provide a current California address for our response. You may request the information in writing at [or by email to]
Legal 12907 S. 3600 W. Riverton, UT 84065 Email: email@example.com
6. Browser Do Not Track Signals:
Some third-party browsers provide “do not track” machine readable signals for websites, which are automatically applied by default and, therefore, do not necessarily reflect visitors’ choices as to whether they wish to receive advertisements tailored to their interests. As a result, we do not respond to these signals.
7. Third-Party Ad Server Networks:
Our website is not intended for children. We do not knowingly collect Personal Information from children under the age of thirteen (13). If you are a parent or guardian of a child under the age of thirteen (13) and believe he or she has disclosed Personal Information to us, please contact us at firstname.lastname@example.org. A parent or guardian of a child under the age of thirteen (13) may review and request deletion of such child’s Personal Information, as well as prohibit the use thereof.
E. OTHER SITES/LINKS
Our website may link to or contain links to other third-party websites that we do not control or maintain, such as in connection with purchasing products referenced on our website and banner advertisements. We are not responsible for the privacy practices employed by any third-party websites. We encourage you to note when you leave our website and to read the privacy statements of all third-party websites before submitting any Personal Information.
F. THIRD-PARTY APPLICATIONS
Third-party applications may be available via the website. The owners of these applications (“Third-Party Owners”) may collect Personal Information from you and may have their own policies and practices. We are not responsible for the policies or the practices of Third-Party Owners or how they or their applications use your Personal Information. These Third-Party Owners may have their own terms of service, privacy policies, or other policies, and ask you to agree to the same. You should review any available policies before submitting any Personal Information to a third-party application.
II. DATA INTEGRITY
We use security measures to protect against the loss, misuse, and alteration of the information under our control. While we strive to protect your Personal Information and privacy, we cannot guarantee or warrant the security of any information you disclose or transmit to us online and are not responsible for the theft, destruction or inadvertent disclosure of your Personal Information. In the event that your “Personal Information” (as such may be defined by any applicable law requiring notice upon a security breach) is compromised, we may notify you by email (in our sole discretion) to the last email address you provided us in the most expedient time reasonable under the circumstances, provided, however, delays in notification may occur while we take necessary measures to determine the scope of the breach and restore reasonable integrity to the system, as well as for the legitimate needs of law enforcement if notification would impede a criminal investigation. From time to time we evaluate new technology for protecting information and, when appropriate, we upgrade our information security systems.
It is Stampin’ Up!’s policy to provide individuals with access to personal data about them that Stampin’ Up! holds and to provide them with a means to request the correction, amendment, or deletion of that information where it is inaccurate or, for information obtained in reliance on the Privacy Shield, has been processed in violation of the Privacy Shield Principles, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated.
Chief Privacy Officer Stampin’ Up! Inc. 12907 S. 3600 W. Riverton, UT 84065 U.S.A. Phone: 1-800-STAMP UP Email: email@example.com
We will respond to your request and, if applicable and appropriate, make the requested change in our databases as soon as reasonably practicable. Please note that we may not be able to fulfill certain requests while allowing you access to certain benefits and features of our website. Also please note that it is not always possible to completely change, remove or delete all of your information from our databases, and that residual data may remain on backup media or for other reasons.
For any Privacy Shield-related complaints that cannot be resolved with Stampin’ Up! directly, Stampin’ Up! has chosen to cooperate with EU data protection authorities (DPAs) and comply with the information and advice provided to it by an informal panel of DPAs in relation to such unresolved complaints. If you do not receive timely acknowledgement of your complaint or if your complaint is not satisfactorily addressed by Stampin’ Up!, please visit ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm for the website and contact information of the appropriate DPA, or contact Stampin’ Up! to be directed to the relevant DPA contacts. As further explained in the Privacy Shield Principles, a binding arbitration will also be made available to you in order to address residual complaints not resolved by any other means.
VI. ACCOUNTABILITY FOR ONWARD TRANSFER
The website is operated in the U.S.A. and is intended for users located in the U.S.A. If you are located in the European Union, Canada, or elsewhere outside of the U.S.A., please be aware that information we collect will be transferred to and processed in the U.S.A. By using the website or providing us with any information, you consent to this transfer and processing of your information in the U.S.A. as provided herein.
Stampin’ Up! discloses personal data that it collects to its independent distributors, known as “demonstrators,” upon your request for the fulfillment of orders and the establishment of a business-to-consumer relationship with the demonstrator.
Stampin’ Up! may be required to disclose personal data in response to lawful requests by public authorities, including disclosures to meet national security or law enforcement requirements.
When transferring personal data to demonstrators or third-party controllers, we comply with the Notice and Choice Principles as described above. Consistent with Privacy Shield timing requirements for onward transfer compliance, Stampin’ Up! will enter into a contract with the third-party controller that provides that such data may only be processed for limited and specified purposes consistent with the consent provided by the individual and that the recipient will provide the same level of protection as the Privacy Shield Principles and will notify Stampin’ Up! if it makes a determination that it can no longer meet this obligation. The contract shall provide that when such a determination is made, the third party controller ceases processing or takes other reasonable and appropriate steps to remediate.
Stampin’ Up! may transfer personal data to service providers acting on its behalf. In such cases, consistent with Privacy Shield timing requirements for onward transfer compliance, Stampin’ Up! will transfer such data only for limited and specified purposes; ascertain that the service provider is obligated to provide the same level of protection as is required by the Privacy Shield Principles; will require that the service provider notify Stampin’ Up! if it makes a determination that it can no longer meet this obligation to provide the same level of protection as required by the Privacy Shield Principles; upon notice, take reasonable and appropriate steps to remediate unauthorized processing; and provide a summary or a representative copy of the relevant privacy provisions of its contact with that service provider to the U.S. Department of Commerce upon request.
Stampin’ Up!’s compliance with its Privacy Shield obligations is subject to investigation and enforcement by the U.S. Federal Trade Commission. Stampin’ Up! is also required by the Privacy Shield program to respond promptly to inquiries and requests for information from the U.S. Department of Commerce.