SECTION 4 - THIRD-PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform certain services they provide to us. Certain third-party services, such as payment gateways and other transaction or payment processors are required to abide by security standards imposed on them, such as the Payment Card Industry Data Security Standard (PCI-DSS), which is a set of security standards designed to ensure that all payment processors that accept, process, store or transmit credit card information maintain a secure environment. All direct payment gateways we utilize adhere to PCI-DSS, which is a joint effort of brands like Visa, MasterCard, American Express and Discover, to safeguard card data handling.
Whilst we shall not store your credit card information, such payment gateways and other transaction or payment processors, under PCI-DSS, may store your purchase transaction data for only as long as is necessary to complete the transaction and thereafter for only as long as it is required by law.
Such third-party payment gateways and other payment transaction processors and other third parties have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So, if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
Once you leave our Site or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.
SECTION 5 – ELECTRONIC COMMUNICATIONS, TELEMARKETING AND TEXT MESSAGES
By providing your prior express consent/opt-in in accordance with applicable law, you consent to receive communications from us electronically. Although we may choose to communicate with you by other means, we may also choose to solely communicate with you electronically by e-mail or by posting notices on the Site. You agree that all agreements, notices, disclosures, and other communications that we send to you electronically satisfy any legal requirement that such communications be in writing.
Where you provide “prior express written consent” within the meaning of the Telephone Consumer Protection Act (“TCPA”) or any applicable law, you consent to receive telephone calls, including artificial voice calls, pre-recorded messages and/or calls delivered via automated technology and text and SMS messages to the telephone number(s) that you provided from us listed in and hyperlinked to the consent. Message Frequency Varies. The mobile carriers are not liable for delayed or undelivered Messages. Consumers may request up to a maximum of twenty (20) messages per month, with no more than three (3) text messages in one day.
You understand that the text messages we send may be seen by anyone with access to your phone. Accordingly, you should take steps to safeguard your phone and your text messages if you want them to remain private.
If you wish to stop receiving text messages from us, reply to any text message we have sent you and simply text “STOP”, “END” or “QUIT”. You may also request to stop receiving text messages by calling us or emailing us using the following information:
By email: support@caresole.com
If at any time you need our contact information or information on how to stop text messages, reply to any text message we have sent you and simply text HELP or click here for support. Message and Data Rates May Apply to any text/SMS communication.
SECTION 6 - LINKS
Please note that this Privacy Policy does not apply to the practices of companies that we do not own or control or to people that we do not employ or manage. We provide these links merely for your convenience. We have no control over, do not review, and are not responsible for Third-Party Sites, their content, or any goods or services available through the Third-Party Sites. Our Privacy Policy does not apply to Third Party Sites, and any data you provide to Third-Party Sites, you provide at your own risk. We encourage you to review the privacy policies of any Third-Party Sites with which you interact with.
SECTION 7 - SECURITY
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with sensitive information, such as login credentials and credit card information, then such information is encrypted using secure socket layer technology (SSL) and stored with an AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we use generally acceptable commercially standards to protect your personal information.
SECTION 8 – BREACH
Unless otherwise prohibited by applicable law, we shall notify you, as soon as it is reasonably possible under the circumstances but in any event no later than within 72 hours after becoming aware, of any accidental, unauthorized, or unlawful destruction, loss, alteration, or disclosure of, or access to, Personal Data ("Security Breach") likely to result in a high risk of adversely affecting individuals’ rights and freedom. Such notification shall include: (a) a detailed description of the Security Breach, and (b) the type of data that was the subject of the Security Breach and we shall communicate (i) the name and contact details of our data protection officer or other point of contact where more information can be obtained; (ii) a description of the likely consequences of the Security Breach; (iii) a description of the measures taken or proposed to be taken by us to address the Security Breach, including, where appropriate, measures to mitigate its possible adverse effects; and (iv) additionally in such notification or thereafter as soon as such information can be collected or otherwise becomes available, any other information you may reasonably request relating to the Security Breach.
We shall take prompt action to investigate the Security Breach and shall use industry standard, commercially reasonable, efforts to mitigate the effects of any such Security Breach in accordance with its obligations hereunder and, subject to your prior written agreement, to carry out any recovery or other action necessary to remedy the Security Breach. Unless required to do so under applicable Privacy Law, we shall not release or publish any filing, communication, notice, press release, or report concerning any Security Breach. We shall also report such Security Breach as may be required by law to relevant supervisory authority within 72 hours of becoming aware, where feasible.
SECTION 9 – GEOGRAPHIC LOCATION
Where personal data originating in the European Economic Area is processed outside the European Economic Area, in a territory that has not been designated by the European Commission as ensuring an adequate level of protection pursuant to applicable Privacy Law, we agree that the transfer shall be undertaken pursuant to SECTION 6 above, which we shall maintain in full force and effect.
We have data processing agreements in place to ensure compliance with all relevant Directives. All processing is performed in accordance with the highest security regulations.
SECTION 10 - AGE OF CONSENT
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
SECTION 11 - CHANGES TO THIS PRIVACY POLICY
We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use or disclose it. Continued use of our Site after having been informed of any such changes to these conditions implies acceptance of the revised Privacy Policy. This Privacy Policy is an integral part of our Terms of Service.
If our Company is acquired or merged with another company, we may disclose your Personal Data with our prospective or actual purchasers, investors, or successor entities in connection with a contemplated reorganization or an actual reorganization of our business, in connection with financing, a sale, or other transaction involving the disposal of all or part of our business or assets, including for the purpose of permitting the due diligence required to decide whether to proceed with a transaction, pursuant to assurances of sufficient data handling practices and safeguards.
Residents of the European Economic Area: Our disclosure is limited to situations where we are permitted to do so under applicable European and national data protection laws and regulations.
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, give us feedback, or simply want more information, contact us at support@caresole.com. We have a “Data Protection Officer” who is responsible for matters relating to privacy and data protection. This Data Protection Officer can be reached at the following address: GMT Assets LLC, 11 Broadway, Suite 615, New York, NY 10004.