GIORGI GLOBAL HOLDINGS, INC.
PERSONAL INFORMATION WE COLLECT
Information Collected Automatically
When you visit our Sites, We may automatically collect certain information about your device, including information about your web browser, operating system, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Sites, We may collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Sites over time. Collecting this information helps us to improve our Sites and to deliver a better and more personalized service, as well as help process your request for products we offer and ensure security. This may enable us to:
• Estimate our audience size and usage patterns.
• Store information about your preferences, allowing us to customize our Sites according to your individual interests.
• Speed up your searches.
• Recognize you when you return to our Sites.
We refer to this automatically collected information as “Device Information”.
We may collect Device Information using the following technologies:
– “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier which enable us to provide certain features and functionality. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
– “Log files” track actions occurring on the Sites, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
– “Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse the Sites.
Additionally, when you make a purchase or attempt to make a purchase through any of our Sites, we collect certain information from you, including your name, billing address, payment information (including credit card numbers, details concerning other methods of payment, etc.), email address and phone number. We refer to this information as “Order Information”.
Please note that third party social media or other sharing platforms (like YouTube™ or Vimeo™ for example) may collect information about you when you click on “add’ or “like” in connection with a given social network or play a video when visiting our websites. We do not have any control over this process. We recommend that you read the terms and conditions of use and privacy notice of these social networking sites before using them.
Information You Provide to Us
We collect information you provide to us when you open an account with us, apply for a position with us, conduct or wish to conduct business with us, are employed by us, or otherwise engage in a transaction with us, which may include without limitation your name, job title, residency, email address, mailing address, Customer account number and phone number. We refer to this information as “Customer Information”. “Customer Information” includes information about our employees.
You also may provide information to be published or displayed on public areas of the Sites (if any) or transmitted to other users of the Sites or third parties (collectively, “User Contributions”). Your User Contributions are posted on and transmitted to others at your own risk. Although we may limit access to certain areas of the Sites through certain privacy settings administered as part of the log-on process for your account profile, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Site with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.
HOW DO WE USE YOUR PERSONAL INFORMATION?
We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Sites (for example, by generating analytics about how individuals interact with the Sites, and to assess the success of our marketing and advertising campaigns).
We use the Order Information that we collect generally to fulfill any orders placed through the Sites (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations). Additionally, we may use this Order Information to:
- Communicate with you
- Screen orders for potential risk or fraud; and
- Consistent with the preferences you have shared with us, provide you with information or advertising relating to our products and services.
We use Customer Information to engage in a transaction with you.
In addition, Personal Information may be used:
• To present our Sites and its contents to you.
• To provide you with information, products, or services that you request from us.
• To fulfill any other purpose for which you provide it.
• To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.
• To notify you about changes to our Sites or any products or services we offer or provide through it.
• To allow you to participate in interactive features on our Sites.
• In any other way we may describe when you provide the information.
• For any other purpose with your consent.
If you do not want us to sell or share your personal information with unaffiliated or non-agent third parties for promotional purposes, or if you wish not to receive any promotional offers or targeted advertising from us, you can “Opt-Out” by sending us an email with your request to email@example.com. You can also call us at 800-535-9925. Where we have sent a promotional e-mail to you, you may also send a response e-mail asking to be omitted from such future e-mail distributions. Please note, however, that this “Opt Out” option will not apply to information we may provide to you as a result of your product purchase, warranty registration, product service experience evaluation or other direct transaction between you and the Company.
Visitors in the European Economic Area (”EEA”), United Kingdom and Switzerland may have addition information rights and choices. Please see “Visitors Located in the EEA, the UK and Switzerland” below for more information. California residents may have additional personal information rights and choices. Please see “Your California Privacy Rights” below for more information
SHARING YOUR PERSONAL INFORMATION
We share your Personal Information with third parties to help us use your Personal Information, as described above. Where we aggregate Personal Information from multiple users of our Sites, we may disclose this without restriction. For example, we use Shopify® to power our online store – you can read more about how Shopify® uses your personal information here: www.shopify.com/legal/privacy.
We may disclose Personal Information that we collect or that you provide:
• To our subsidiaries and affiliates.
• To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by us about our Sites users is among the assets transferred.
• To fulfill a purpose for which you have provided the Personal Information.
• For any other purpose disclosed by us when you provide the Personal Information.
• With your consent.
• If We believe disclosure is necessary or appropriate to protect the rights, property, or safety of the Company, our customers, or others. This may include exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.
DO NOT TRACK
Do Not Track (DNT) is a privacy preference that users can set in some web browsers, allowing users to opt out of tracking by websites and online services. At the present time, the World Wide Web Consortium (W3C) has not yet established universal standards for recognizable DNT signals and therefore, the Site does not recognize DNT.
We store Personal Information using reasonable physical, technical, and administrative safeguards to secure data against foreseeable risks, such as unauthorized use, access, disclosure, destruction, or modification. All Personal Information you provide to us is stored by us or our contractors on secure servers behind firewalls, with any payment transactions being encrypted using SSL technology. The safety and security of your Personal Information also depends on you. Where We have given you (or where you have chosen) a password for access to our Site or any of its parts, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of our Site like message or comment boards. The information you share in public areas may be viewed by any user of the Site. Any transmission of your Personal Information by you is at your own risk.
Although we make good faith efforts to store the information, we collect in a secure operating environment that is not available to the public, we cannot guarantee complete security. Further, while we work to ensure the integrity and security of our network and systems, we cannot guarantee that our security measures will prevent third-party “hackers” from illegally obtaining this information.
We ensure that this cross-border data processing is protected by adequate safeguards, including using Standard Contractual Clauses and certifications that demonstrate that third parties outside the EEA, the UK process Personal Information in a way that is consistent with the EU General Data Protection Regulation (“GDPR”) or the UK laws implementing the GDPR. You may request a copy of the Standard Contractual Clauses by email use at firstname.lastname@example.org. You can also call us at 800-535-9925.
VISITORS LOCATED IN THE EEA, THE UK AND SWITZERLAND
If you located in the EEA, the UK or Switzerland or if we process the Personal Information in context of the activities of our establishment in the EEA, the UK or Switzerland, you have the right to access Personal Information we hold about you and to ask that your Personal Information be corrected, updated, or deleted. If you would like to exercise this right, please contact us at email@example.com. You can also call us at 800-535-9925. You also have the right to lodge a complaint with the applicable supervisory authority.
Additionally, if you are located in the EEA, the UK or Switzerland or if we process the Personal Information in context of the activities of our establishment in the EEA, the UK or Switzerland we note that we are, at your initiation, processing your Personal Information in order to fulfill contracts we might have with you, including taking pre-contractual steps (for example if you apply for a job through the Sites), where we have obtained your consent to use personal information, or otherwise to pursue our legitimate business interests listed above. You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Additionally, please note that your information may be transferred outside of the EEA, the UK or Switzerland, including but not limited to the United States when the Personal Information of data subjects within the EEA, the UK or Switzerland is processed outside the EEA, the UK or Switzerland.
YOUR EEAUK/SWITZERLAND RIGHTS
Under EEA, UK Swiss data protection law we are required to advise you on the legal basis for processing your personal data. For the most part, the processing of your Personal Information is based either on a) our legitimate interests related to us providing you services you have requested or otherwise your customer/supplier relationship with us, or b) your consent, where requested.
Where provided under applicable law, you may have the following rights:
- Object to our processing of your Personal Information where we are relying on legitimate interest (or those of a third-party), and you want to object to processing on this ground, as you feel it impacts on your fundamental rights and freedoms. You also have a right to object where we are processing your Personal Information for the purposes of direct marketing or profiling. You can object at any time, and we shall stop processing the Personal Information you have objected to unless we can show compelling legitimate grounds to continue that processing.
- Access your Personal Information. If you make this kind of request and we hold Personal Information about you. We are required to provide you with information on it, including a description and copy of the Personal Information and why we are processing it. We might require you to prove your identity before granting access to your personal data. We will process your request within the timeframe required under the relevant law.
- Request the transfer of your Personal Information. We will provide to you or a third party you have chosen, your Personal Information in a structured, commonly used, machine-readable format. Please note, this right applies to the Personal Information you have provided to us; and if we use your personal data on the basis of consent or where we used the information to perform a contract with you.
- Request erasure (deletion) of your Personal Information. You have a right to ask us to delete or remove your data where you have successfully exercised your right to object (see above), or where we are required to erase your Personal Information to comply with local law. Please note, we may be required to retain certain information by law and/or for our own legitimate business purpose. But when we do so, we will inform you.
- Request correction or updating of your Personal Information. This enables you to have any incomplete or inaccurate data we hold about you corrected.
- Request the restriction of our processing of your Personal Information in some situations. If you request this, we can continue to store your personal data but are restricted from processing it while the restriction is in place.
- Withdraw your consent. Where you have provided your consent to our processing of your Personal Information you can withdraw your consent at any time. If you do withdraw consent, that will not affect the lawfulness of what we have done with your personal data before you withdrew consent.
- Lodge a complaint with a supervisory authority. We will do our best to resolve any complaint. However, if you feel we have not resolved your complaint or if you are dissatisfied with our handling your Personal Information, you have a right to make a complaint to applicable supervisory authority.
If you exercise the rights above and there is any question about who you are, we may require you to provide information from which we can satisfy ourselves as to your identity.
We may maintain your Personal Information as necessary for processing requests you may have made to the Company or for those other use purposes as noted above.
If you have entered into a contract with us, the Personal Information is stored for the duration of the contract, as well as following its termination, if necessary for legal, regulatory purposes or corporate governance purposes. Personal Information processed based on your consent will be kept until the consent is revoked, unless otherwise prescribed by applicable legal requirements and presuming that it is necessary for the purpose of processing.
Under Age 13
Our Sites are not specifically directed toward children, and we do not knowingly collect Personal Information from persons under the age of 13 on our Sites without verifiable parental consent. If we learn that a child under the age of 13 has submitted personally identifiable information online without parental consent, we will take all reasonable measures to delete such information from our databases and to not use such information for any purpose (except where necessary to protect the safety of the child or others as required or allowed by law). If you become aware of any personally identifiable information, we have collected from children under 13, please contact us at firstname.lastname@example.org. You can also call us at 800-535-9925.
California residents under 16 years of age may have additional rights regarding the collection and sale of their personal information. Please see “Your California Privacy Rights” below for more information.
Your California Privacy Rights
CCPA Privacy Notice Provisions for California Residents
This Privacy Notice for California Residents supplements the information contained in the Company’s general Privacy notice and applies solely to all consumers in the State of California (“Consumers” or “you”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 (CCPA) and any terms defined in the CCPA have the same meaning when used in this notice. “Consumers” has the meaning assigned to it in the CCPA.
INFORMATION WE COLLECT
|A. Identifiers.||A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.|| We only collect the following:- Real Name- Postal AddressTelephone NumberCredit Card Information|
– E-mail Address
|B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).||A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card information, debit card information, or any other financial information, medical information, or health insurance information.Some personal information included in this category may overlap with other categories.||We only collect the following:- Real Name- Postal Address- Telephone Number|
– E-mail AddressCredit Card or Debit Card Information
|C. Protected classification characteristics under California or federal law.||Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).||We only collect the following:- Age (if over 16)|
|D. Commercial information.||Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.||NO|
|E. Biometric information.||Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.||NO|
|F. Internet or other similar network activity.||Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.||YES – browsing or search history|
|G. Geolocation data.||Physical location or movements.||NO|
|H. Sensory data.||Audio, electronic, visual, thermal, olfactory, or similar information.||NO|
|I. Professional or employment-related information.||Current or past job history or performance evaluations.||NO|
|J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).||Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.||NO|
|K. Inferences drawn from other personal information.||Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.||NO|
We obtain the Personal Information listed above from the following categories of sources:
- Directly from you. For example, from forms you complete or products and services you purchase.
- Indirectly from you. For example, from your actions on our Sites.
USE OF PERSONAL INFORMATION
SHARING PERSONAL INFORMATION
We may share your personal information with the following categories of third parties:
- Service providers for purposes of purchases or for management of our Sites; (b)
governmental agencies, where required under subpoena or other legal requirement; and (c)
to entities as part of any merger or acquisition process.
DISCLOSURES OF PERSONAL INFORMATION FOR A BUSINESS PURPOSE
In the preceding twelve (12) months, any Personal Information the Company may have disclosed would be those Categories of Personal Information as identified in the chart under “Information We Collect” and solely for the purpose of product purchases or in response to Consumer questions.
Specifically, we disclose your Personal Information for a business purpose to the following categories of third parties:
Sales of Personal Information.
In the preceding twelve (12) months, Company had not sold Personal Information.
YOUR RIGHTS AND CHOICES
The CCPA provides Consumers with specific rights regarding their Personal Information. This section describes your CCPA rights and explains how to exercise those rights.
A) Access to Specific Information and Data Portability Rights
You have the right to request that We disclose certain information to you about our collection and use of your Personal Information over the past 12 months. Once we receive and confirm your verifiable consumer request (see “Exercising Access, Data Portability, and Deletion Rights” below), we will disclose to you: The categories of Personal Information we collected about you; the categories of sources for the Personal Information we collected about you; Our business or commercial purpose for collecting or selling that Personal Information; the categories of third parties with whom we share that Personal Information; and the specific pieces of Personal Information we collected about you (also called a data portability request). If we sold or disclosed your Personal Information for a business purpose, we will provide two separate lists disclosing which Personal Information was “sold” and which were only “disclosed” for a business purpose.
B) Deletion Request Rights
You have the right to request that We delete any of your Personal Information that We collected from you and retained, subject to certain exceptions. Once We receive and confirm your verifiable consumer request (see “Exercising Access, Data Portability, and Deletion Rights” below), We will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
- Complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another Consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with Consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
EXERCISING ACCESS, DATA PORTABILITY, AND DELETION RIGHTS
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by either contacting us at email@example.com or by calling 800-535-9925. You may also write us at the address provided in the general Privacy Notice under “CONTACT US”.
Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your Personal Information. You may also make a verifiable consumer request on behalf of your minor child. You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative; and
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with Personal Information if We cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
RESPONSE TIMING AND FORMAT
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If We require more time (up to 90 days), We will inform you of the reason and extension period in writing.
Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons We cannot comply with a request, if applicable. We will select a format to provide your Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance, specifically, it will be either in a written format using a Word, Excel or Access document or be provided in image format using Adobe .pdf or jpeg format.
We do not charge a fee to process or respond to your verifiable consumer request unless it would require an excessive effort to complete, is repetitive, or manifestly unfounded. If we determine that the request warrants a fee, We will tell you why we made that decision and provide you with a cost estimate before completing your request.
PERSONAL INFORMATION SALES OPT-OUT AND OPT-IN RIGHTS
To exercise the right to “Opt-Out”, you (or your authorized representative) may submit a request to us by visiting the following Internet Web page link: Do Not Sell My Information
Once you make an Opt-Out request, We will wait at least twelve (12) months before asking you to reauthorize Personal Information sales. However, you may change your mind and opt back in to Personal Information sales at any time by notifying us at firstname.lastname@example.org or by calling 800-535-9925.
We will only use Personal Information provided in an Opt-Out request to review and comply with the request.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not: deny you goods or services; charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties; provide you a different level or quality of goods or services; or suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
OTHER CALIFORNIA PRIVACY RIGHTS
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at email@example.com, or by calling us at 800-535-9925, or by mail using the details provided below:
The Giorgi Companies, Inc.
108 Plaza Drive, Suite 200
Blandon, PA 19510
Attn: Data Protection Officer
LAST UPDATED AUGUST 30, 2022