This policy covers how we use your personal information. We take your privacy SERIOUSLY and will take all measures to protect your personal information.
What Information Do We Collect?
- In the course of engaging with our website, you may provide Personal Information about you when you sign up for and visit our website.
We collect information that we need that is related to your order. This includes your:
Credit Card Information. Your Credit Card information is not stored on our servers.In addition we also collect information on your IP address, browser type, and Refer URL data. We use this data to prevent hacking attempts, help us know what web browsers people are using, and find out where our visitors are coming from so that we can improve our marketing.
How Is Your Information Used?
Your Information may be used:
- To fill your order, directly or through our partners
- To charge you for your order via Stripe, Paypal or Coinbase depending on your chosen payment method
- To obtain shipping
- To provide customer support, either directly, or through a third party such as a product supplier or distributor
- For you to use our forum
- For internal marketing and performance analytics using Facebook and Google Analytics,Wordpress.com and Cloudflare
- For sending you newsletters via MailChimp
- For sending out software license expiration and renewal notices
- To meet legal requirements, including complying with court orders, valid discovery requests, valid subpoenas, and other appropriate legal mechanisms.
- Distribution of Information
Your Private Information may be shared with governmental agencies or fraud prevention or investigation companies. We may do so when: (1) permitted or required by law; or, (2) trying to protect against or prevent actual or potential fraud or unauthorized transactions; or, (3) investigating fraud which has already taken place. Your Private Information is not provided to these companies for marketing purposes.
- Distribution of Information
- To prosecute and defend a court, arbitration, or similar legal proceeding.
- To respond to lawful requests by public authorities, including to meet national security or law enforcement requirements.
- To provide, support and improve the Services. For example, this may include sharing your with third parties in order to provide and support our Services or to make certain features of the Services available to you.
- Other purposes. To carry out other legitimate business purposes, as well as other lawful purposes about which we will notify you.
- To send you information for marketing purposes, in accordance with your marketing preferences.
- For recruitment purposes if you have applied for a position within Craft and Theory.
- To respond to your online inquiries and requests, and to provide you with information and access to resources or services that you have requested from us.
- To manage our Websites and system administration and security.
- To improve the navigation and content of our Websites.
- To identify any server problems or other IT or network issues.
- To process transactions and to set up online accounts.
- To compile aggregated statistics about site usage and to better understand the preferences of our Visitors.
- To carry out research and development to improve our products and services.
- To customize content and layout of the websites.
- To carry out other legitimate business purposes, as well as other lawful purposes.
Security and Storage
Your order data billing, shipping, and order contents data is stored on our server. This information is encrypted using a Secure Sockets Layer before it is transmitted over a web server. We do not store your Credit Card data on our servers Your Credit Card data may be stored on Stripe’s server if you chose, but we will not have access to your Credit Card data from Stripe’s servers. The only time Craft and Theory staff my have your Credit Card data is when you provide this information to us during a purchase over the phone. In such case, your Credit Card information will be used to perform your purchase and will be promptly discarded.
Cookies and Browser Information
Cookies are small files that reside on your computer and allow us to recognize you on your next visit or store your shopping cart contents. We use them only to track this information.You can remove cookies stored in your computer via your browser settings. Alternatively, you can control some 3rd party cookies by using a privacy enhancement platform such as optout.aboutads.info or youronlinechoices.com. For more information about cookies, visit allaboutcookies.org.
We use Facebook Traffic Pixels. In relation to this:
(b) You can opt-out of the collection and use of information for ad targeting,
(c) You may access www.aboutads.info/choices for opting out.
We send out newsletters using MailChimp. MailChimp and its partners may use various technologies to collect and store information when you are subscribed to our newsletter, and this may include using cookies and similar tracking technologies, such as pixels and web beacons. For example, MailChimp uses web beacons in the emails we send through them. These web beacons track certain behavior such as whether the email sent was delivered and opened and whether links within the email were clicked. They also allow MailChimp and its partners to collect information such as the recipient’s IP address, browser, email client type and other similar details. MailChimp and its partners use this information to measure the performance of our email campaigns, and to provide analytics information and enhance the effectiveness of our services.
Targeted online advertising
We have engaged one or more third party service providers to track and analyze both individualized usage and volume statistical information from interactions with our website.
- Public Information and Third-Party Websites
- Blog. We have public blogs on our Websites. Any information you include in a comment on our blog may be read, collected, and used by anyone. If your Personal Information appears on our blogs and you want it removed, contact us at [email protected] or contact our DPO listed at the bottom of this privacy notice. If we are unable to remove your information, we will tell you why.
- Contests and sweepstakes. We may, from time to time, offer surveys, contests, sweepstakes, or other promotions on our Websites or through social media (collectively, “Promotions“).
You may have the following data protection rights
- To access, correct, update or request deletion of Personal Information. Craft and Theory takes reasonable steps to ensure that the data we collect is reliable for its intended use, accurate, complete and up to date. You can manage many of your individual account and profile settings within the dashboard provided through the Craft and Theory platform, or you may contact us directly by emailing us at [email protected].
- In addition, individuals who are residents of the EEA can object to processing of their Personal Information, ask to restrict processing of their Personal Information or request portability of their Personal Information. You can exercise these rights by contacting us using the contact details provided in the “Questions and Concerns” section below. If any of your Contacts wishes to exercise any of these rights, they should contact you directly, or contact us as described in the “Privacy for Contacts” section below.
- Similarly, if Personal Information is collected or processed on the basis of consent, the data subject can withdraw their consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Information conducted in reliance on lawful processing grounds other than consent. If you receive these requests from Contacts, you can segment your lists within the Craft and Theory platform to ensure that you only market to Contacts who have not opted out of receiving such marketing.
- The right to complain to a data protection authority about the collection and use of Personal Information. For more information, please contact your local data protection authority. Contact details for data protection authorities in the EEA are available here.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection law. We may ask you to verify your identity in order to help us respond efficiently to your request. If we receive a request from one of your Contacts, we will either direct the Contact to reach out to you, or, if appropriate, we may respond directly to their request.
Privacy Contact Information
By e-mail: [email protected]
By Phone: +1 (320) 321-9995