Effective Date: April 13, 2022
2) ADDITIONAL POLICIES
In the event you are a resident of California please also review our CCPA Notice.
3) CONTACT DETAILS OF THE CONTROLLER
The “Pen to Paper” shall mean:
Pen to Paper Co. at 115 Central Park West, Apt 12K New York, NY 10023 (“Controller”).
4) WHICH DATA DO WE COLLECT AND FOR WHAT PURPOSE?
“Non-Personal Data”: means non-identifiable, aggregated data, that is mainly data which is transmitted to us when you access and interact with Pen to Paper Technology, such as the type of browser, type of operating system, type of device used, the time and date you access the Pen to Paper Technology, navigation, language preference, etc.
“Personal Data”: means individually identifiable information which identifies or may identify, with reasonable effort, an individual, such as your name, address, phone number, billing information and including online identifiers (such as IP address). Please see below the table which specifies the Personal Data we collect and how we use it:
Please note that the actual processing operation per each purpose of use detailed in the table above may differ. Such processing operation usually includes a set of operations made by automated means, such as collection, storage, use, disclosure by transmission, erasure, or destruction.
In addition, we may use certain Personal Data to prevent potentially prohibited or illegal activities, fraud, misappropriation, infringements, identity thefts, and any other misuse of the Services and to enforce the Terms, as well as to protect the security or integrity of our databases and the Services, and to take precautions against legal liability.
5) HOW WE COLLECT INFORMATION
According to the nature of your interaction with Pen to Paper Technology, we may collect information as follows:
6) DATA SHARING – CATEGORIES OF RECIPIENTS WE SHARE PERSONAL DATA WITH
We share your data with third parties, including with trusted partners or service providers that help us provide our Services:
Where we share information with services providers and partners, we ensure they only have access to such information that is strictly necessary in order for us to provide the Services. These parties are required to secure the data they receive and to use the data for pre-agreed purposes only, while ensuring compliance with all applicable data protection regulations (such service providers may use other non-personal data for their own benefit).We use the following SDK (a Software development kit) which is a set of tools that provide us with the ability to build a plugin which can be connected to Shopify or other platforms. SDKs are used only in the Pen to Paper plugin on the Merchant’s store. SDK create the opportunity to enable the functionality of our Services, as well as include advertisement and push notifications, if applicable.
7) COOKIES & TRACKING TECHNOLOGIES
There are several types of cookies, the three main and common ones are:
8) USER RIGHTS
We acknowledge that different people have different privacy concerns and preferences. Our goal is to be clear about what information we collect, so that you can make meaningful choices about how it is used. We provide you with the ability to exercise certain choices, rights and controls in connection with your information. Depending on your relationship with Pen to Paper (e.g., if you are a Visitor of our Website, Merchant, or an End-User), data protection and privacy laws provide you with various rights regarding your Personal Data.
You may exercise any or all of your above rights in relation to your Personal Data by filling out the Data Subject Request (“DSR”) form available here and send it to our email address at: email@example.com.
Where we are not able to provide you with the information for which you have asked, we will endeavor to explain the reasoning for this and inform you of your rights, including the right to complain to the supervisory authority. We reserve the right to ask for reasonable evidence to verify your identity before we provide you with any such information in accordance with applicable law.
We retain Personal Data we collect as long as it remains necessary for the purposes set forth above, all in accordance with applicable laws or until an individual requests to opt-out of such collection. We may at our sole discretion, delete or amend information from our systems, without providing any notice to you, once we deem it is no longer necessary for our purposes.
We implement extensive security measures to reduce the risks of damage, loss of information and unauthorized access or misuse of Personal Data. We implement appropriate data collection, storage and processing practices and security tools to protect personal data against unauthorized access, alteration, disclosure or destruction. You should be aware that no security measures are completely fail-proof, and it is impossible to prevent any and all threats to the security of data and systems. Therefore, you should be aware that any processing of digital Personal Data holds certain inherent risks, and we cannot guarantee that our Services and databases will be immune to any wrongdoings, malfunctions, unauthorized interceptions or access, malware attacks or other kinds of abuse and misuse.