COLLECTION AND USE OF PERSONAL INFORMATION
We refer in this Policy to two types of user information: Personally Identifiable Information (“PII”) and non-Personally Identifiable Information (“Non-PII”).
PII refers to any information that can be used to uniquely identify, contact, or locate you. Examples of PII include a name, physical address, e-mail address, telephone number, date of birth, or a credit card number.
The Site Services collect only the PII that you voluntarily provide to us, such as when you register to use the Site Services, set up a profile, pay for any Product, or complete a survey.
The Site Services may also automatically collect other types of Non-PII as you use the Services, including technical information (such as your IP address, mobile device ID, or browser type) and usage information (such as internet location data, preferred language, the parts of the Site or Site Services you have visited, which links you have clicked and other information about how you interact with the Site Services). This information is anonymous, and is not associated with your PII, although it may be associated with other pieces of anonymous information about You.
WHAT DO WE DO WITH YOUR PII?
When you purchase a Product from our Site, as part of the buying and selling process, we collect the personal information you give us such as your name, telephone number and email address.
When you browse our Site, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
Email marketing: With your permission, we may send you emails about our Site, new Products and other updates.
We use Razorpay for processing payments. We/Razorpay do not store your card data on their servers. The data is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS) when processing payment. Your purchase transaction data is only used as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is not saved.
Our payment gateway adheres to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read terms and conditions of Razorpay on https://razorpay.com
When you provide us with personal information to complete a transaction, verify your credit card, place an order, access a Product through your User Account on the Site, you are deemed to consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time, by contacting us at […] or contacting us by post at […]
DISCLOSURE OF YOUR INFORMATION: TO WHOM AND PURPOSE
DISCLOSURE OF PII
We will not share, sell, rent, or trade your PII with any third parties, without your consent, except as necessary to provide you with the services offered by us, to comply with the law, or for the specific reasons below.
We may also use your contact information to inform you of any changes to the services, or to send you additional information about Be.artsy and/or our current or any new Products.
We may share your information with third party service providers. We provide some services and products through third parties like Razorpay (for payments). These third-party service providers perform functions on our behalf. Other third-party service providers may offer compatible services to you.
We may share Your PII with such service providers for a variety of features of the Site Services and/or Products including, but not limited to, fulfilling orders, delivering packages, sending postal or email, removing repetitive information on customer lists, analysing data, providing marketing assistance, providing search results and links, processing credit card payments, operating the Site Services, troubleshooting and providing customer service.
We may may share your information with third party service providers to accomplish our administrative tasks.
We encourage third party service providers to adopt and post privacy policies. However, we specifically disclaim any responsibility or liability for the actions of third-party service providers. The use of your PII by such parties, however, is governed by the privacy policies of such parties and is not subject to our control.
DISCLOSURE OF NON-PII
We use Non-PII to display content according to your preferences, to analyse our Site Services traffic, troubleshoot, administer the Site Services, gather demographic information, comply with applicable law, and cooperate with law enforcement activities. Traffic and transaction information may also be shared with business partners and advertisers on an aggregate and anonymous/anonymised basis. We may also share this information with our authorized third-party service providers and partners to measure the overall effectiveness of our Site Services, Products, Be.artsy Content, and programming.
We may disclose or share Non-PII with partners, affiliates, and advertisers. We also use third party service providers to track and analyse Non-PII usage and volume statistical information from our User(s) to administer our Site Services and improve its quality. We may also publish this information for promotional purposes or as a representative audience for advertisers. Please note that this is not PII, and consists only of general summaries of the activities of our User(s). Such data is collected on our behalf, and is owned and used by us.
We may disclose information, including potentially PII, if required to do so by law or in the good-faith belief that such action is necessary to-
- Conform to the law or to comply with legal process served on Us or Our parent company, subsidiaries, or affiliates;
- Protect and defend Our or Your (as a User) rights or property;
- Act under exigent circumstances to protect the safety of the public or Users of the Services;
We may conduct periodic analysis and survey of the traffic to the Site Services for market research and advertising purposes. We reserve the right to share your registration information with our appointed market research and advertising companies or firms from time to time for these purposes. We may also use cumulative non-personal information for auditing and analysis purposes with the aim of improving the Site Services.
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
You may update your own PII including, but not limited to, account information, billing information, public profile or any other specific information that is editable from your User Account on the Site Services. However, because we keep a record of all transactions, you cannot delete information associated with past transactions on the Site Services. Additionally, copies of data may temporarily retain information about User(s) as a regular course of our data protection and disaster prevention and recovery practices.
We shall retain the information provided by the Users for such period of time as is required to fulfil the purposes for which such information is collected, as outlined in this Policy, subject to such longer time periods of retention as may be required under any applicable laws.
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
We offer the use of a secure server. All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our Payment gateway providers database only to be accessible by those authorized with special access rights to such systems, and are required to keep the information confidential. You can verify this by checking that the URL displayed on your browser starts with ‘https’ and/or a lock symbol on your browser next to the URL.
However, security is always relative and we cannot guarantee that, despite best-efforts basis, our security measures are absolute and cannot be breached. Data which is transmitted over the Internet is inherently exposed to security risks or threats. For instance, information transmitted via chat or email can be compromised and used by others. Therefore, we cannot guarantee any security for such information in the course of transmission through the internet infrastructure or any unsolicited disclosures which you yourself may make while availing of the Site Services.
7.3. When you register with us, your account is protected by means of login information which includes a username and a password that is known only to you. Therefore, you should not provide your personal information to anyone else at all, and if you do, that is a breach or violation of this Policy and can also result in closure of your account in certain cases. if you become aware of or reasonably suspect any breach of security, including compromise of your login information, it is your responsibility to immediately notify us at […].
You understand that when you visit the Site, cookies may be left in your computer. The cookies assigned by our servers may be used to personalize your experience on the Site Services. Additionally, cookies may also be used for authentication, administration of the Site Services, data analysis and security purposes.
Cookies may also be assigned by the advertisers when you click on any of the advertisements which may be displayed on any Site Services, in which case such cookies are controlled by these advertisers and not by us.
AGE OF CONSENT
By using this Site, you represent that you are at least the age of majority (18 years in India) in your place of residence, or that you are the age of majority in your place of residence and you have given us your consent to allow any of your minor dependents to use this Site.
If Be.artsy is acquired or merged with another entity, your information may be transferred to the new owners so that we may continue to sell and deliver Products to you.
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you which cannot be edited in your User Account, or register a complaint, etc., you may contact us at […] or by post at […].