At You Inc. (“Company”, “we”, “us” or “our” in this Policy), we are committed to respecting your privacy and protecting the Personal Data (as defined below) that we obtain and hold about you and others.
1. Introduction and General Terms
The Site is operated by You Inc., a company registered in the State of Washington, United States of America. The Site allows customers to view and purchase products, among other things (“Services”).
Where we decide the purpose or means for the processing of the Personal Data that you provide when using our Site, we are the “data controller” for the purposes of the European General Data Protection Regulation 2016 (“GDPR”).
Our Site may contain hyperlinks to third party websites. These websites operate fully independently from us, and we cannot accept any responsibility or liability for the privacy practices of such third parties nor the availability of these external sites or resources. The appearance of such links on our Site is not an endorsement. Should you use any of these websites, such use is at your own risk and we would recommend that you review their respective privacy policies and our Terms.
2. What Information Will We Collect About You?
Information provided by you when using our Services
You may give us information about you by filling in forms when using our Services, setting up an account, signing up to our newsletter, or contacting us with e-mail and other similar inquiries. Such information can include:
The foregoing shall be referred to herein as “Personal Data”.
- How We Use Your Personal Data
Providing the Services to you as a prospective or existing customer
We may legally use and retain your Personal Data where we need to perform the contract we are about to enter into or have entered into with you, such as:
In order for you to purchase products via our Site, we currently use the third-party payment provider (“Payment Provider”), Shopify (a PCI Service Provider Level 1 certified platform) to collect, store and process payment information from you, including your name, email address, shipping information, credit card number, and bank account details. Our servers will not collect or have access to your payment details.
Any purchases you make via the Site will also be governed by the Payment Provider’s terms and conditions and/or privacy policies.
We may contact you via email to remind you about products you left in your shopping basket, that you may want to purchase. We will do this pursuant to our legitimate interests in promoting our business. If you do not wish to be contacted via email please let us know by clicking unsubscribe at the bottom of any email that you receive.
Contacting Us (Your Enquiries)
If you contact us via our Site, to make an enquiry or otherwise, in certain situations we will ask you to provide a limited amount of Personal Data about yourself, such as your name, email address, and your message or enquiry in the free text box. We will use this information to respond to your enquiries, for example:
In line with the legitimate interest we have in promoting our business, we will process your enquiries to reply to your query, including providing you with information about the Services we offer and keeping track of your purchase history.
We may also process enquiries to take steps you ask of us with a view to entering into an agreement to provide you with our Services.
You are under no obligation to provide us with any details, but if you choose to not provide us with relevant information, we may not be able to respond and/or provide the assistance that you request.
If you ask to be added to our mailing list by subscribing to our newsletter, we will keep you updated with information on news, offers, updates on new products and events via email.
In line with the legitimate interest we have in promoting our business, we will use the email address you give us via our Site to provide you with this information. If you would like to be removed from that list please let us know by clicking unsubscribe at the bottom of any marketing email that you receive. After you unsubscribe, you will be removed from our mailing list within a reasonable time.
There may also be circumstances where we will ask you for your prior consent in respect of our use of your Personal Data or where we may rely on an alternative lawful basis to process your Personal Data in which case you will be notified at the time.
How You Use our Site (Analytics & Cookies)
We use Shopify. When you visit our Site, these analytics service providers may collect the following data, which will be anonymized and aggregated before reporting back to us:
This analysis is fundamental to the running of our online business and we therefore undertake such monitoring in the pursuit of our legitimate interests in improving our Site, and to provide a better service and source of information to visitors.
To find out more about our service providers and to learn how to opt out, please visit:
Many web and mobile browsers have an option for turning off cookie feature(s), which will prevent your browser from accepting new cookies, as well as (depending on the sophistication of your browser software) allowing you to decide on acceptance of each new cookie in a variety of ways. In connection with viewing the Site to enable you to take advantage the most attractive features of the Services, we recommend that you leave cookies active as we believe they will likely improve your experience.
To learn more about your opt-out options, please visit:
All content you submit to us
If you send us objectionable content or otherwise behave in a disruptive manner when using our Site, we may process Personal Data included in your messages to respond to and stop such behavior.
Where we process Personal Data in this way, we will hold that Personal Data on our systems for as long as is reasonably necessary to achieve these objectives.
4. Do We Share Your Personal Data with Anyone Else?
We keep your information confidential, but may disclose it to our personnel, suppliers or subcontractors insofar as it is reasonably necessary for the purposes set out in this Policy. If we provide your Personal Data to third parties, we shall only do so provided that they do not make independent use of the information and provide the same confidential treatment as we do.
We only permit the foregoing to process your Personal Data for specified purposes and in accordance with our instructions. All our third-party service providers are required to take appropriate security measures to protect your Personal Data. Activities which are carried out by or in collaboration with third party service providers (which we may change at any time), including our website hosting company (presently GoDaddy), our fulfilment provider (presently DVE Store), and third parties assisting in the retargeting of ads.
In addition, we may disclose your Personal Data to the extent that we are required to do so by law (which may include to government bodies and law enforcement agencies); in connection with any legal proceedings or prospective legal proceedings; and to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention).
If we are involved in a merger, acquisition, or sale of all or a portion of our business or assets, the Personal Data we hold may be included as part of that sale, in which case you will be notified via email, your account, and/or a prominent notice on the Site of any changes in ownership or use of your information, as well as any choices you may have regarding that information.
Except as provided above, we will not provide your information to third parties.
5. Your rights in relation to your Personal Data which we process.
You have the following rights over the way we process Personal Data relating to you. We aim to comply without undue delay, and within one month at the latest, in response to any requests submitted by you to us:
- for a copy of Personal Data we are processing about you and/or to have inaccuracies corrected;
- to restrict, stop processing, or to delete your Personal Data;
- for a machine-readable copy of your Personal Data, which you can use with another service provider. Where it is technically feasible, you can ask us to send this information directly to another provider if you prefer; and
- to make a complaint to a data protection regulator. You may contact them at: https://ico.org.uk/concerns/
To make a request in relation to any of the aforementioned rights, please send your requests to firstname.lastname@example.org.
For data subject to California Civil Code sections 1798.83-1798.84, California residents are entitled to ask us for a notice identifying the categories of personal customer information which we share with our affiliates and/or third parties for marketing purposes, and providing contact information for such affiliates and/or third parties.
We do not use the Site to knowingly solicit information from or market to children under the age of 13. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at email@example.com or write to us at You Inc., P.O Box 100, Marysville, WA 98270. We will delete such information within a reasonable time.
We will take commercially reasonable, appropriate technical and organizational measures to ensure a level of security appropriate to the risk that could be encountered via the use of our Site and Services taking into account the likelihood and severity those risks might pose to the rights and freedoms of our Site visitors and customers.
In particular, we will take precautions to protect against the accidental or unlawful destruction, loss or alteration, and unauthorized disclosure of or access to the Personal Data transmitted, stored or otherwise processed by us.
Please be aware that, while we make the security of our Site and your Personal Data a high priority and devote considerable time and resources to maintain robust IT security, no security system can prevent all security breaches. When you choose to share your Personal Data with us, you accept the aforesaid and provide your information at your own risk.
8. International Data Transfers
We are a US Company and our servers are located in North America and Europe and the information that we collect directly from you will be stored in these servers.
There are agreements in place to ensure that Personal Data is processed using appropriate safeguards that meet the requirements of data protection laws. Such appropriate safeguards may include standard data protection clauses adopted by a data protection regulator and approved by the European Commission, such as the European Commission’s standard contractual clauses. We use the European Commission’s standard contractual clauses where appropriate when exporting data to a processor outside of the EU.
If you would like to find out more about these safeguards or if you have any other queries or comments in relation to this Policy, please let us know by emailing us at firstname.lastname@example.org.
To find out more about the standard contractual clauses, please visit: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en
9. Retention Periods or Criteria
We will hold your Personal Data for as long as is necessary for the relevant purpose for which that Personal Data was obtained, or as otherwise described in this Policy.
To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements. Notwithstanding the foregoing, we retain Personal Data while your Account is active and not closed, and if you do not delete your Account, your Personal Data may remain within your Account even if you have not recently purchased a Product, for the purposes of providing you access to the Site, and as otherwise stated herein. You can delete your Account at any time by following the instructions in the Account settings.
If you would like us to stop using or holding your Personal Data and/or would like to request its deletion, please email us at email@example.com.
This Policy may be updated from time to time. We will notify you of any changes by posting the new Policy here https://thejmk.com/pages/privacypolicy, and, where feasible, by letting you know by email or your account.
11. Contact Us
Questions, comments and requests in relation to this Policy are welcome and should be addressed to firstname.lastname@example.org.
Last Updated: February 2, 2020