Effective: January 22, 2020, Last Update July 28, 2022.
OUR COMMITMENT TO PRIVACY
By accessing or using our Site, you acknowledge that you have read, understand, and agree to the terms of this Policy and consent to the collection, use, and sharing of information in a manner consistent with this Policy. We encourage you to review this Policy periodically.
INFORMATION THAT WE COLLECT
We collect a variety of information when you use or access our Site, including:
- CONTACT INFORMATION. When you register on our Site, purchase a product, or sign up for our newsletters or emails, we may collect your contact information, such as name, phone number, mailing address, postal code, email address, and password.
- PAYMENT INFORMATION. If you purchase products from us, our service providers may collect your payment information, such as credit or debit card number, expiration date, and security code.
- PRODUCT REVIEWS AND COMMENTS. We may allow you to provide product reviews or post comments on our Site. These product reviews and comments may be seen by other users of the Site. Please ensure when using these features that you do not submit any information that you do not want to be shared with other users or the public.
- INFORMATION YOU PROVIDE DIRECTLY TO US. We may collect additional information that you provide directly to us, such as when you respond to surveys or communicate with us. When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address.
- INFORMATION COLLECTED AUTOMATICALLY. When you use our Site, we or our third-party service providers may automatically receive and record certain information from your device or through the Site. For example, this may include your device’s Internet Protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system, user-agent string, web pages you visit or features you use within the Site (including across different devices), the date and time of your activities on the Site, time since your last visit, links you click, searches conducted, the website visited before navigating to the Site, your software and hardware attributes (including browser and operating system type and version, device screen size, and device type), demographic and interest data based on browsing activity, and your general location inferred from IP address. To obtain such information, we or our third-party service providers may use the following technologies to recognize your device and collect information about your device and Site usage:
- SERVER LOGS. When you use our Site, we automatically receive and record certain information from your computer (or other device) and your browser. To obtain such information, we may use server logs or applications that recognize your device and gather information about its online activity.
We may combine information collected through the Site with other information that we or third parties collect about you in other contexts, such as our communications with you. We will treat such combined information in accordance with this Policy.
HOW WE USE INFORMATION
We use the information we collect for a variety of purposes, including:
- PROVIDING OUR SERVICES. To provide our Site to you, carry out the transaction(s) you request, fulfill the terms of any agreement you have with us, process payments, facilitate product reviews and comments, respond to your requests or inquiries, conduct internal recordkeeping, secure your information and our Site, and for other purposes related to managing our business.
- COMMUNICATING WITH YOU. To communicate with you regarding your orders, your account, important updates regarding our products and services, and other administrative matters, including to send you text messages related to your orders and your account (such as order confirmations and shipping updates).
- NEWSLETTERS, PROMOTIONAL MESSAGES, AND ADVERTISING. To send you newsletters or other promotional messages regarding our products or services, and to target our advertising as described in the section below titled “Third-Party Analytics and Interest-Based Advertising.”
- TEXT MARKETING (if applicable): With your permission, we may send text messages about our store, new products, and other updates. Updates include Checkout Reminders. Webhooks will be used to trigger the Checkout Reminders messaging system.
- EMAIL MARKETING (if applicable): With your permission, we may send you emails about our store, new products and other updates.
- ANALYTICS AND IMPROVING THE SITE. To count and recognize visitors to the Site, analyze how visitors use the Site, improve the Site, create new features or services, and conduct analytics, including as described in the section below titled “Third-Party Analytics and Interest-Based Advertising.”
- COMPILING AGGREGATED INFORMATION. To compile aggregated statistics or reports that we may share with our partners or other third parties.
- LEGAL PURPOSES. For legal or other necessary purposes, including as described in the section below titled “How We Share information.”
HOW WE SHARE INFORMATION
We may share information with third parties in various contexts, including:
- SERVICE PROVIDERS. We use third-party service providers to assist us in the operation of our Site, including to manage our communications and newsletters, process payments, host and process data, and conduct analytics and interest-based advertising. We may permit these third-party service providers to collect information on our behalf or share information with these service providers for the purposes described in this Policy.
- THIRD-PARTY PLUGINS. Our Site may integrate third-party plugins (such as a Facebook “like” button and Twitter “follow” button). Even if you do not click on these plugins, they may collect information about you, such as your IP address and the pages that you view. They also may set and/or access cookies or use similar technologies. These plugins are governed by the privacy policies of the companies providing them.
- LEGAL PURPOSES. We may use and disclose information where we believe that doing so is necessary:
- To comply with applicable law or a court order, subpoena, or other legal processes.
- To investigate, prevent, or take action regarding illegal activities, suspected fraud, violations of our terms and conditions, or situations involving threats to Site users, our property, or the property or physical safety of any person or third party.
- To establish, protect, or exercise our legal rights or defend against legal claims.
- AFFILIATES. We may disclose collected information to our affiliates for use as described in this Policy.
- CORPORATE TRANSFERS. In the event of a merger, sale of capital stock or assets, investment, reorganization, bankruptcy, consolidation, or similar transaction, we may share the information we possess to facilitate the transaction, including during due diligence, or as a corporate asset to the acquiring entity.
- AGGREGATED INFORMATION. We may provide third parties with aggregated information about Site users, including demographic and usage information.
THIRD-PARTY ANALYTICS AND INTEREST-BASED ADVERTISING
We partner with third parties to engage in analytics, auditing, research, and reporting on our Site. These third parties collect information regarding your usage of the Site as described in the section above titled “Information that We Collect,” and they may use server logs, cookies, web beacons, tags, pixels, and similar technologies. In particular, we use Google Analytics and Facebook Analytics on our Site. You can learn more about Google Analytics’ data practices here and opt out here. You can learn more about Facebook’s Data Policy here.
We also partner with third parties to provide advertising services that are targeted based on your online activities across websites and devices over time (commonly referred to as “interest-based advertising”). Our advertising partners may collect information about your activities on our Site on your current device and combine it with information about your activities on other websites and devices. They may collect such information using server logs, cookies, web beacons, tags, pixels, cross-device linking, and similar technologies. For example, our advertising partners may use the fact that you visited our websites to target advertising to you on non-Hilma websites on your current device or on other devices you use.
You can opt out of interest-based advertising in web browsers by visiting optout.aboutads.info and optout.networkadvertising.org. Please note that the opt-outs will apply only to the specific browser from which you opt out, and therefore you will need to opt out separately on all of your browsers and devices. If you delete or reset your cookies, change browsers (including upgrading certain browsers), or use a different device, you will need to opt out again. To help preserve your choices in your current browser, you can install the “Protect My Choices” extension that is available at http://www.aboutads.info/PMC. Please note that our Site does not respond to Do Not Track signals at this time.
We currently use the services of the following third-party vendors, who may collect your information. You can click on the hyperlinks below to view their privacy policies.
- Google Analytics - https://policies.google.com/privacy
- Shopify - https://www.shopify.com/legal/privacy
- Klaviyo - https://www.klaviyo.com/privacy
- ReCharge - https://rechargepayments.com/privacy-policy
- Braintree - https://www.braintreepayments.com/legal/braintree-privacy-policy
- Zendesk - https://www.zendesk.com/company/privacy-and-data-protection/
- Hotjar - https://www.hotjar.com/legal/policies/privacy
- Slack - https://slack.com/privacy-policy#applicability
- Facebook Analytics - https://www.facebook.com/policy.php
INFORMATION FOR USERS OUTSIDE THE UNITED STATES
The information that we collect through or in connection with our Site is controlled by Hilma, which is headquartered in the United States. Your information may be transferred to and processed in the United States for the purposes described above. Hilma also may subcontract the processing of your data to, or otherwise share your data with, third parties in the United States or countries other than your country of residence. The data protection laws in these countries may be different from, and less stringent than, those in your country of residence. By agreeing to this Policy when registering for an account on the Site and/or using the Site or by providing any information to us, you expressly consent to such transfer and processing.
YOUR PRIVACY RIGHTS AND CHOICES
Hilma provides you with choices to review, access, and update your information or to exercise your privacy or data protection rights, as follows:
- If you no longer want to receive newsletters or promotional communications from Hilma, please follow the “unsubscribe” instructions that are included at the bottom of each message. Please note that if you unsubscribe from our newsletter or promotional communications, you will still receive administrative messages.
- You may have rights under applicable laws to request access to, correction or deletion of, or restrictions on the processing of, certain information. You also may have rights under applicable laws to opt out or withdraw consent to further processing, request copies of your data, or lodge a complaint with a data protection authority in your jurisdiction. To make such request and/or inquire about such rights, please email firstname.lastname@example.org with “Attn: Privacy” in the subject line. For your protection, we may need to verify your identity or authenticate your information before implementing your request.
Hilma uses reasonable physical, technical, and administrative safeguards to protect your information against loss or unauthorized access, use, modification, or deletion. However, no security program is 100% secure, and thus we cannot guarantee the absolute security of your information. In particular, e-mail sent to or from Hilma may not be secure. Therefore, you should take special care in deciding what information you send to us via e-mail. Please keep this in mind when disclosing any Personal Information to us via the Internet. In the event that personal information is compromised as a breach of security, Hilma will promptly notify our customers in compliance with applicable law.
Hilma retains your information for as long as reasonably necessary for its legitimate business purposes, to provide the Site to you, to fulfill the purposes described in this Policy, or as required by law.
You acknowledge that Hilma may establish general practices and limits concerning use of the Site, including without limitation the maximum period of time that data or other content will be retained by Hilma and the maximum storage space that will be allotted on Hilma’s servers on your behalf. You further acknowledge that Hilma reserves the right to change these general practices and limits at any time, in its sole discretion. We will endeavor to give you notice of any such change where required by applicable law.
LINKS TO OTHER WEBSITES AND SOCIAL NETWORKING SERVICES
The Site may contain links to websites or mobile apps of other third parties, including social media sharing features that link to third-party websites. If you follow a link to any of these websites or apps, please note that these websites and apps (and any services that may be accessible through them) have their own privacy policies. We are not responsible for the privacy practices of other websites or apps or the information you share through such other websites or apps. We encourage our users to be aware when they leave the Site and to read the privacy policies applicable to such third-party websites and apps. This Policy applies solely to information collected in connection with the Site.
The Site allows you to post information to various social networking services like Instagram, Twitter, and Facebook. You acknowledge that if you choose to use this feature, your friends, followers and subscribers on these third-party services or platforms will be able to view such activity. If you choose to access or make use of third-party social networking services, we may receive information about you that you have made available to those social networking services, including information about your contacts on those social networking services. The use of the information by such social networking websites will be governed by their privacy policies, and we do not control their use of the shared data.
PRIVACY RIGHTS OF CALIFORNIA RESIDENTS
For more information regarding the privacy rights of California residents please see our Privacy Notice for California Residents.
Our Site is not intended for use by children under the age of 13. We request that such children do not provide information to us through the Site.
We ask that you not send us, and you not disclose, any sensitive information (e.g., social security numbers, financial information, health information, information related to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data, or sexual orientation) on or through the Site or otherwise to us.
We may revise this Policy in the future. If we make any material changes, we will post the revised Policy on our Site, with an effective date indicating when the revised Policy will take effect. Your continued use of our Website following the posting of changes constitutes your acceptance of any such changes.
If you have any questions regarding this Policy, please contact us by email at email@example.com, with “Attn: Privacy” in the subject line.