LAST UPDATED: August 5th, 2020
I. IMPORTANT INFORMATION AND WHO WE ARE
II.THE INFORMATION WE COLLECT ABOUT YOU
III. HOW IS YOUR PERSONAL INFORMATION COLLECTED
IV. THIRD PARTY INTERACTIONS
V. THIRD PARTY ANALYTICS PROVIDERS & AD SERVERS; ONLINE TRACKING
VI. HOW WE USE YOUR PERSONAL INFORMATION
VII. DISCLOSURES OF YOUR PERSONAL INFORMATION
VIII. YOUR CHOICES
IX. DATA SECURITY
X. USERS OUTSIDE OF THE CANADA AND INTERNATIONAL TRANSFERS
XII. ADDITIONAL INFORMATION FOR RESIDENTS OF THE EUROPEAN UNION
I. IMPORTANT INFORMATION AND WHO WE ARE
It is important that the Personal Information we hold about you is accurate and current. Please keep us informed if your Personal Information changes during your relationship with us. You are responsible for maintaining the accuracy of the information you submit to us, such as your contact information. If you contact us with changes, we will make good faith efforts to make requested changes in our then-active databases as soon as reasonably practicable. Note, however, that information may persist internally for our administrative purposes and that residual data may remain on backup media or for other reasons.
D. THIRD PARTY CONTENT, LINKS TO OTHER WEBSITES, AND CS GROUP CONTENT FOUND OUTSIDE THE WEBSITES
E. THE INFORMATION WE COLLECT ABOUT YOU
Personal Information or personal data means any information about an individual from which that person can be identified. It does not include information where the identity has been removed (anonymous data). We and our third-party service providers may collect, use, store and transfer different kinds of Personal Information about you that we have grouped together as follows:
- IDENTITY INFORMATION includes name, username or similar identifier, title, date of birth, and gender.
- DEMOGRAPHIC INFORMATION includes zip code, age and/or income.
- CONTACT INFORMATION includes billing address, delivery address, email address and telephone numbers.
- FINANCIAL INFORMATION includes bank account and payment card details (applicable if any payments were made).
- TRANSACTION INFORMATION includes details about payments to and from you and other details of services you have purchased from us (applicable if any payments has been made).
- TECHNICAL INFORMATION includes internet protocol (IP) address, your login data, browser type and version, time zone setting and geographical location, browser plug-in types and versions, operating system and platform and other technology or other unique identifier (a set of numbers or characters that is assigned to your computer, mobile phone, or other device when you are on the Internet) (“Device Identifier”) for any computer, mobile phone, tablet or other device (any of which are referred to herein as a “Device”) used to access the Websites.
- PROFILE INFORMATION includes your username and password, purchases or orders made by you (applicable if any orders were made), your interests, preferences, product feedback, and survey responses.
- USAGE DATA includes information about how you use our Websites, products and services, including all of the areas within our Websites that you visit or use and the time of day you visited the Websites, among other information.
- MARKETING AND COMMUNICATIONS INFORMATION includes your preferences in receiving marketing from us and our third parties and your communication preferences.
- LOCATION INFORMATION includes information about your location using a variety of technologies, such as GPS, IP address, and connected or nearby Wi-Fi networks.
- USER CONTENT INFORMATION includes text (including questions, comments, and suggestions), pictures, audio, videos, or other content (collectively, “User Content”) you share by participating and posting content publicly in reviews, interactive features, or other communication functionality (“Community Features”).
III. HOW WE COLLECT YOUR PERSONAL INFORMATION
We use different methods to collect information from and about you including through:
- DIRECT INTERACTIONS. You may give us your Identity, Demographic, Contact, Financial, Profile, or Marketing and Communications Information by filling in forms or by corresponding with us by mail, phone, email, or otherwise. This includes Personal Information you provide when you:
- purchase our products or services;
- create an account on our Websites;
- subscribe to emails or newsletters;
- request services or other information;
- enter a competition, promotion or survey; or
- give us feedback about products, services, or the Websites.
- AUTOMATED TECHNOLOGIES OR INTERACTIONS.
As you navigate through the Websites, we may automatically collect Technical, Usage, and Location Information about your equipment, browsing actions and patterns. We collect this Personal Information by using cookies, pixel tags, embedded scripts and other similar technologies. [We may also receive Technical Information about you if you visit other websites employing our cookies.]
- COOKIES – Cookies are small data files that a website sends to your Device while you are viewing the website that are stored on the Device. Cookies can be used for many purposes, including to monitor use of websites, to customize content specific to your interests, to ensure that you do not see the same advertisement repeatedly, to speed up your searches and purchases and to recognize you when you return to our Websites and/or store your user name and password so you do not have to re-enter it each time you visit the Websites. You may refuse to accept cookies by activating the appropriate setting on your browser. However, if you choose to disable cookies on your Device, some features of the Websites or our content may not function properly.
- PIXEL TAG – Pixel Tags (also referred to as clear GIFs, 1×1 GIFs Web beacons, or Web bugs) are small graphic images or other web programming code that may be included on the Websites and in our e-mail messages. In contrast to Cookies, which are stored on a user’s Device, Pixel Tags are embedded invisibly in web pages. Pixel Tags may be invisible to you, but any electronic image or other web programming code inserted into a web page or e-mail can act as a pixel tag. Pixel Tags or similar technologies may be used for a number of purposes, including, without limitation, to count visitors to the Websites, to monitor how users navigate the Websites, to count how many e-mails that were sent were actually opened or to count how many particular articles or links were actually viewed.
- EMBEDDED SCRIPTS – Embedded scripts are programming code designed to collect information about your interactions with the Websites, such as the links you click. The code is temporarily downloaded onto your Device from our web server or a third party service provider, and is active only while you are connected to the Websites.
- FLASH LSOS – When we post videos, third parties may use local shared objects, known as “flash cookies,” to store your preferences for volume control or to personalize certain video features. Flash Cookies are different from browser Cookies because of the amount and type of data and how the data is stored. Cookie management tools provided by your browser will not remove Flash Cookies. To learn how to manage privacy and storage settings for Flash Cookies, please visit:
- Technical Information from the following parties: ○ analytics providers; ○ advertising networks; and ○ search information.
- Contact, Financial and Transaction Information from providers of technical, payment and delivery services.
- Identity and Contact Information from publicly available sources.
- INFORMATION PROVIDED FROM OTHER USERS. If you decide to invite a third party to create an account and/or purchase our merchandise, we will collect the Identity and Contact Information you provide (e.g., name and e-mail address) for you and the third party in order to send a message to the third party and follow up with the third party. We rely upon you to obtain whatever consents from the third party that may be required by law to allow us to collect such information and contact the third party as described in the foregoing sentence. You or the third party may contact us at email@example.com to request the removal of this information from our database.
IV. THIRD-PARTY INTERACTIONS
The information collected and stored by the third party remains subject to the third party’s privacy practices, including whether the third party continues to share information with us, the types of information shared, and your choices with regard to what is visible to others on that third-party website or service.
V. THIRD-PARTY ANALYTICS PROVIDERS & AD SERVERS; ONLINE TRACKING
CS Group works with certain third parties (including network advertisers, ad agencies, and analytics companies) to provide us with information regarding traffic on the Websites, to serve advertisements, including our advertisements elsewhere online, and to provide us with information regarding the use of the Websites and the effectiveness of our advertisements.
We may share Device Identifier and Usage Data about visitors with third party advertising companies, analytics providers and other vendors for similar purposes. While we may use a variety of service providers to perform advertising and analytics services, some of these companies may be members of the Network Advertising Initiative (“NAI”) or the Digital Advertising Alliance (“DAA”) Self-Regulatory Program for Online Behavioral Advertising.
For additional information regarding targeted advertising and the “opt-out” procedures of NAI members and DAA Self-Regulatory Program participating companies, you may visit:
- NAI Opt-Out Tool (for website users):
- DAA Consumer Choice (for website users): http://www.aboutads.info/choices/
- DAA AppChoices (for mobile app users): http://youradchoices.com/appchoices
Please note that opting out through these mechanisms does not opt you out of being served advertising. You will continue to receive generic ads while visiting the Websites and elsewhere online. Some third parties may collect Personal Information about your online activities over time and across different websites.
Your browser settings may allow you to automatically transmit a “Do Not Track” signal to websites and online services you visit. However, there is no consensus among industry participants as to what “Do Not Track” means in this context. Like many websites and online services, the Websites currently do not respond to or alter their practices when they receive a “Do Not Track” signal from a visitor’s browser. To find out more about “Do Not Track,” you may wish to visit http://www.allaboutdnt.com.
VI. HOW WE USE YOUR PERSONAL INFORMATION
We may use the information we collect about you, including Personal Information and Usage Data:
- to provide you with our products and services and related customer service;
- to process your registration and account creation with the Websites, including verifying your contact information is active and valid;
- to identify you as a user in our system;
- to provide you with information, products or services that you have requested or agreed to receive;
- to provide improved administration of our Websites and services;
- (if applicable) to process transactions you initiate, process payments and provide accurate billing and shipping;
- (if applicable) to send you administrative e-mail notifications, such as order confirmations, order status updates, security, or support and maintenance advisories;
- (if applicable) to bill you for CS Group products or services;
- respond to your inquiries related to employment opportunities or other requests;
- send newsletters, surveys, offers, and other promotional materials related to our services and for other marketing purposes of CS Group;
- to market our products/ services, including recommending products / services that might be of interest to you;
- to improve our Websites, product and service offerings;
- to present our Websites and its contents in a suitable and effective manner for you and for your computer;
- to customize and tailor your experience on the Websites, for example, by displaying content that we think you might be interested in;
- to improve the quality of experience when you interact with our Site and Services for internal business purposes;
- to carry out our obligations and enforce our rights arising from any contracts entered into between you and us;
- to notify you about changes to our service;
- to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities;
- to contact you with regard to your use of the Websites and, in our discretion, changes to the Websites policies or functionality; and
We may use your Identity, Contact, Technical, Usage and Profile Information to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you.You will receive newsletters or marketing communications from us if you have requested information from, purchased goods or services from us, or if you provided us with your details when you entered a competition or registered for a promotion and, in each case, you have consented receiving marketing communications at that time.
A cookie is a data file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server. Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed. Cookies do not typically contain any information that personally identifies a user, but Personal Information that we store about you may be linked to the information stored in and obtained from cookies.
We may use both session cookies and persistent cookies to provide you with a more personal and interactive experience on our Site. This type of information is collected to make the Websites more useful to you and to tailor the experience with us to meet your special interests and needs.
Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain information about blocking and deleting cookies for some commonly used browsers via the links below:
- CHROME: https://support.google.com/chrome/answer/95647?hl=en;
- EDGE: https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy;
- FIREFOX: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences;
- INTERNET EXPLORER: https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies;
- OPERA: http://www.opera.com/help/tutorials/security/cookies/; and
- SAFARI: https://support.apple.com/kb/PH21411.
Please note that blocking all cookies will have a negative impact upon the usability of many websites and if you choose to block cookies, you may not be able to use all the features on our Websites.
VII. DISCLOSURES OF YOUR PERSONAL INFORMATION
A. INTERNAL THIRD PARTIES
CS Group may, and reserves the right to, share your information with any other company that is not presently, but becomes, a CS Group parent, subsidiary, or affiliate. You may be presented with an opportunity to receive information and/or marketing offers from CS Group and our affiliated businesses, partners and agents. If you agree at that time to receive such communications, your Personal Information will be disclosed to that third party (or parties). For more information, please refer to the Marketing Communications section.
B. EXTERNAL THIRD PARTIES
Third Party Service Providers
We may also share Information when we work with businesses, partners or agents to develop a direct relationship with you or in connection with the Referral Program.
These service providers may store or use your information outside of the EU or United States.
Administrative & Legal Reasons
We may transfer and disclose information, including Personal Information, to third parties:
- to comply with a valid legal inquiry, investigation, or process such as a search warrant, subpoena, statute or court order, or if in our opinion such disclosure is required by law;
- to obtain or maintain insurance coverage, manage risks, obtain professional advice, or establish, exercise or defend legal claims, whether in court proceedings or in an administrative or out-of-court procedure;
- to protect the safety, interests, rights, property or security of CS Group, you, or any third party; this may include exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction;
- to respond to a breach or attempted breach of the security of our Websites;
- at the request of governmental authorities conducting an investigation.
We may also use Technical Information to identify users, and may do so in cooperation with copyright owners, Internet service providers, wireless service providers, or law enforcement agencies in our discretion.
Social Networking Sites
As set forth in Section III, our Websites and services enable you to post User Content through Community Features. If you choose to use these features, you will be identified by your first name and last initial. Please note that any Personal Information you include on a public area of the Site will be publicly viewable. Once displayed publicly, that information can be collected and used by others. We cannot control who reads your postings or what other users may do with the information that you voluntarily post, so it is very important that you do not put data such as private contact information that you do not want to make available to the public in your posts. Once you have posted information publicly, while you will still be able to edit and delete it on the Site, you will not be able to edit or delete such information cached, collected, and stored elsewhere by others (e.g., search engines).
C. SHARING BETWEEN CS GROUP COMPANIES; BUSINESS TRANSFERS
VIII. YOUR CHOICES
You have several choices regarding the use of information on our Websites and services:
A. ACCESSING, UPDATING, CORRECTING OR DELETING INFORMATION
You can review, request access to, update, correct or delete your Personal Information by contacting us at firstname.lastname@example.org.
You may request deletion of your Personal information by contacting us and we will use commercially reasonable efforts to honor your request, but please note that we may be required to keep such information and not delete it (or to keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements). When we delete any information, it will be deleted from the active database, but may remain in our archives. We may also retain information for fraud prevention or similar purposes. Also, note that we may need to delete your user account in order to delete your Personal Information.
You are responsible for maintaining the accuracy of the information you submit to us, such as your contact information. If you contact us with changes, we will make good faith efforts to make requested changes in our then-active databases as soon as reasonably practicable. Note, however, that information may persist internally for our administrative purposes and that residual data may remain on backup media or for other reasons.
B. OPTING OUT
C. CHOOSING NOT TO SHARE PERSONAL INFORMATION
You may choose not to provide us with any Personal Information. In such an event, you may still be able to access and use some of the Websites; however you may not be able to access and use those portions of the Websites that require your Personal Information. You may opt out of receiving marketing e-mails by following the opt-out instructions above or provided to you in those e-mails. Please note that we reserve the right to send you certain communications relating to your account or use of any of the Websites (for example, administrative and service announcements, shipping notices, and order confirmations) and these transactional account messages may be unaffected if you opt-out from marketing communications.
Where we need to collect Personal Information by law, or under the terms of a contract we have with you and you fail to provide that information when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
D. MARKETING COMMUNICATIONS
We strive to provide you with choices regarding certain Personal Information uses, particularly around marketing and advertising. You can opt-out of such communications as outlined in Section B, above Please note that you may continue to receive service-related and other non-marketing communications.
- DE-LINKING THIRD PARTY INTERACTIONS AND SNS
As set forth in Section IV, our Websites and services enable you to interact with or post content to certain third parties and SNSs. If you would like to discontinue these interactions and connections, please refer to the privacy settings of the third party or SNS to determine how you may adjust our permissions and manage the interactivity between the Services and your social media account.
IX. DATA SECURITY
CS Group uses commercially reasonable security measures to safeguard the Personal Information we collect from loss, misuse and unauthorized access, disclosure, alteration and destruction. However, please note that no system can be completely secure and CS Group does not ensure or warrant the security of any information we collect. You use our Websites and provide us with your information at your own risk.
We have put in place procedures to deal with any suspected Personal Information breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
X. USERS OUTSIDE OF THE CANADA AND INTERNATIONAL TRANSFERS
The Websites are hosted and operated in the Canada and third party service providers and partners operate in the Canada and other jurisdictions. If you are located outside of the Canada, please be aware that any information you provide to us may be transferred to and processed in the Canada and other countries. By using the Websites, or providing us with any information, you acknowledge and consent to this transfer, processing and storage of your information in countries where the privacy laws may be less stringent than those in the country where you reside or are a citizen.
XII. ADDITIONAL INFORMATION FOR RESIDENTS OF THE EUROPEAN UNION
A. PERSONAL INFORMATION
B. LEGAL BASES FOR PROCESSING PERSONAL DATA
We will only use your personal data when the law allows us to do so. Most commonly, we will use your Personal Information in the following circumstances:
- Where we need to perform obligations relating to a contract to which you are a party or to take steps at your request before entering into such a contract.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. Our legitimate interests include those related to conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your Personal Information for our legitimate interests. We do not use your Personal Information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.
- Where we need to comply with a legal or regulatory obligation.
Generally, we do not rely on consent as a legal basis for processing your Personal Information other than in relation to sending marketing communications to you via email. You have the right to withdraw consent to marketing at any time by contacting us using the contact information provided above.
We have set out below, in a table format, a description of the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate. Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data.
D. DATA RETENTION
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances, you can ask us to delete your data: see the Request Erasure subsection below for further information.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
E. CHANGE OF PURPOSE
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis that allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
F. EU RESIDENT PERSONAL DATA RIGHTS
Under certain circumstances, EU Residents may have rights under data protection laws in relation to your personal data as outlined below:
- REQUEST ACCESS to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- REQUEST CORRECTION of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
- REQUEST ERASURE of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons that will be notified to you, if applicable, at the time of your request.
- OBJECT TO PROCESSING of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation that makes you want to object to processing on this ground as you feel it affects your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information that override your rights and freedoms.
- REQUEST RESTRICTION OF PROCESSING of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
- REQUEST THE TRANSFER of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
- WITHDRAW CONSENT at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
If you wish to exercise any of the rights set out above, please contact email@example.com.
No Fee Usually Required
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
What We May Need From You
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time Limit To Respond
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Complaints to Supervisory Authority
EU Residents may have the right to make a complaint at any time to the supervisory authority for data protection issues. However, we would appreciate the chance to deal with your concerns before you approach the supervisory authority so please first contact us directly to allow us to do so.