Date of Last Update: 5/23/2018
- Personal Information That May Be Collected
(a) Identifying Information. In order to subscribe to the Service, Nichefire will request a user to provide certain personal identifying information, which may include: name, company they work for, role or title at such company, postal address, e-mail address, screen name, password, telephone number, method of payment, and, if applicable, credit card number. Nichefire may also collect publicly available information from sources, such as a user’s social media accounts. Nichefire may request additional information necessary to establish and maintain customer’s account. (b) Service Quality Monitoring. Some website transactions may require a customer to telephone Nichefire, or Nichefire to call the customer. Nichefire will not contact you by telephone without your prior consent, except to confirm an order placed online, inform a customer of the status of such order, or respond to some other customer inquiry. (c) Information from Children. Nichefire does not collect or maintain information from users actually known to be under the age of 13, and no part of Nichefire’s website or Service is structured to attract anyone under the age of 13. (d) Lost or Stolen Information. If a customer’s credit card and/or password is lost or stolen, the customer should promptly notify Nichefire in order to enable Nichefire to cancel the lost or stolen information and to update its records with a changed credit card and/or password. (e) Third Party and Publicly Available Sources: We may receive personal data on users from various third parties and public sources. Sources include:
- Analytics providers based outside the EU
- Geolocation data outside the EU
- Census data
- Identity, usage data, and profile information from publicly available sources, such as social media sites, outside of the EU
- Uses Made of the Information
(a) Limited Uses Identified. Without customer’s prior consent, Nichefire will not use your personal identifiable information for any purpose other than that for which it is submitted. Nichefire uses personal identifiable information to service your account, reply to inquiries, handle complaints, provide operational notices and in program record-keeping. Nichefire also processes billing and business requests related to the Service. (b) Marketing Uses. Nichefire reserves the right to provide customers with information about Nichefire’s website, Nichefire products and services, and related information in which customer has indicated an interest. Nichefire does not sell or lease customer information to third-parties for marketing purposes, but reserves the right to sell customer information as part of a sale of Nichefire’s business, as described in Section 4. (c) Stored Information Uses. Nichefire stores the information provided by customers. This information is used to compile a customer’s purchase history in order to enable Nichefire to recommend products, services, or special offers that would be of interest to a customer, to support customer interaction with Nichefire; to deliver customer purchases, and/or to contact customer again about other Nichefire services and products.
- Disclosure of the Information
(a) Within Corporate Organization. Nichefire may share your personal information within the Nichefire corporate organization, and may transfer the information to countries in the world where Nichefire conducts business. (b) Mergers and Acquisitions. Circumstances may arise where for business reasons, Nichefire decides to sell, buy, merge or otherwise reorganize its businesses in the United States or some other country. Such a transaction may involve the disclosure and/or sale of personal identifying information to prospective or actual purchasers. It is Nichefire’s practice to seek appropriate protection for information in these types of transactions. Also, in the event Nichefire is acquired, customer information will be one of the transferred assets. (c) Agents. Nichefire may employ other companies and individuals to perform business functions on behalf of Nichefire. These persons or companies are provided with personal identifying information required to perform their functions, but are prohibited by contract from using the information for other purposes. These companies or persons engage in a variety of functions which include, but are not limited to, fulfilling orders, removing repetitive information from customer lists, analyzing data, providing marketing assistance, processing credit card payments, and providing customer service. (d) Marketing Analysis by Third-parties. Nichefire reserves the right to disclose to third-parties personal information about customers for marketing analysis; however, any information disclosed will be in the form of aggregate data that does not describe or identify an individual customer. (e) Disclosure to Governmental Authorities. Under certain circumstances, personal information may be subject to disclosure pursuant to a judicial or other government subpoenas, warrants or orders.
- Use of Computer Tracking Technologies
- Information Security
(a) Commitment to Online Security. Nichefire employs physical, electronic and managerial procedures to safeguard the security and integrity of personal information. Billing and payment data is encrypted whenever transmitted or received online. Personal information is accessible only by staff designated to handle online requests or complaints. (b) No Liability for Acts of Third-parties. Nichefire will exercise all reasonable efforts to safeguard the confidentiality of customer personal information. However, transmissions protected by industry standard security technology and implemented by human beings cannot be made absolutely secure. Consequently, Nichefire shall not be liable for unauthorized disclosure of personal information due to no fault of Nichefire including, but not limited to, errors in transmission and unauthorized acts of Nichefire staff and/or third-parties.
- Access Rights to Data
(a) Information Maintained by Nichefire. Upon customer’s request, Nichefire will provide a reasonable description of customer’s personally identifiable information that Nichefire maintains in its data bank. (b) Corrections and Changes to Personal Information. Help Nichefire to keep your personal information accurate. If your personal information changes, or if you note an error upon review of customer information that Nichefire has on file, please go to your customer account page to update your account with the new or correct information.
- EU Users.
Under the General Data Protection Regulation (GDPR), individuals located in the EU have the right under certain circumstances:
- to be provided with a copy of their personal data held by us;
- to request the update, correction, or erasure of any of their personal data held by us;
- to object to any further processing of their personal data, including the right to object to marketing communications;
- to request that we restrict the processing of their personal data;
- to request that the data they have provided be transferred to a third party; and
- to withdraw consent: where the basis of processing their personal information is based on consent, they have the right to withdraw that consent at any time.
You can exercise the rights listed above at any time by contacting us at firstname.lastname@example.org or through the Contact Us options noted below.You will not have to pay a fee to access your data or to exercise any other rights. We may, however, charge a fee if we believe your request is unfounded or excessive.We may need to request specific information from you to enable us to confirm your identity and to ensure that you have the right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that your personal data is not disclosed to any person who does not have the right to receive it. We may also contact you to ask you for further information in relation to your request, in order to process your request.We aim to respond to all legitimate requests within 30 days. Occasionally, it may take us longer than 30 days to process your request pending the extent and complexity of your request. In this case, we will notify you and keep you updated.If your request or concern is not satisfactorily resolved by us, you may approach your local data protection authority (see http://ec.europa.eu/justice/dataprotection/internationaltransfers/transfer/index_en.html) that can provide further information about your rights and our obligations in relation to your personal data. In the UK, this is the Information Commissioner (https://ico.org.uk/).