We, Puff Offers, are an Ontario company, having it’s registered office in Ontario, are the data controller for the purposes of European Data Privacy Laws and can be contacted by mail at the email address indicated at paragraph 13. You may email us for the contact information for Puff Offers’s representative in the EU.
1.Collection of Information and categories of personal data concerned.
1.1 Survey Information. We collect information from you and other individuals by various methods, including, but not limited to, when you voluntarily complete our survey, order form, or a registration page either online or offline, or by means of online or offline surveys, order forms, or registration pages operated by third parties (collectively, “Survey”). (As used herein, “online” means using the Internet, including the Website, and related technologies, and “offline” means by methods other than online, including in person, in the postal mail, using telephones and cell phones, and other similar means.) In the Surveys, the Company or a third party (a “Third Party“) may ask an individual to provide various information to us, which may include your name, email address, street address, zip code/postal code, telephone numbers (including wireless phone numbers and wireless carriers), SMS messaging details (e.g. date, time and content of the SMS message), birth date, gender, salary range, education and marital status, occupation, social security number, employment information, personal and online interests, and such other information as may be requested from time to time (together, “Survey Information“). We may also collect information concerning you from another source and use that information in combination with information provided from this Website. Completing the Survey(s) is completely voluntary, and individuals are under no obligation to provide Survey Information to us or a Third Party, but an individual may receive incentives from us or a Third Party in exchange for providing Survey Information to us.
1.2 Third Party List Information. We collect information from you when you provide information to a third party and we subsequently purchase, license, or otherwise acquire your information from the third party (the “Seller“). Such purchased information may include, but is not limited to, your name, email address, street address, zip code/postal code, telephone numbers (including wireless phone numbers and wireless carriers), SMS messaging details (e.g. date, time and content of the SMS message), birth date, gender, salary range, education and marital status, occupation, industry of employment, personal and online interests, and such other information as the individual may have provided to the Seller (together, “Third Party List Information“). When acquiring Third Party List Information, we seek assurances from the Seller that the Seller has a right to transfer the Third Party List Information to us and that the Seller has a right to provide offers from advertisers to you (the individual whose personal information is included on the Seller’s list) under applicable laws.
1.3 Other Information. Other occasions when we obtain your information include (1) when you make a claim for a prize or seek to redeem an incentive offered by us or by a Third Party, (2) when you request assistance through our Customer Service Department, and (3) when you voluntarily subscribe to our services or newsletters (together, “Other Information“).
1.4 Cookies, Web Beacons, and Other Information Collected Using Technology. We currently use cookie and web beacon technology to associate certain Internet-related information about you with information about you in our database. Additionally, we may use other new and evolving sources of information in the future (together, “Technology Information“).
(b) Web Beacons. A web beacon is programming code that can be used to display an image on a web page, but can also be used to transfer an individual’s unique user identification (often in the form of a cookie) to a database and associate the individual with previously acquired information about an individual in a database. This allows us to track certain websites/apps/emails you visit/use/view online: ours, those of publishers with whom we are directly or indirectly in a contractual relationship (our “Publishers”) and those of advertising buyers with whom we are directly or indirectly in a contractual relationship (our “Advertising Buyer“) to which you are directed after clicking on advertising content. Web beacons when used on our, or our Publishers’, websites/apps/emails are used to determine products or services you may be interested in, and to track online behavioral habits for marketing purposes. For example, we might place, with the consent of a Publisher’s website, a web beacon on the Publisher’s website where baseball products are sold. When “Pat”, an individual listed in our database, visits the Publisher’s website, we receive notice by means of the web beacon that Pat visited the baseball site, and we would then update Pat’s profile with the information that Pat is interested in baseball. We may thereafter present offers of baseball related products and services to Pat. Web beacons when used on our Advertising Buyers’ websites are used to determine if you have viewed certain pages on their website, made a purchase (including category and size of purchase), registered for a newsletter, taken a survey or taken another action, insofar as this information is relevant for calculating the commission we get paid directly or indirectly by the relevant Advertising Buyer.
1.5 Outside Information. We may receive information about you from Third Parties or from other sources of information outside of the Company including information located in public databases (“Outside Information”).
1.6 No Information Collected from Children. We will never knowingly collect any personal information about children under the age of 13 (a “Minor”). The Website is not directed to Minors. If we obtain actual knowledge that we collected personal information about a Minor, that information will be automatically deleted from our database. Because we do not collect such information, we have no such information to use or to disclose to Third Parties. We have designed this policy in order to comply with the Children’s Online Privacy Protection Act (“COPPA”). You may read more about COPPA at http://www.coppa.org. If you become aware that your child, a Minor, has provided us with personal information without your consent, you should contact us immediately. As regards the processing of personal data about children falling within the scope of European Data Privacy Laws which require the child’s representative’s consent, we assimilate to children under 16 permitted by the national law of the European country where the children reside.
1.7 Log File Information. When you log-in to access your account, our servers may automatically record and archive certain information (“Log File Information”) that web-browsers send whenever visiting our Website or visiting/using/viewing the website/app/email of ourselves or one of our Publishers or Advertising Buyers. These server logs may include information vital to validating your authorization to access the account. Information, such as a web request, Internet Protocol (the “IP”) address, browser type, browser language, referring pages, exit pages and visited URLs, platform type, click counts, pages viewed and in what order, time spent, the date and time of the request, and other important data that is necessary to validate and authorize your entry and activity on our Website. Information about pages viewed on an Advertising Buyer’s website may be converted in information about whether a purchase of a certain amount of a certain category was made, whether one registered with newsletter or took a survey or another action.
1.8 Credit Card Information. We may in certain cases collect credit card numbers and related information to the greatest extent permitted by applicable laws, such as the expiration date of the card (“Credit Card Information”) when you place an order with us. When the Credit Card Information is submitted to us, such information is encrypted and is protected with SSL encryption software. We will use the Credit Card Information for purposes of processing and completing the purchase transaction, and the Credit Card Information will be disclosed to Third Parties only as necessary to complete the purchase transaction.
1.9 Credit Card Information. We may in certain cases collect credit card numbers and related information to the greatest extent permitted by applicable laws, such as the expiration date of the card (“Credit Card Information”) when you place an order with us. When the Credit Card Information is submitted to us, such information is encrypted and is protected with SSL encryption software. We will use the Credit Card Information for purposes of processing and completing the purchase transaction, and the Credit Card Information will be disclosed to Third Parties only as necessary to complete the purchase transaction.
2. Use of Your Individual Information and purposes of their processing.
2.2 Email. We use your Individual Information to provide promotional offers by email to you. We may maintain separate email lists for different purposes. If you wish to end your email subscription from a particular list, you need to follow the instructions at the end of each email message to unsubscribe from the particular list. To unsubscribe from all of our email lists, you must send an email to email@example.com, as further detailed in paragraph 8.
2.2(a) Content of Email Messages. In certain commercial email messages sent by us, an advertiser’s name will appear in the “From:” line but hitting the “Reply” button will cause a reply email to be sent to us. The “Subject:” line of our email messages will usually contain a line provided from the advertiser to us.
2.2(b) Solicited Email. We only send email to individuals who have agreed on the Website to receive email from us or, to the greatest permitted by applicable law, to individuals who have agreed on Third Party websites to receive email from Third Parties such as the Company. We do not send unsolicited email messages as generally understood and, as a result, legislation requiring certain formatting for unsolicited email do not apply to our email messages; we may however rely on European Data Privacy Laws when an email is considered unsolicited thereunder.
2.3 Targeted Advertising. We use your Individual Information to target advertising to you. When you use the Internet, we use Technology Information (see also Section 2.6) to associate you with your Individual Information, and we attempt to show advertising for products and services in which you have expressed an interest in the Surveys, indicated an interest by means of Technology Information, and otherwise. We may, at our discretion, target advertising by using email, direct mail, telephones, cell phones, and other means of communication to provide promotional offers to you.
2.4 Direct Mail and Telemarketing. We use your Individual Information to advertise, directly or indirectly, to you using direct mail marketing or telemarketing using telephones and cell phones.
2.5 Mobile Phone SMS Messaging. In certain cases, when requested by an individual, a Third Party may use your Individual Information to provide customized content and advertising via SMS messaging to your cell phone or wireless device. We are not responsible for the privacy practices or the content of such Third Parties.
2.6 Use of Technology Information. We use Technology Information (1) to match your Survey Information and Third Party List Information to other categories of your Individual Information to make and improve your profiles, (2) to track your online browsing habits on the Internet, (3) to determine which areas of our Websites are most frequently visited. This information helps us to better understand the online habits of individuals, including you, so that we can target advertising and promotions to you and other individuals. We also use Technology Information (4) to compute the commission we charge to Advertising Buyers or, in case of Advertising Buyers who directly or indirectly contracted with an advertising agency or other entity who contracted with us, the latter entity, which may be based on advertising views, clicks on advertising content or any subsequent action such as a purchase or a registration to a newsletter.
2.7 Profiles of Individuals. We use your Individual Information to make a profile. A profile can be created by combining Survey Information and Third Party List Information with other sources of your Individual Information such as information obtained from public databases.
2.8 Storage of Your Individual Information. We store your Individual Information in a database on our computers. Our computers have security measures (such as a firewall) in place to protect against the loss, misuse, and alteration of Individual Information under our control. Notwithstanding such measures, we cannot guarantee that our security measures will prevent our computers from being illegally accessed, and your Individual Information on them stolen or altered. Please also see paragraph 7 below.
2.9 Do Not Call Registry Compliance. By submitting your personal contact and/or financial information through the Website, you hereby grant written permission to the Company, its affiliated sites, and its business partners for contact via telephone, voice broadcasts, mail, SMS text message, and/or e-mail, to the greatest extent permitted by applicable law. Further, by registering on the Website you are consenting to receive phone calls from the Company, its affiliated sites, and its business partners for contact via telephone and thereby waive your right to file a claim with the Federal Trade Commission (FTC) or any other agency in reference to these calls or contacts, to the greatest extent permitted by applicable law. This section 2.9 does not apply to individuals in the EEA when European Data Privacy Laws apply.
2.10 Website Display. We use your Technology Information to ensure that content from the Website is presented in the most effective manner for you and for your computer.
2.11 Performance of contracts. We use your Individual Information to carry out our obligations arising from any contracts entered into between us and you or your employer.
2.12 Statistics. We anonymise your Individual Information in order to generate statistical data that, to the extent that anonymized data ceases to be personal data, we may use for a variety of purposes.
2.13 Compliance with legal obligation. We may use your Individual Information to comply with our legal obligations.
2.14 Investors. We may use your Individual Information on a confidential basis to debt or equity investors envisaging investing or who have invested, directly or indirectly, in any of our entities, businesses or asset.
3. Legal basis of our personal data processing activities under European Data Privacy Laws
When European Data Privacy Laws apply and you are an individual in the EEA, we inform you that we are allowed to process your personal data on the following legal bases.
3.1 Legitimate interests. We are permitted to process your personal data if it is based on our ‘legitimate interests’ i.e. we have good, sensible, practical reasons for processing your personal data which is in our interests. To do so, we have considered the impact on your interests and rights, and have placed appropriate safeguards to ensure that the intrusion on your privacy is reduced as much as possible. The following personal data processing activities are based on this ground:
(a) the uses described in 2.2 (Email), 2.4 (Direct Mail and Telemarketing) and in 2.5 (Mobile Phone SMS Messaging) when we do not have consent, provided it concerns products or services similar to those sold by the same entity to the relevant end-user and provided that the latter has been given the opportunity to opt-out at the time of collection and each time he or she receives a communication or, where permitted by European Data Privacy Laws, when the recipient is a professional or in case of voice-to-voice (non-automated) calls;
(b) the uses described in 2.3 (Targeted Advertising), 2.6 (Use of Technology Information) and 2.7 (Profiles of Individuals) when we do not have consent but only to the greatest extent permitted by law (and more particularly the European e-privacy regulation upon its entry into force), to the extent it is in our legitimate interest as an advertising agency to provide advertising – and the legitimate interests of all of us living in a society based on free trade, technology innovation and freedom of speech that online targeted advertising be permitted with appropriate safeguards including when obtaining a consent meeting the strict standards of the GDPR is impossible or would involve a disproportionate effort – and our profiling processing activities do not produce legal effects concerning individuals or similarly significantly affect them (and we do not share the personal data used for or generated by these profiling processing activities with third parties who could use it for such purposes and appropriately secure it) and you can object to it, so that we assessed that our legitimate interests are not overridden by your interests and fundamental rights and freedoms;
(c) the uses described in 2.8 (Storage of Your Individual Information), 2.10 (Website Display), 2.12 (Statistics) and 2.14 (Investors).
3.2 Contract. We are also permitted to process your personal data every time it is necessary for the entry into or the performance of the contract you have agreed to enter with us. If you do not provide the necessary personal data, we will not enter the contact for which it is necessary, or we will not be able to carry out our obligations thereunder in case of personal data necessary for its performance.
3.3 Legal obligation. We are also permitted to process your personal data every time it is necessary for the purposes of complying with applicable regulatory, accounting and financial rules, health and safety and to make mandatory disclosures to government bodies and law enforcements.
3.4 Consent. You consent may be asked for the uses described in 2.2 (Email), 2.4 (Direct Mail and Telemarketing) and in 2.5 (Mobile Phone SMS Messaging), 2.3 (Targeted Advertising), 2.6 (Use of Technology Information) and 2.7 (Profiles of Individuals). You can withdraw this consent at any time.
4. Storage period of personal data of individuals in the EEA for processing activities falling within the scope of European Data Privacy Laws.
The following provisions apply only to personal data of individuals in the EEA for processing activities falling within the scope of European Data Privacy Laws:
4.1 As regards customers and their individual representatives, we will hold all personal information for so long as we are in a contractual relationship. We may then (i) archive the data up to one year after the applicable limitation period has expired or final settlement of any dispute whichever is last and (ii) keep contact details for the purposes of direct marketing for a period of time as required by applicable law after termination of the contract or last contact made by the relevant individual.
4.2 As regards prospects, we keep their contact details for the purposes of direct marketing for a period of up to 3 years after time of collection or last contact made by the relevant individual.
4.3 As regards website/app/email users who do not provide us with their contact details, we maintain a log during 18 months before anonymising the data; the cookies we use have however a maximum life of 13 months.
5. Dissemination of Your Individual Information and categories of recipients of personal data.
5.1 Sale or Transfer to Third Parties. THE COMPANY MAY SELL OR TRANSFER YOUR INDIVIDUAL INFORMATION TO THIRD PARTIES FOR ANY LEGALLY PERMISSIBLE PURPOSE IN OUR SOLE DISCRETION TO THE GREATEST EXTENT PERMITTED BY LAW.
5.2 Order Fulfillment. We will transfer your Individual Information to Third Parties when necessary to provide a product or service that you order from such Third Party while using the Website or when responding to offers provided by us.
5.3 Legal Process. We may disclose your Individual Information to respond to subpoenas, court orders, and other legal processes.
5.4 Summary Data. We may sell or transfer non-individualized information, such as summary or aggregated anonymous information about all persons or sub-groups of persons.
5.5 Access. You have access to your Individual Information collected to provide an opportunity for you to correct, amend, or delete such information, as further detailed in paragraph 12 as regards individuals in the EEA where European Data Privacy Laws apply. Access can be obtained by contacting firstname.lastname@example.org. We may also grant advertising clients and email services providers’ access to your email address to verify the origin of your Individual Information collected.
5.6 Other. We may also disclose your Individual Information:
5.7 Transfer of data in other countries. Individuals in the EEA are hereby informed that we may use providers located in the EU, the EEA, Canada (private sector) and other countries deemed to offer an adequate level protection according to the European Commission as well as the United States of America, provided that any recipient of personal data based in the United States of America adopted corporate binding rules or entered into a data transfer agreement containing clauses offering an adequate level protection according to the European Commission or benefits from the U.S. “Privacy Shield” accreditations
6. Privacy Practices of Third Parties.
6.1 Advertiser cookies and web beacons. Advertising agencies, advertising networks, and other companies (together, “Advertisers”) who place advertisements on the Website and on the Internet generally may use their own cookies, web beacons, and other technology to collect information about individuals. We do not control Advertisers’ use of such technology and we have no responsibility for the use of such technology to gather information about you to the greatest extent permitted by applicable law.
6.3 Service Providers. We may engage certain third parties to perform functions and provide services to us, such as identity verification, hosting and maintenance, customer relationship management, database storage and management, geocoding, business analytics, fraud prevention, business analytics, and direct marketing campaign services.
We will share your Individual Information with these third parties, only to the extent necessary for them to perform these functions for us, and only pursuant to binding contractual obligations requiring such third parties to maintain the privacy and security of your Individual Information and, as regards processing activities governed by European Data Privacy Laws, containing all undertakings required by article 28 of the GDPR when such third party acts as processor.
7. Data Transfer and Storage.
You acknowledge that personal information will be collected and stored by us in Canada. By using the Website, you consent to the transfer of information to and/or storage of information outside of your country and in Canada to the greatest extent permitted by law. Individuals in the EEA are hereby informed that we may store their personal data in the EU, the EEA, Canada and other countries deemed to offer an adequate level protection according to the European Commission as well as the United States of America, provided that any recipient of personal data based in the United States of America adopted corporate binding rules or entered into a data transfer agreement containing clauses offering an adequate level protection according to the European Commission or benefits from the U.S. “Privacy Shield” accreditation.
8. Unsubscribe Procedures.
8.1 Unsubscribe from one email list. To unsubscribe from a particular list, either (1) send an email to email@example.com or (2) follow the instructions in each promotional email message sent by the Company.
8.2 Unsubscribe from all of our email lists. We reserve the right to add your Individual Information to multiple lists maintained by us. To globally unsubscribe from all of our lists, send an email to firstname.lastname@example.org.
8.3 Unsubscribe from a particular SMS messaging campaign. To unsubscribe from a particular SMS messaging campaign on a cell phone, send “STOP” to the SMS message received by you. In addition, other methods to unsubscribe may be set forth on the Website where signed up for the SMS messaging campaign.
If you have any concerns or claims with respect to our data handling practices, please contact us first. We will investigate and attempt to resolve any complaints and disputes regarding our use and disclosure of your Individual Information. If your complaint or dispute cannot be resolved through our internal process, or if we do not adequately respond to your question, you agree to resolve your dispute through arbitration unless you are an individual in the EEA and the dispute in relation to the processing of personal data falling with the scope of European Data Privacy Laws (in the latter case, see paragraph 11). If arbitration is necessary, it will be conducted by telephone and email, and if it must be done in person, it will be conducted in New York City, New York. The arbitration will be conducted by one arbitrator member of the American Arbitration Association, and under the rules of commercial arbitration of the American Arbitration Association or as agreed between you and the Company. Both parties will bear equally the cost of arbitration (exclusive of legal fees and expenses). All decisions of the arbitrator will be final and binding on both parties and enforceable in any court of competent jurisdiction. For additional information you may contact www.ADR.org.
10. Limitation of Liability.
We exercise reasonable efforts to safeguard the security and confidentiality of your personal information; however, transmissions protected by industry standard technology and administered by humans cannot be guaranteed to be secure. We will not be liable for unauthorized disclosure of personal information that occurs through no fault of our own including, but not limited to, errors in transmission, access to your account by anyone, uses of your Member ID and password by a third party, your failure to comply with your security obligations, and the unauthorized acts of our employees, to the greatest extent permitted by applicable law and subject to European Data Privacy Laws where applicable.
11. California User Consumer Rights. In accordance with California Civil Code Sec. 1789.3, California resident users are entitled to know that they may file grievances and complaints with the California Department of Consumer Affairs, 400 R Street, STE 1080, Sacramento, CA 95814; or by phone at 916-445-1254 or 800-952-5210; or by email to email@example.com. Sec. 1798.83 of the California Civil Code, grants residents of the State of California the right to request from a business with whom the California resident has an established business relationship, once a year, certain information with respect to the types of personal information that the business shares with third parties for those third parties’ direct marketing purposes and the identities of the third parties with whom the business has shared such information during the immediately preceding calendar year. To exercise your rights, you may make one request each year by contacting us as the email address at paragraph 13.
12. Rights of individuals in the EEA.
When European Data Privacy Laws apply and you are an individual in the EEA, we inform you that you have the rights set out below.
You may exercise these rights by contacting us at the email address indicated at paragraph 13. We will respond to any rights that you exercise within a month of receiving your request, unless the request is particularly complex, in which case we will respond within three months.
Please be aware that there are exceptions and exemptions that apply to some of the rights which we will apply in accordance with the European Data Protection Laws.
12.1 Right to object to processing of your personal data
You may object to us processing your personal data where we rely on a legitimate interest as our legal grounds for processing. If you object to us processing your personal data we must demonstrate compelling grounds for continuing to do so. We have no compelling ground for continuing direct marketing communications after you have objected.
12.2 Right to access personal data relating to you
You may ask to see what personal data we hold about you and be provided with:
To help us find the information easily, please provide us as much information as possible about the type of information you would like to see.
12.3 Right to correct any mistakes in your information
You can require us to correct any mistakes in your information which we hold. If you would like to do this, please let us know what information is incorrect and what it should be replaced with.
12.4 Right to restrict processing of personal data
You may request that we stop processing your personal data temporarily if:
12.5 Right to data portability
You may ask for an electronic copy of your personal data which we hold electronically and which we process on the basis of a contract with you or with your consent.
12.6 Right to withdraw consent
You may withdraw any consent that you have given us to process your personal data at any time. This means that we will not be able to carry out any processing which required use of that personal data.
12.7 Right to erasure
You can ask us to erase your personal data:
12.8 Rights in relation to automated decision making
You have the right to have any decision that has been made by automated means and which produces legal effects or has a similar significant effect on you reviewed by a member of staff, it being noted that our processing activities do not fall in that category.
12.9 Complaints to a European supervisory authority
13. How to Contact Us
You may reach us by email at firstname.lastname@example.org.
© Puff Offers All rights reserved.