Collection of your Personal Information The information we collect may include your personal information, such as your name, contact information, IP addresses, product and service selections and other things that identify you. We collect personal information from you at the certain points, including but not limited to the following:
● when we correspond with you as a customer or prospective customer;
● when you visit our website;
● when you register as an end-user of our services and an account is created for you;
● when you contact us for help;
● when you attend our customer conferences or webinars; and
● when the site sends us error reports or application analytics data.
Our Use of your Personal Information Our Company may use information that we collect about you to:
● deliver the products and services that you have requested;
● provide you with customer support;
● perform research and analysis about your use of, or interest in, our products, services, or content, or products, services or content offered by others;
● communicate with you by e-mail, postal mail, telephone and/or mobile devices about products or services that may be of interest to you either from us, or other third parties;
● develop and display content and advertising tailored to your interests on our site and other websites;
● verify your eligibility and deliver prizes in connection with promotions, contests and sweepstakes;
● enforce our terms and conditions;
● manage our business;
● transfer personal information to third parties for any legally permissible purpose in our sole discretion.
Disclosure of your Personal Information to Third Parties We may share your personal information with third parties in the following ways:
● we may provide your information to our agents, vendors or service providers who perform functions on our behalf or who help us provide and support our Services. For example, if it is necessary to provide you something you have requested. Examples of our Vendors and Service Providers include payment processors, hosting services and content delivery services, such as Salesforce, Stripe, Zendesk, Google, Drip, Mailchimp and Intercom;
● third party contractors may have access to our databases. Usually these contractors sign a standard confidentiality agreement;
● we may share your data with any parent company, subsidiaries, joint ventures, other entities under a common control or third-party acquirers. We expect these other entities will honor this Privacy Statement;
● we may allow a potential acquirer or merger partner to review our databases, although we would restrict their use and disclosure of this data during the diligence phase;
● as required by law enforcement, government officials, or other third parties pursuant to a subpoena, court order, or other legal process or requirement applicable to our Company; or when we believe, in our sole discretion, that the disclosure of personal information is necessary to prevent physical harm or financial loss, to report suspected illegal activity or to investigate violations of our agreements or Company policies; and
● sometimes, we share your information with our third-party Service Providers,
● we may, from time to time, offer surveys, contests, sweepstakes, or other promotions on our Websites or through social media (collectively “Our Promotions”). Participation in our Promotions is completely voluntary. Information requested for entry may include personal contact information such as your name, address, date of birth, phone number, email address, username, and similar details. We use the information you provide to administer Our Promotions. We may also, unless prohibited by the Promotion’s rules or law, use the information provided to communicate with you, or other people you select, about our Services. We may share this information with our affiliates and other organizations or Service Providers in line with this policy and the rules posted for the Promotion.
● other third parties with your consent or direction to do so.
Please note that these third parties may be in other countries where the laws on processing personal information may be less stringent than in your country.
● We have public blogs on our Website. Any information you include in a comment on our blog may be read, collected, and used by anyone. If your Personal Information appears on our blogs and you want it removed, contact us at firstname.lastname@example.org or click the “unsubscribe” link found at the bottom of every email.
● Social media platforms and widgets. Our Websites include social media features, these features may collect information about your IP address and which page you are visiting on our Website, and they may set a cookie to make sure the feature functions properly. Social media features and widgets are either hosted by a third party or hosted directly on our Website. We also maintain presences on social media platforms including Facebook, YouTube, Pinterest, and Instagram. Any information, communications, or materials you submit to us via a social media platform is done at your own risk without any expectation of privacy. We cannot control the actions of other users of these platforms or the actions of the platforms themselves.
Our Security Measures to Protect your Personal Information Our Company uses industry-standard technologies when transferring and receiving data exchanged between our Company and other companies to help ensure its security. This site has security measures in place to help protect information under our control from the risk of accidental or unlawful destruction or accidental loss, alteration or unauthorized disclosure or access. However, “perfect security” does not exist on the Internet. Also, if this website contains links to other sites, our Company is not responsible for the security practices or the content of such sites.
● Web Beacons. Our Company and third parties may also use small pieces of code called “web beacons” or “clear gifs” to collect anonymous and aggregate advertising metrics, such as counting page views, promotion views, or advertising responses. These “web beacons” may be used to deliver cookies that conform to our Company’s cookie requirements.
● We may create links to other websites. We will make a reasonable effort to link only to sites that meet similar standards for maintaining each individual’s right to privacy. However, many other sites that are not associated with or authorized by our Company may have links leading to our site. Our Company cannot control these links and we are not responsible for any content appearing on these sites. Since this website does not control the privacy policies of third parties, you are subject to the privacy practices of that third party. We encourage you to ask questions before you disclose any personal information to others.
● Our Company websites may use third parties to present or serve the advertisements that you may see at its web pages and to conduct research about the advertisements and web usage. This Privacy Statement does not cover any use of information that such third parties may have collected from you or the methods used by the third parties to collect that information.
Our Retention of your Personal Information We will retain any personal information only for as long as is necessary to fulfill the business purpose it was collected. We will also retain and use your personal information for as long as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Your Right to Opt-Out or Unsubscribe from Communication If you do not want to receive communication from us in the future, please let us know by sending us e-mail at email@example.com. If you supply us with your postal address online, you will only receive the information for which you provided us your address.
International Transfers of your Personal Information Information collected from you may be stored and processed in the United States or any other country in which our Company or agents or contractors maintain facilities, and by accessing our sites and using our services, you consent to any such transfer of information outside of your country. European Union or Swiss individuals may refer to the Privacy Shield statement with regard to the transfer of their personal data. We have appropriate security measures in place in our physical facilities to protect against the loss, misuse or alteration of information that we have collected from you at our site. Merchants and Partners
The GDPR also applies to the merchants and partners of Barbara Lidfors Art Studio who operate in the EU/EEA (European Union/European Economic Area) or Switzerland and offer goods or services to residents of the EU/EEA or Switzerland. While Barbara Lidfors Art Studio is performing action to be compliant with GDPR, and to provide its merchants with tools to help its merchants comply, each merchant is ultimately responsible for ensuring that their business complies with the laws of the jurisdictions in which they operate or have buyers. Using Barbara Lidfors Art Studio does not guarantee that a merchant or partner complies with GDPR.
Merchants and Partners Access to and Updating or Deletion of your Personal Information The GDPR also gives certain rights to identified or identifiable persons (referred to as data subjects), including Barbara Lidfors Art Studio merchants. These include the right to request at no cost;
● Deletion of personal data
● Correction of their data
● Access to their data
● An export of their data in a portable format
The GDPR also gives certain rights to identified or identifiable persons (referred to as data subjects), including buyers visiting stores belonging to Barbara Lidfors Art Studio merchants. These include the right to request;
● Deletion of personal data
● Correction of their data
● Access to their data
● An export of their data in a portable format
COPPA (Children Online Privacy Protection Act) When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States' consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online. We do not specifically market to children under the age of 13 years old.
Changes to our Privacy Statement Our Company may amend this Privacy Statement at any time by posting a new version. It is your responsibility to review this Privacy Statement periodically as your continued use of this website represents your agreement with the then-current Privacy Statement.
Contacting Us If you have any questions about this Privacy Statement, the practices or concerns of this site, or feel that the site is not following its said policy, please contact us at: firstname.lastname@example.org
Privacy Shield Statement
Barbara Lidfors Art Studio complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland.
“Personal Data” means information that (1) is transferred from the EU/EEA or Switzerland to the United States; (2) is recorded in any form; (3) is about or pertains to a specific individual; and (4) can be linked to that individual.
“Sensitive Personal Information” means personal information that reveals race, ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, trade union membership or that concerns an individual’s health. B) Principles
Barbara Lidfors Art Studio may receive Personal Data from its own personnel as well as from its affiliates and other parties located in the EU/EEA. Such information may contain names, addresses, email addresses and payment information and may be about customers, clients of customers, business partners, consultants, employees, and candidates for employment and includes information recorded on various media as well as electronic data.
Other than its own human resources data, Barbara Lidfors Art Studio generally does not collect Personal Data directly from individuals. Barbara Lidfors Art Studio, however, acting as a data processor may receive Personal Data via its customers.
B) Personal Data Collection Principles:
1. We shall inform an individual of the purpose for which we collect and use their Personal Data and the types of third parties to which our Company discloses or may disclose that Personal Data. Our Company shall provide the individual with the choice and means for limiting the use and disclosure of their Personal Data. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal Data to our Company, or as soon as practicable thereafter, and in any event before our Company uses or discloses the Personal Data for a purpose other than for which it was originally collected. Barbara Lidfors Art Studio may be required to disclose Personal Data in response to lawful request by public authorities, including to meet national security or law enforcement requirements.
2. Individuals have the opportunity to choose (opt out) whether their Personal Data is (1) to be disclosed to a non-Agent third party or (2) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual by contacting our privacy officer via email at email@example.com. Agents, technology vendors and/or contractors of Barbara Lidfors Art Studio or its affiliates may have access to an individual’s Personal Data on a need to know basis for the purpose of performing services on behalf of Barbara Lidfors Art Studio or providing or enabling elements of the services. All such agents, technology vendors and contractors who have access to such information are contractually required to keep the information confidential and not use it for any other purpose than to carry out the services they are performing or as otherwise required by law.
3. Accountability for Onward Transfer. Prior to disclosing Personal Data to a third party, we shall notify the individual of such disclosure and allow the individual the choice (opt out) of such disclosure. We will:
● Limit the data you share with your partners and vendors to only that data you have permission to share.
● Proactively confirm that your partners and vendors understand purpose limitations.
● Ensure partners and vendors will make reasonable efforts to comply with the purpose limitation and appropriate protection of that data.
● Ascertain that the agent is obligated to provide at least the same level of privacy protection as is required by the Principles.
● Take reasonable and appropriate steps to ensure that the agent effectively processes the personal information transferred in a manner consistent with the organization’s obligations under the Principles.
● Upon notice, take reasonable and appropriate steps to stop and remediate unauthorized processing.
4. Data Security. We shall take reasonable steps to protect the Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction. Our Company has put in place appropriate physical, electronic and managerial procedures to safeguard and secure the Personal Data from loss, misuse, unauthorized access or disclosure, alteration or destruction. However, our Company cannot guarantee the security of Personal Data on or transmitted via the Internet.
5. Data Integrity and Purpose Limitation. We shall only process Personal Data in a way that is compatible with and relevant for the purpose for which it was collected or authorized by the individual. To the extent necessary for those purposes, our Company shall take reasonable steps to ensure that Personal Data is accurate, complete, current and reliable for its intended use.
6. Access and Recourse. We acknowledge the individual’s right to access their Personal Data. We shall allow an individual access to their Personal Data and allow the individual the opportunity to correct, amend or delete inaccurate information, except where the burden or expense of providing access would be disproportionate to the risks to the privacy of the individual in the case in question or where the rights of persons other than the individual would be violated. Individuals may contact our Privacy Officer via email to request access.
a. Human Resources Data. Barbara Lidfors Art Studio would generally not collect human resources data. If there was reason to collect such information and there was a complaint it would be addressed within a timely period. If your complaint is not satisfactorily addressed by Barbara Lidfors Art Studio, and your inquiry or complaint involves human resource data, you may have your complaint considered by an independent recourse mechanism: for EU/EEA Data Subjects, a panel established by the EU data protection authorities (“DPA Panel”), and for Swiss Data Subjects, the Swiss Federal Data Protection and Information Commissioner (“FDPIC”). To do so, you should contact the state or national data protection or labor authority in the jurisdiction where you work. Barbara Lidfors Art Studio agrees to cooperate with the relevant national DPAs and to comply with the decisions of the DPA Panel and the FDPIC. The services of EU DPAs are provided at no cost to you.
b. Independent Recourse - Non-Human Resources Data. Barbara Lidfors Art Studio has further committed to refer unresolved Privacy Shield complaints to EU data protection authorities (“DPA Panel”) and The Swiss Federal Data Protection and Information Commissioner (“FDPIC”), an alternative dispute resolution provider located in the (the EU, or Switzerland, as applicable). If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please contact or visit:
EU DPA Contact: https://ec.europa.eu/info/departments/justice-and-consumers_en#contact Phone number+32 2 299 11 11 (Commission switchboard) Postal address: Directorate-General for Justice and Consumers, European Commission 1049 Bruxelles/Brussel Belgium
FDPIC Contact: https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/links/data-protection---switzerland.html Data Protection and Information Commissioner of Switzerland Tell. +41 58 462 43 95; Fax +41 58 462 99 96 Please note that if your complaint is not resolved through any of the above channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.
C) Amendments This Privacy Statement may be amended from time to time consistent with the requirements of the Shield Frameworks. We will post any revised policy on this website. D) Information Subject to Other Policies
We are committed to following the Principles for all Personal Data within the scope of the Privacy Shield Frameworks. We are committed to following the Principles for all Personal Data within the scope of the Privacy Shield Frameworks. However, certain information is subject to policies of Barbara Lidfors Art Studio that may differ in some respects from the general policies set forth in this Privacy Statement.
Updated: January 8, 2021