II. Information We Collect and How it is Used
A. Information you Give Us
Except for physical location information and tracking technologies (as described below), You do not have to give us any personal information to browse this Site. However, you may be asked to provide personal information to register as a user of this Site, to make purchases through this Site, to submit information or request information from us, or to use the services offered through this Site. This information may include:
- Registration Information: When you sign up for this Site, you are required to provide information such as your name, username, password, address, email address, and month and day of birth.
- Payment Information: If you purchase products or services through this Site, you will be required to provide payment card information so that we may process the transaction, including without limitation the name of the cardholder, payment card number, CVV number, payment card expiration date, billing address, shipping address, and the recipient’s name.
- Additional Information: Additional information that you provide to us, including through any user profile that you establish on the Site, any feedback, messages or emails that you provide to us, any posts to public discussion boards, or answers to surveys or questionnaires that you may submit.
B. Location Information
In order to access and use certain areas or features of the Site, you consent to our collection and use of your physical location information if you use the Site on a location-enabled device (including GPS, cellular, and Wi-Fi networks) or from your browser.
In addition, you consent to our collection and use of certain information about your use of this Site through the use of tracking technologies or by other passive means. We may use analytics applications such as Google Analytics to help collect and analyze this information. This 'passively collected' information includes, but is not limited to, the domain name of the website that allowed you to navigate to this Site, search engines used, the internet protocol (IP) address used, the length of time spent on this Site, the pages you looked at on this Site, other websites you visited before and after visiting this Site, the type of internet browser you have, the frequency of your visits to this Site, and other relevant statistics, including the following:
- Log information. When you access this Site, our servers automatically record information that your browser sends whenever you visit a website. These server logs may include information such as your web request, IP address, browser type, browser language, the date and time of your request, your computer operating system, mobile device and mobile operating system, name of your internet service provider or your mobile carrier, and one or more cookies (small text files containing a string of characters) that may uniquely identify your browser.
- Links. The Site may include links in a format that enables us to keep track of whether these links have been followed by IP addresses. We use this information to improve the quality of our products and design.
- URLs. When you visit or access this Site, we automatically receive the URL of the site from which you came and the site to which you are going when you leave this Site. Additionally, advertisers receive the URL of the page you were on when you click on an ad on this Site.
- Web Beacons. Web beacons (also known as 'pixel tags' or 'clear GIFs') are 1x1 single-pixel graphics that allow us to count the number of users who have visited or accessed this Site and to recognize users by accessing our cookies. We may employ web beacons to facilitate Site administration and navigation, to track the actions of users of this Site, to compile aggregate statistics about Site usage and response rates, and to provide an enhanced online experience for visitors to this Site. We may also include web beacons in HTML-formatted email messages that we send to determine which email messages were opened.
- Aggregate Information. We may compile certain personal information and other information collected through this Site on an aggregate basis. This information may include, without limitation, the number of people who have visited this Site and other user demographics. Such aggregate information does not identify you individually.
III. How We Use Personal Information
Personal information collected through this Site may be used by us and our affiliates for purposes of:
- Managing your account and providing the products and services you select through this Site;
- Responding to your questions and feedback;
- Contacting you, whether by email, postal mail, or telephone with information about this Site, our products, or our services;
- For such purposes as you may authorize at the time you submit the information;
- Auditing, research, and analysis to maintain, protect, and improve this Site and our services;
- Ensuring the technical functions of our network;
- Improving and customizing the content and layout of this Site;
- Tailoring advertisements to you;
- Developing new products and services; or
- Compiling personal information and other information collected through this Site on an aggregate basis.
IV. Personal Information We Share
We do not sell, rent, trade, or otherwise share personal information collected through this Site, except as described below:
- In Connection with our Offerings. Information which you upload, post, email, submit, or otherwise transmit in connection with this Site to a public message board, chat area, or other public area of this Site will be made public to users of this Site, including certain metadata related to such activities (such as timestamps). You are solely responsible for any such information you choose to post on or through this Site. All information that is posted to a message board, chat area, or other public area of this Site may be shared by us with others.
- Subsidiaries and Affiliates. We may share personal information with our subsidiaries and affiliates for the purposes for which you provided the information or as reasonably necessary for our internal administrative and business purposes. We may share personal information and non-personal information with these third parties for the purpose of enabling them to provide these services.
- Service Providers. We work with third parties that provide services on our behalf. Such services may include payment processing, ad placement, website usage analytics, website hosting, marketing, and order fulfillment service providers. We may share personal information and non-personal information with these third parties for the purpose of enabling them to provide these services. We do not bear any responsibility for any actions or policies of such third parties.
- Consent. We may share personal information in accordance with any consent you provide.
- Required by Law. We may disclose personal information or any information collected through this Site if we are required to do so by law or pursuant to legal process, in response to a request from government officials or law enforcement authorities, or as necessary or appropriate in connection with an investigation of illegal activity.
- Certain Transactions. We may disclose or transfer personal information or any information collected through this Site to third parties who acquire all or a portion of our business, whether such acquisition is by way of merger, consolidation, or purchase of all or a portion of our assets, or in connection with any bankruptcy or reorganization proceeding brought by or against us.
- Internet-Based Advertising and Content. We may participate in Interest-based and behavioral advertising. This means that you may see advertising or content on the Site tailored to how you engage, browse or shop, or you may see advertising for us on other websites, applications and social media based on your behavior across websites, applications and social media. We may target ads or content based on data we have collected, or data provided by third parties alone or in combination with the data we collect ourselves. If you choose to interact with specific third parties who advertise through the Site, the information you provide to them is subject to the conditions of their specific privacy policies.
By using the Site you agree to usage tracking and targeted, behavioral advertising. If you do not wish to have cookies track your usage for these purposes please see Section II.B of this Privacy Statement to refuse all or some browser cookies or do not use the Site.
Some advertisers may provide you with the choice to opt-out of having your information used for behavioral advertising. If you would like more information about behavioral advertising, or for information about how to opt-out of behavioral advertising, please visit the Network Advertising Initiative's ('NAI') consumer Web site at http://www.networkadvertising.org/understanding-online-advertising, and in particular, NAI’s Ad Network 'Opt-Out' page athttp://www.networkadvertising.org/choices/. Even if you opt-out of behavioral advertising, we may still collect and use information about your use of the Site to the extent otherwise permitted by this Privacy Statement (such as to analyze Site traffic and usage, conduct website analytics, administer the Site, etc.). In addition, if you opt-out of receiving behavioral advertising from a particular advertiser, the advertiser may still provide advertisements to you, but the ad will not be targeted to you based on your online activities.
- Internet-Based Advertising and Content by Criteo. This website uses the Criteo service to advertise on our site and third party websites to previous visitors of our site. The Criteo service is operated by Criteo SA, Rue Blanche, 75009, Paris, France (http://www.criteo.com/). The advertisements are displayed on the basis of information that is stored in cookies which Criteo places on your computer. Cookies are small text files used to store a record. The text files include information on your visit of our website, in particular product views that is read-out in the course of subsequent visits of this or third party websites for specific product recommendations. The cookie includes a random alias. In case you visit our website within a certain period of time and view our products, Criteo is able to recognize you by means of the alias. However, the information cannot be attributed to you personally. We or Criteo will not merge this information with personal information that identifies you specifically and will not disclose any personal information that identifies you specifically to any third party. You can prevent the storing and using of information in a cookie placed by Criteo by clicking on the following link http://www.criteo.com/en/privacy-policy and using the controller next to 'Opt-Out' by switching it to 'ON'.
When you opt-out, a new cookie (Opt-Out-Cookie) is placed in your web browser that tells Criteo to cease data collection from and ad delivery to your browser. You can opt-in to Criteo’s ads again at any time by switching the controller to 'OFF'. Please be aware that this configuration will be necessary for each of your browsers. In case all of your cookies in a browser are deleted, also the Opt-Out-Cookie of Criteo will be affected.
V. Aggregate Information
VI. Your Choices
A. Information You Provide
You can always choose whether or not to provide information on this Site. However, if you choose not to disclose certain information, you may not be able to register as a user of this Site, which may limit your access to certain portions of this Site.
B. Email Opt-Out
All of our marketing emails include a link for unsubscribing to our emails. Registered users on the Site can also log on to the 'My Account' section to change their email preferences. We will apply your unsubscribe request as quickly as possible. There may be promotional email campaigns in process and you may continue to receive emails from us for a few days. We require up to fourteen days to apply your unsubscribe request. After this time, you will no longer receive marketing emails from Charles & Colvard. You may still receive emails regarding your transactions; for example, confirming that you have placed an order or that a product you have ordered has been shipped.
C. Do Not Track
D. Your Rights and Your Personal Data
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:
- The right to request a copy of your personal data which Charles & Colvard holds about you;
- The right to request that Charles & Colvard correct any personal data if it is found to be inaccurate or out of date;
- The right to request your personal data is erased where it is no longer necessary for Charles & Colvard to retain such data;
- The right to withdraw your consent to the processing at any time of personal data to which you provided consent for processing;
- The right to request that Charles & Colvard provide you with your personal data and where possible, to transmit that data directly to another data controller (known as the right to data portability);
- The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
- The right to object to the processing of personal data (where applicable); and
- The right to lodge a complaint with a data supervisory authority.
E. Transfer of Data Abroad
Charles & Colvard will transfer personal data only when there has been a documented adequacy determination, or where Charles & Colvard has confirmed adequate privacy protections. If Charles & Colvard transfers personal data to a third party acting as an agent of Charles & Colvard, we will also require the third party to have adequate privacy protections in place.
Charles & Colvard may transfer personal data to and on behalf of clients and third parties with whom Charles & Colvard has an existing service agreement or as part of our legal obligations, each of which shall be subject to Charles & Colvard policies, and only to the extent necessary for purposes of legitimate interests pursued by the data controller (or by a third party).
F. Automated Decision Making
Under GDPR, data subjects shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her, or similarly significantly affects him or her, as long as the decision (1) is not is necessary for entering into, or the performance of, a contract between the data subject and a data controller, or (2) is not authorized by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, or (3) is not based on the data subject’s explicit consent.
If the decision: (1) is necessary for entering into, or the performance of, a contract between the data subject and a data controller, or (2) it is based on the data subject’s explicit consent, Charles & Colvard shall implement suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express his or her point of view and contest the decision.
If a data subject wishes to exercise the rights concerning automated individual decision-making, he or she may at any time directly contact us.
G. Further processing
VII. Information Storage and Security
We employ reasonable security precautions to help protect against the loss, misuse, and alteration of personal information provided on or through this Site. These security measures include Secure Socket Layer (SSL) technology data transmission. However, no method of transmitting or storing data is completely secure. As a result, although we strive to protect personal information about you, we cannot guarantee the security of any information you transmit to us through or in connection with this Site. If you have reason to believe that personal information is no longer secure, please notify us immediately by contacting us in accordance with the last section below.
VIII. A Special Note about Children
Children are not eligible to use our services, and we ask that minors (under the age of 13) not submit any personal information to us.
IX. External Links
X. United States Only
The Site is controlled and operated by us from the United States of America. We may limit the Site’s availability, in whole or in part, to any person, geographic area or jurisdiction we choose, at any time and in our sole discretion.
XI. Updating Information
We encourage registered users of this Site to keep their personal information current. You may change personal information you have provided about you at any time by logging into the personal profile you created on this Site. After you enter your username and password, you can edit personal information about you. You may also change personal information you have provided about you by contacting us at Charles & Colvard, Ltd., 170 Southport Drive, Morrisville, North Carolina 27560. Phone: 919.468.0399 or 800.210.4367.
XIII. Name and Address of the Controller
The Data Controller for the purposes of GDPR or other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:
Charles & Colvard, Ltd.
170 Southport Drive
Morrisville, North Carolina 27560
Phone: 919.468.0399 or 800.210.4367
Any data subject may, at any time, contact us directly with any questions and suggestions concerning data protection.