This privacy statement discloses the privacy practices of Chica Chocolate, LLC and all websites owned or operated by or on behalf of Chica Chocolate, LLC, including wwww.chicachocolate.com and without limitation.
Legal Name: Chica Chocolate, LLC
Address: PO Box 844, Boulder CO 80306
1. Information We Collect
The types of information that we collect fall under two general categories: Personally identifiable information (PII) and non-personally identifiable information (non-PII). PII consists of any information which can be used to specifically identify you as an individual and may include:
- Identity Data may include your first name, last name.Contact Data may include your billing address, delivery address, email address and telephone numbers.
- Financial Data may include your bank account and payment card details.
- Transaction Data may include details about payments between us and other details of purchases made by you.
- Technical Data may include your login data, internet protocol addresses, browser type and version, browser plug-in types and versions, time zone setting and location, operating system and platform and other technology on the devices you use to access this site.
- Profile Data may include your username and password, purchases or orders, your interests, preferences, feedback and survey responses.
- Usage Data may include information about how you use our website, products and services.
- Marketing and Communications Data may include your preferences in receiving marketing communications from us and our third parties and your communication preferences.
- Non-PII consists of aggregate information or any information that does not reveal your identity. The following sections describe how your PII and non-PII are collected by us, and how we use such information.
2. How We Collect and Use Information
Log Files. Any time you visit any of our websites, our servers automatically gather information from your browser (such as your IP addresses, browser type, Internet service provider (ISP), referring/exit pages, platform type, date/time stamp, and number of clicks) to analyze trends, administer the site, prevent fraud, track visitor movement in the aggregate, and gather broad demographic information. For example, we may log your IP address for system administration purposes. IP addresses are logged to track a user’s session. This gives us an idea of which parts of the site users are visiting. We do not share the log files externally.
Web Beacons. “Web beacons” (also known as “clear gifs” and “pixel tags”) are small transparent graphic images that are often used in conjunction with cookies in order to further personalize our website for our users and to collect a limited set of information about our visitors. We may also use web beacons in email communications in order to understand the behavior of our customers. We do not link the web beacons to any PII.
Information About You. When you register, enroll or place an order for any products or services, we collect information about you. For interactive content and community services where you may choose to have a public profile, we may display your non-PII information to other community members and visitors. You may choose to provide us with your photo(s) or video(s) and by providing us such content, you agree that we may make them available to other members and visitors. Except as otherwise stated in this privacy statement, we do not disclose your PII to you or other users of our services.
Purchase Information. To process purchases, we may require your name, address, phone number, email address and credit card information. Such information is used primarily to process your order or as otherwise described herein. Credit card transactions are processed using industry standard Secure Socket Layer (SSL) and/or strong encryption (3DES) by a third party, which only uses your information for that purpose.
Emails and Telephone Calls. We require an email address from you when you register for our services. We use your email address for both transactional (e.g., order confirmation and renewal processing) and promotional (e.g., newsletters, new product offerings, special discounts, event notifications, special third-party offers) purposes. Email messages we send you may contain code that enables our database to track your usage of the emails, including whether the email was opened and what links (if any) were clicked. If you would rather not receive promotional emails from us, please see the section below labeled “Manage My Preferences/Opt-Out.” We reserve the right to send you certain communications relating to our services, such as service announcements and administrative messages, without offering you the opportunity to opt out of receiving them. We may also contact you by telephone or text message (including to any wireless number you may provide to us) in connection with our services. We fully comply with the requirements of the U.S. CAN-SPAM Act.
Demographic Data. Demographic data is also collected at our site. We may use this data to tailor our visitors’ experience at our site, showing them content that we think they might be interested in, and displaying the content according to their preferences. Some of this information may be shared with advertisers on a non-personally identifiable basis.
3. Purposes for processing your personal data
Set out below is a description of the ways we intend to use your personal data and the legal grounds on which we process such data. We have also explained what our legitimate interests are where relevant. We may process your personal data for more than one lawful ground, depending on the specific purpose for which we are using your data. Please email us at email@example.com if you need details about the specific legal ground we are relying on to process your personal data.
- To register you as a new customer
- Performance of a contract with you
- To process and deliver your order including:
(a) Manage payments, fees and charges
(b) Collect and recover money owed to us
- To manage our relationship with you which may include:
(b) Asking you to provide feedback, leave a review or take a survey
(c) Marketing and Communications
(d) Performance of a contract with you
(e) Necessary to comply with a legal obligation
(f) Necessary for our legitimate interests to keep our records updated and to study how customers use our products/services
- To administer and protect our business and website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)
- To deliver relevant content and advertisements to you and measure and understand the effectiveness of our advertising
- Necessary for our legitimate interests to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy
- To use data analytics to improve our website, products/services, marketing, customer relationships and experiences
- Necessary for our legitimate interests to develop our products/services and grow our business
- Marketing communications
You will receive marketing communications from us if you have:
(i) requested information from us or purchased goods or services from us; or
(ii) if you provided us with your details and ticked the box at the point of entry of your details for us to send you marketing communications; and
(iii) in each case, you have not opted out of receiving that marketing.
We will get your express opt-in consent before we share your personal data with any third party for marketing purposes.
You can ask us to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent or by emailing us at firstname.lastname@example.org or by using our subscription management tool.
Where you opt out of receiving our marketing communications, this will not apply to personal data provided to us as a result of a product/service purchase, warranty registration, product/service experience or other transactions.
4. Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.
If we need to use your personal data for a purpose unrelated to the purpose for which we collected the data, we will notify you and we will explain the legal ground of processing.
We may process your personal data without your knowledge or consent where this is required or permitted by law.
5. Disclosure of Your Information to Third Parties
Disclosure By Law. You acknowledge and agree that we may disclose information you provide if required to do so by law, at the request of a third party, or if we, in our sole discretion, believe that disclosure is reasonable to comply with the law, requests or orders from law enforcement or any legal process, protect or defend our rights or property, or protect someone’s health or safety.
Disclosure to Trusted Third Parties By Us. We may share your non-PII with third parties, but not in a manner that would reveal your identity. We may share your PII, sometimes in conjunction with your non-PII with service providers that may be associated with us to perform functions on our behalf. For example, outsourced customer care agents or technology assistants may need access to your information to perform services for you. Your information will be treated as private and confidential by such service providers and not used for any other purpose than we authorize.
6. Third-Party Advertising
We may partner with third-party advertising agencies or other service providers to serve ads on our website on behalf of ChicaChocolate or third-party advertisers (e.g., retailers of goods or services). These companies may employ cookies and web beacons to measure advertising effectiveness. Any information that these third parties collect via cookies and web beacons is completely anonymous. Some of these third-party advertising agencies may be members of the Network Advertising Initiative, which offers you the option to opt out of ad targeting from its member agencies by following the procedures listed here.
We will only share your information with third parties in the ways defined in this privacy statement.
7. Age Restrictions
We do not target any of our sites or services to children under the age of 13, and in compliance with the Children’s Online Privacy Protection Act, any information we may receive from users we believe to be under the age of 13 will be purged from our database.
We have security measures in place to protect against the loss, misuse and alteration of information stored in our databases. These measures include use of Secure Socket Layer (SSL) and/or strong encryption (3DES) technology during credit card transactions and administrator sessions, as well as other security measures which are applied to all data at rest and in transit. We will exercise reasonable care in providing for the secure transmission of information between your computer and our servers, but we cannot ensure or warrant the security of any information transmitted to us over the Internet and accept no liability for any unintentional disclosure.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
9. Data Retention
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for seven years after they cease being customers for tax purposes.
In some circumstances you can ask us to delete your data: see below for further information.
In some circumstances we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
10. Your Legal Rights
Under certain circumstances, you have rights under data protection laws to include but not limited to privacy laws in the United States and General Data Protection Regulation in the European Union in relation to your personal data. These include the right to:
- Request correction of your personal data
- Request erasure of your personal data.
- Object to processing of your personal data.
- Request restriction of processing your personal data.
- Request transfer of your personal data.
- Right to withdraw consent.
- If you wish to exercise any of the rights set out above, please email us at email@example.com.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
11. Links to Other Sites
We are not responsible for the privacy practices or the content of other websites that may be linked to this site or of any third party advertisers.
13. Manage Subscription/Opt-Out
- Click on the “unsubscribe” link on the bottom of any email.
- You may opt out of the DoubleClick cookie by visiting the Google advertising opt-out page.
- Or you may opt out of Google Analytics by visiting the Google Analytics Opt-out page.
- Facebook – In order to stop displaying our ads on your Facebook account, please manage your Facebook settings by clicking here: Facebook Settings
14. Updating Your Information
ChicaChocolate provides users the following options for changing and modifying information previously submitted.
- For any services where you have an account page, you may change your credit card (if applicable), email address, password and other information from the account settings or preferences page; or
- You can send mail or electronic mail to the address listed above, providing us with your account information and letting us know which information you wish to update.
15. Contact Us
If you have any questions about this privacy statement, the practices of this site, or your dealings with any of our websites, you can contact: firstname.lastname@example.org or email@example.com.
Your use of our websites, including any dispute concerning privacy, is subject to this privacy statement and the applicable Terms and Conditions of Service. BY USING OUR WEBSITES, YOU ARE ACCEPTING THE PRACTICES SET OUT IN THIS PRIVACY STATEMENT AND THE APPLICABLE TERMS AND CONDITIONS OF SERVICE.
Your continued use of any portion of our website following posting of the updated privacy statement will constitute your acceptance of the changes.