PRIVACY POLICY
Effective June 1, 2021
At Rock Faery (“Rock Faery”, “we”. “us”, “our”), we value your privacy and the protection of your personal information. This Privacy Policy describes how we collect, use, and protect Personal Information (defined below) collected from our customers, visitors and users (collectively, the “Users”) through our website located at www.rockfaery.com (the “Site”), the services and products offered on the Site, our associated social media sites, our newsletters, and other interactions between Rock Faery and Users (collectively, the “Services”).
By accessing the Services and/or submitting information to Rock Faery, you are bound by all terms and conditions in the Terms of Use at Terms of Use (the “Terms of Use”) and this Privacy Policy.
INFORMATION WE COLLECT
Personal Information: “Personal Information” is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to you. When you register an account, make a purchase, subscribe to our newsletter, request information from us, contact customer support, or participate in a promotion, you may provide us with your Personal Information, such as your name, title, email address, phone number, address, billing information and other similar information.
Device Identifiers: When you access the Services by or through a device, we may access, collect, monitor and/or remotely store one or more “device identifiers”. Device identifiers allow us to uniquely identify your device and are used to enhance the Services (including sending updates and information from the Services). A device identifier may also be used in conjunction with other Personal Information.
Analytics: When you access our Services, we may collect information (either directly or using third party services) using logging and cookies which can sometimes be correlated with Personal Information. We use this information to monitor and analyze use and interest in the Services. See the section on “Service Providers” for more detail.
Log data: As with most website and technology services delivered over the Internet, our servers automatically collect information when you access or use our Services and record it in log files. This log data may include the Internet Protocol (IP) address, the address of the web page visited before using the Services, the purchases that you make, the products you view, browser type and settings, the date and time the Services were accessed, information about browser configuration and plugins, language preferences and cookie data.
Cookies: A cookie is a text file stored locally on a User’s device by the User’s web browser, which enables the browser to remember passwords, orders, preferences, and other information when visiting a website. We use cookies and similar technologies such as pixel tags and web beacons that help us collect certain usage data about you (such as your preferences and to process shopping cart items), which may become Personal Information due to direct association with you. The Services may also include cookies and similar tracking technologies of third parties, which may collect information about you via the Services and across other sites and online services, including social media platforms. We use cookies and similar technologies such as pixel tags and web beacons for the purposes of maintaining website performance, enhancing functionality of the Services, and advertising. The cookies we use fall into three categories:
- Essential Cookies: These cookies are required to enable core platform functionality and are therefore always enabled. This includes remembering your selected country and language, tracking your movement on and usage of the Services for statistical purposes, storing whether you are logged in or not and storing your shopping bag and wish list items. We won’t ask for your consent to place those cookies because we have a legitimate purpose for setting them, but you can find a list of the cookies in our third party cookie list (linked below).
- Analytic Cookies: These cookies are optional and allow us to track and analyze your experience on the Services, to optimize your shopping experience, to invite you to provide feedback, and to allow you to interact with product reviews.
- Social media and Advertising Cookies: These cookies are used by advertising companies to serve ads that are relevant to your interests and to personalize marketing both within and beyond our Services including social media. Those partners (e.g. Facebook and Google) may combine that information with other information they have collected from you. These partners collect data directly from your web browser and the processing is subject to their own privacy policies.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. The Help feature on most browsers provide information on how to accept cookies, disable cookies or to notify you when receiving a new cookie. Please note that if you do not accept cookies, you may not be able to use some features of our Services.
USE OF INFORMATION
We use information that we collect for the purposes of fulfilling our contractual obligations to you, in furtherance of our legitimate interests in operating the Services and our business, and/or where you have consented to such usage. Our business purpose for collecting and using your information include:
- To operate, provide, and maintain the Services and our business;
- To perform services requested by you, such as to process and fulfill your order, to respond to your comments, questions, and requests, and provide customer service;
- To personalize your experience and improve customer service;
- To improve our Services, content, and marketing and promotional efforts;
- To communicate with you and respond to your requests, comments and questions;
- As required by applicable law, legal process or regulation;
- To send notices, emails and other communications;
- To process transactions, including, billing, account management and other administrative matters;
- To prevent or address security issues, including suspected fraud;
- To monitor and analyze trends, usage, and activities;
- To develop and implement marketing activities, including advertisements and communications to new and existing customers about our products and services, promotional offers, and events;
- To comply with applicable law, legal process or regulation; and
- To fulfill any other business or commercial purposes at your direction or with your consent.
INFORMATION SHARING AND DISCLOSURE
We may share, transfer, and/or disclose your Personal Information to or with third parties in order to provide the services or products requested by you, and under the following circumstances:
- Service Providers. We share certain Personal Information with third party service providers, such as shipping carriers, payment service providers, and email service providers, in order to operate our business and fulfill orders placed through the Services. We only provide service provider with the information necessary to complete the requested service, product or transaction, and contractually prohibit them from retaining, using, or disclosing information about you for any purpose other than performing the services for us.
- Compliance with Law. We may share your Personal Information in response to legal process, for example, in response to a court order or a subpoena, a law enforcement or government agency’s request or similar request.
- Security and Fraud Prevention. We may share your Personal Information third parties in order to investigate, prevent, or address potentially illegal activities, suspected fraud, situations involving potential threats to any person, us, or the Services, or violations of our policies or the law.
- Business Transfer. We may transfer Personal Information to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Users’ Personal Information held by Rock Faery is among the assets transferred.
All information voluntarily shared by you through publicly available social media, feedbacks, reviews, comments, or blog posts, and username used by you to share such information, may be visible to the public. Rock Faery is not responsible for any publicly visible information you submit, or any unsolicited contacts you may receive from third parties as the result of submitting such information.
We may, from time to time and only with the User’s express written consent, post certain Personal Information about a User for promotional or Service-related purposes.
DATA RETENTION
We will retain your Personal Information for as long as necessary to fulfill the purposes for which we collect it, as set forth in this Privacy Policy. We will also retain and use your Personal Information to the extent necessary or reasonable to comply with our legal obligations, resolve disputes, and enforce our legal agreements and policies.
DATA TRANSFER
Rock Faery is based in the United States. Information we collect, including Personal Information, will be stored and processed in the United States. By using the Services, you acknowledge and consent to the transfer to and from, processing, usage, sharing, and storage of your information in the United States, where the laws governing data protection may differ from those of your jurisdiction. If you are a resident of the European Economic Area (EEA) and your data is collected in the EEA, we will transfer your personal data pursuant to the section titled “EEA Data Subject Rights” below.
CHILDREN’S PRIVACY
Our Services are not intended for persons under the age of 18 (“Child(ren)”), and we do not knowingly collect Personal Information from Children. If you are parent or guardian and believe that we have collected or received Personal Information from a child without verification of parental consent, please contact us as provided in the “Contact Information” section below and we will delete that information.
DATA SECURITY
We have implemented security measures designed to maintain the security of your Personal Information. These security measures are implemented both during transmission of Personal Information and once received. The security of your Personal Information is important to us. Certain sensitive information submitted, such as credit card information, is encrypted using secure layer technology (SSL). However, no method of safeguarding information is completely secure. While we use measures designed to protect Personal Information, we cannot guarantee that our safeguards will be effective or sufficient. In addition, you should be aware that Internet data transmission is not always secure, and we cannot warrant that information you transmit utilizing the Services is or will be secure.
LINKS TO THIRD PARTIES
In some instances the Services might contain links to other third party sites and services. When you access these other sites or services, you are leaving the Services. Rock Faery is not responsible or liable for the activities on, security or privacy practices of, or content on third party sites. We encourage you to read the privacy statements posted on each such third party site or service.
SERVICE PROVIDERS
We may employ third party companies and individuals to facilitate the Services and our provision of products and services through the Site, to provide the Services on our behalf, to perform services related to the Services (as discussed above), to assist us in analyzing how our Services are used, and to assist us with business development and marketing efforts related to the Services. These service providers may have access to your Personal Information only to perform these tasks on our behalf.
We do not display the identities of our service providers publicly by name for security and proprietary reasons. If you would like further information about the identities of our service providers, please contact us as provided in the “Contact Information” section below.
COMMUNICATIONS OPT-OUT
You may opt out of receiving marketing or other communications from us at any time by following the opt-out link or other unsubscribe instructions provided in any email message received, or by contacting us using the contact information provided below. If you wish to opt out by sending us an email to the address provided in the “Contact Information” section below, and include “Opt-Out” in the email’s subject line and your name and the email address you used to sign up for communications in the body of the email. Please note that even if you opt out of receiving marketing communications from us, we may still send you non-marketing communications such as order confirmations and security notices.
EDIT OR DELETE ACCOUNT
For Users with registered account on the Site, you may correct, update, or amend your information by logging into your account and making the desired changes to your Personal Information. If you wish to delete/remove or deactivate your account on the Site, please contact us using the information provided in the “Contact Information” section below.
CALIFORNIA PRIVACY RIGHTS
The California Consumer Privacy Act (“CCPA”) provides California residents with the following rights:
- Right to Know. The right to know the Personal Information that we collect from you, the purposes for which we use it, the sources from which we collect it, the limited circumstances under which we share it, with whom we share it, and your rights regarding it.
- Right to Request Access and Data Portability Rights. The right to request we disclose certain information to you about our collection and use of your Personal Information over the past 12 months, upon verifiable consumer request.
- Right to Request Deletion. The right to request we delete your Personal Information that we collected from you and retained. Once we receive and confirm your verifiable consumer request, we will delete your Personal Information from our records, subject to certain exceptions under applicable law.
- Right to Opt Out of Sale. The right to opt out of the “sale” of your personal information to “third parties.”
If you would like to exercise these rights, please contact us as provided in the “Contact Information” section below. Please specify which right you are seeking to exercise in your request. We may require additional information from you to help us verify your identity. If we are unable to verify your identity, we may deny your requests. You may also designate an authorized representative to make consumer rights requests on your behalf. We will require verification that you did in fact authorize the representative.
We will not discriminate against any consumer for exercising their rights under the CCPA. We will not deny you goods or services, charge you different rates, or give you different discounts because you used one of these rights.
We do not sell your personal information. However, we do engage third parties to perform specific tasks on our behalf as described in the “Service Providers” section above. These third parties may analyze the data we provide, combine that data with publicly available data, and provide us with access to their analysis and reports. Such activities may qualify as a “sale” under CCPA’s broad definition of the term. You may submit your request to opt out of potential “sale” of your personal information here, or contact us as provided in the “Contact Information” section below.
NEVADA PRIVACY RIGHTS
Nevada law requires each business to establish a designated request address where Nevada consumers may submit requests directing the business not to sell certain kinds of personal information that the business has collected or will collect about the consumer. If you are a Nevada consumer and wish to submit a request relating to our compliance with Nevada law, please contact us at info@rockfaery.com.
EEA Data Subject Rights
For Users who are residents of the EEA, you have certain data protection rights pursuant to the General Data Protection Regulation (GDPR).
Rock Faery is the controller with respect to the information you provide through the Services.
We process your Personal Information pursuant to one or more of the following lawful basis:
- Your consent. For example, you consent to the processing of your Personal Information when you consent to receive marketing emails from us. You can withdraw your consent at any time.
- The performance of a contract with you. For example, when you purchase products or services from us, we process your Personal Information in order to process and deliver your orders.
- Compliance with our legal obligations. In some cases, we may have a legal obligation to process your Personal Data, such as the need to keep payment information as tax documentation or when handling VAT issues.
- For our legitimate interests. We process your Personal Interest in furtherance of our legitimate interest to operate and promote our business, provide the Services, analyzing usage to improve the Services and User experience. Our legitimate interests do not override your fundamental rights and freedoms, including your right to have your Personal Information protected.
In certain circumstances, you have the following data protection rights:
- Request access to your Personal Information (commonly known as a "data subject access request"). This enables you to receive a copy of the Personal Information we hold about you where we are the data controller and to check that we are lawfully processing it.
- Request correction of the Personal Information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected, though we may need to verify the accuracy of the new information you provide to us.
- Request erasure of your Personal Information. This enables you to ask us to delete or remove Personal Information where there is no good reason for us to continue to process it. You also have the right to ask us to delete or remove your Personal Information where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your Personal Information to comply with local law. Note, however, that we may not always be able to comply with your request for erasure for specific legal reasons, which will be explained to you, if applicable, at the time of your request.
- Object to processing of your Personal Information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground, as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your Personal Information for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
- Request restriction of processing of your Personal Information. This enables you to ask us to suspend the processing of your Personal Information in the following scenarios: (a) if you want us to establish the information's accuracy; (b) where our use of the information is unlawful but you do not want us to erase it; (c) where you need us to hold the information even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your information but we need to verify whether we have overriding legitimate grounds to use it.
- Request the transfer of your Personal Information to you or to a third party. We will provide to you, or a third party you have chosen, your Personal Information in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
- Withdraw consent at any time where we are relying on consent to process your Personal Information. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain services to you. We will advise you if this is the case at the time you withdraw your consent.
You have the right to complain to a Data Protection Authority about our collection and use of your Personal Information. For more information, please contact your local data protection authority as applicable.
If you wish to exercise any of the rights set out above, please contact us using the contact information below. We will respond to your request within 30 days and we may require additional information from you to help us verify your identity. If we are unable to verify your identity, we may deny your requests.
We will comply with applicable legal requirements providing adequate protection for the transfer of personally identifiable information to recipients in countries outside of the EEA, including the USA. In all such cases, we will only transfer your personally identifiable information if (a) the country to which the personally identifiable information will be transferred has been granted a European Commission adequacy decision; or (b) we have put in place appropriate safeguards with respect to the transfer, such as the Standard Contractual Clauses.
CHANGES TO PRIVACY POLICY
Rock Faery may amend or update this Privacy Policy from time to time in its sole discretion and without prior notice. Any such amendments or updates will be effective upon our posting of the revised Privacy Policy. Your continued use of the Services following our posting of any revised Privacy Policy will constitute your acknowledgement and acceptance of the amended Privacy Policy.
CONTACT INFORMATION
If you have any questions regarding this Privacy Policy, you can contact us as follows:
By email:
info@rockfaery.com
By mail:
Rock Faery
Attn: Privacy
3746 Foothill Blvd. #1109
Glendale, CA 91214