1. Data Collection and Use
This Section describes the information we collect when you use our Site and how we make use of that information, including what information is shared with third parties. Some of the information is Personally Identifiable Information ("PII"). When we use the term "PII", we mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. PII does not include:
- Publicly available information from government records.
- Deidentified or aggregated consumer information.
- Information excluded from the CCPA’s (defined below) scope, like:
- Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data; or
- Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.
Our online store is hosted on Shopify Inc (https://www.shopify.com). They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
To make a purchase on our Site, we need PII including your full name, email address, phone number, shipping & billing addresses, and credit card details. This information is used to confirm, process, record, and ship your order as well as send you communications regarding your order such as order confirmations, tracking information, and other order updates. Your IP address is also collected, which is used for fraud prevention.
Your shipping address is provided to third party service providers (UPS, USPS, FedEx, Zendesk, TaxJar, and payment processors) to help show shipping options, calculate state sales tax, provide customer service, and process payments. Please refer to those service providers’ privacy policies on how they manage your data.
In order to process and record orders, PII is securely stored and transferred between our website database, Enterprise Resource Planning (ERP) system, and Warehouse Management System (WMS). If you are a California consumer, you have the right to request more information about these systems by Contacting Us.
When you create an account on our Site, we request PII including your full name, email address, and to create a password. Once you create an account, you can add your shipping address and billing address to make checkout faster. This information is securely stored in the Shopify platform. We use account information to customize Site experiences, track purchase history, and improve your experience on our Site. If you would like to delete your account, please contact us.
When you submit a request to us on our Site via a "Contact Us" page, use our chat widget, email our support address, or call our support phone number, we need PII such as your name, phone number, and email address. Additionally, we may need other information such as contact reason, attachments, and message. This information is used to answer and resolve your request. If you require a replacement product or part(s), we will need your shipping address. If you call our support number, we may record the audio of the call for reference and training purposes. Sensitive information is automatically edited out of recordings after calls are completed. We manage all support requests through our third-party ticket management tool, Zendesk.
Giveaways and Contests:
Occasionally, our Site will collect PII to run contests. If you participate in a contest, we require you to provide us with your name, email, and phone number. If the contest prize is a product, the winner(s) will need to provide their shipping address. This information is used to administer contests, contact winners, send out giveaways, and for future marketing campaigns. Your participation is not required and, if you sign up using your email, you can unsubscribe at any time using the link at the bottom of the email or by contacting us.
We use Shopify and MailChimp, third-party service providers, to collect user information, including email addresses and phone numbers, and send marketing messages. If you provide us with your email address and/or phone number, we will only use it to send you marketing and promotional emails and/or SMS messages if you opt-in to receive these messages. You can unsubscribe from these messages at any time using a link provided to opt-out. For SMS messages, standard message and data rates may apply. We also use PII to personalize your website experience and to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our Site.
Access, Correction, and Deletion of your Data:
You have the right to review and change any PII and to request that we delete your information. To make such a request, you will need to contact us and verify your identity. If you have an account on our Site, you can access, update, and delete your information by logging into your account. If you are subscribed to receive marketing emails from us, you can unsubscribe any time using the link at the bottom of the emails or by contacting us. Please be aware that we may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
2. California Consumers Rights
California residents have specific rights on how we handle their PII. The information in this Section 2 (California Consumers Rights) applies to all users of our Site but the additional rights apply solely to visitors, users, and others who reside in the State of California, and do not apply to employment-related PII collected from California-based employees, job applicants, contractors, or similar individuals. Additionally, where indicated, this Section 2 (California Consumers Rights) does not apply to PII reflecting a written or verbal business-to-business communication ("B2B personal information"). You can learn more about California consumer rights and the California Consumer Privacy Act (CCPA) on California's OAG website. Any terms defined in the CCPA have the same meaning when used in this Section 2 (California Consumers Rights).
Categories of User Data, Sources, Purposes and Disclosure:
The list below details categories of PII data collected and disclosed for a business purpose, sources of PII, and the business purposes PII data was used in the last 12 months. More information about these can be found above under Section 1. Data Collection and Use.
Categories of PII Collected and Disclosed for a Business Purpose in the Last 12 Months
- Identifiers (e.g. name, ship-to and bill-to addresses, email address, phone number for processing orders and support requests)
- Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) (e.g. name, address, telephone number for processing orders and support requests)
- Commercial information (e.g. products purchased and purchase history for processing orders)
- Internet and network activity (e.g. search history for marketing proposes)
- Geolocation information (e.g. device location and IP address for analytical and marketing purposes)
- Sensory Data (e.g., audio recordings for support phone calls)
- Payment information (collected by our third party payment processors for processing orders)
Examples of Sources from Which PII is Collected:
- Direct from our Site (e.g. making purchases)
- Site account usage (e.g. creating an account)
- Passive collection (e.g. browsing the Site)
- Communicating with us (e.g. contacting our support team)
- Email sign ups (e.g. newsletter subscribe forms and giveaways)
- Examples of Business Purposes for Which PII Was Collected in the Last 12 Months
- Processing Site orders
- Analyzing Site usage
- Maintaining and improving the Site
- Communicating and responding to support issues
- Administering giveaways
- Sending marketing, advertising and promotional messages
- Complying with legal requirements
- Fraud detection and prevention
- Protecting us, our users and the general public
Who We Disclose PII To:
Data Request Rights:
As a California consumer, you have the right to make verifiable access and deletion requests no more than twice in a 12-month period after providing a verifiable consumer request. A verifiable consumer request can be made using the contact methods provided in the "Contact Us" section at the bottom of the page. You may also authorize someone to make a verifiable consumer request on your behalf or you can make a verifiable consumer request on behalf of your minor child. It is important that your request provide sufficient information to allow us to reasonably identify you or the person about whom we collected PII and describes your request with sufficient detail so that we can respond to it. We cannot respond to requests that do not provide sufficient information.
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 45 days unless the complexity and volume of requests warrant more under applicable law), we will inform you of the reason and extension period in writing.
Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your PII that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Data Access Requests:
You have the right to know the categories of PII we have collected about you in the last 12 months, the categories of sources from which PII is collected, the business purposes for collecting PII data, the specific PII data we collected about you (also called a data portability request), and the categories of PII data disclosed for business purposes. To submit a data access request, please use one of the contact methods provided at in the "Contact Us" section at the bottom of the page and let us know you want to make a "California Consumer Data Access Request". We do not provide these access or portability rights for B2B personal information.
Data Deletion Requests:
You have the right to request that we delete your PII subject to certain exceptions. To submit a data access request, please use one of the contact methods provided at in the "Contact Us" section at the bottom of the page and let us know you want to make a "California Consumer Data Deletion Request".
We may deny your deletion request if we are unable to verify your identity after making all reasonable efforts or if any of the following apply:
- Complete the transaction for which we collected the PII, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
We have not sold PII and currently have no plans to sell PII. To opt-out of any potential future selling of data, please email support@DeWALTShelving.com with the subject line "California Consumer Selling Data Request".
We will not discriminate against you for exercising your CCPA rights. We will not deny you goods or services; charge you different prices or rates for goods or services, including through granting discounts or other benefits or imposing penalties; provide you a different level or quality of goods or services; or suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services. We may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your PII’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time. We currently provide financial incentives through our giveaways and contests described in Section 1. Data Collection and Use.
3. Nevada Consumers Rights
Nevada residents have the right to request their PII is not sold, even if the information is currently not being sold. We have not sold PII and currently have no plans to sell PII. To make a request to opt-out of potential future selling of data, please send an email to support@DeWALTShelving.com with the subject line "Nevada Consumer Data Request".
4. Sharing Information with Third Parties
Your PII may be passed on to a third party to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding. We may also disclose specific information when we determine that such disclosure is necessary to comply with applicable law or to protect the interests or safety of JSP or other visitors to our Site.
5. Technologies Used
"Session" cookies do not stay on your device after you leave our website or close your browser. The aggregate information collected allows us to analyze traffic patterns on our Site. This enables us over time to provide a better experience on our Site by improving content and making our Site easier to use.
"Permanent" cookies are those that remain on your device after you leave our Site. They are used to facilitate shopping, personalization, and account registration. For example, cookies keep track of items in your cart as you continue to shop and allow you to enter your password only once on web pages where a login is required. "Permanent" cookies can be manually removed by the user.
JSP makes no representations or warranties about the accuracy of the information contained in the above websites, which are provided for reference only. Each user accepts all responsibility for accessing these third-party websites and assumes all risks.
A "web beacon" is a small electronic file on our Site or in our emails that allow us to count users who have visited our Site or opened an email as well as other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
6. Marketing and Advertising Choices
By signing up for our marketing emails or making a purchase on our Site, you opt-in for us to send you various marketing emails. You can opt-out of these emails at any time using the link at the bottom of the emails or by contacting us using one of the methods provided at in the "Contact Us" section at the bottom of the page.
To the extent you are receiving SMS messaging from us, you may opt out of receiving SMS messaging by replying to any message we send you with the word "STOP" or contacting us using one of the methods provided at in the "Contact Us" section at the bottom of the page. To the extent you receive push notifications from our Progressive Web App (PWA) Site, you may opt-out of them for your device through your account and device settings.
Please allow up to ten (10) business days for us and our service providers to process your request. If you make a purchase through our Site, you may be opted back in to our marketing communications until you opt out or unsubscribe once again. We may continue to send you transactional, support, or operational communications even if you opt-out.
7. Security of Information
We use procedural and technological security measures, which are reasonably designed to help protect PII from unauthorized access or disclosure, consistent with industry standards. When you place an order or submit information to us via forms, the data is encrypted using industry standard Secure Socket Layer (SSL) security technology.
We use encryption, passwords, and physical security measures to help protect your PII against unauthorized access and disclosure. However, it is always possible that third parties will unlawfully intercept or access transmissions or defeat these measures. Therefore, we do not promise and cannot guarantee (and thus you should not expect) that PII will never be viewed or used by others. While we are committed to protecting your information, we cannot ensure or warrant the security of any information you transmit to us.
8. Links to Other Sites
The Site may contain links to other websites. These are provided for your convenience and do not imply affiliation with or endorsement of that website. We are not responsible for the privacy practices or the content of such web sites or for the privacy policies and practices of third parties.
9. Policy Toward Children
Our Site is not targeted or intended for children under 16 years of age. No one under age 16 may provide any PII to or on our Site. We do not knowingly collect PII from or about children under age 16. If we are notified that we have collected PII from such a child, we will delete all information as soon as possible.
Please contact us with any questions or concerns. Our customer service department is available from 7 AM until 5 PM PST on weekdays. If you call outside these hours and leave a message, we will return your call. You can also contact us or try one of the methods listed below.