Violet.io, Inc. (“Violet,” “we,” “us,” or “our”) provides this Privacy Policy to inform you of our policies and procedures regarding the collection, use and disclosure of personal information we receive from users of violet.io and subdomains (“Sites”). This Privacy Policy applies only to information that you provide to us through these Sites or that we collect through your visit of the Sites.

Please read this document carefully because this Privacy Policy (“Policy”), along with our Terms of Service, incorporated by reference, describe the legally binding agreement between you (referred to hereinafter as, “you,” or “User,” or “your”, or “Visitor”) and us. Our Privacy Policy may be updated from time to time, and we will notify you of any material changes by posting the new Privacy Policy at https://violet.io/privacy. Your continued use of the Sites thereafter shall constitute immediate acceptance of all revised, modified and/or amended terms to this Policy. However, you should review the most up-to-date version of the Policy from time-to-time on the Sites. We will notify you of any material changes, amendments or modifications to the Policy through the Sites, or through other communication. In the event you choose not to agree and accept the new, modified or amended Terms, you shall cease use of all the Sites.

By accessing the Sites, you agree to comply with this Policy, and that your visit and use of the Sites, and any dispute directly arising out of your use or misuse, shall be governed by this Policy.

Nothing in this Policy shall be deemed to confer any third-party rights or benefits. Our partners, affiliates, vendors, Integrated Channels and/or third-party websites may have additional privacy policy terms, restrictions, limitations and data collection and protection practices that you should review separately and independently from this Policy. We are not liable for the data collection, storage and usage practices of any third-party affiliate, vendor, licensor or the like.

A. Information We Collect. The information below is collectively referred to as “Data”

Personal Information. In order to better provide you with products and services offered on our Sites, Violet may collect personally identifiable information that can be used to contact or identify you, and information on your use of and activities at our Sites that may be connected with you or your household (“Personal Information”). Personal Information that we collect may include, but is not limited to, your name, email address, payment information, and location. Personal Information may also include information you supply to us concerning your preferences and interests expressed in the course of use of our Sites, as well as the content which you have viewed on the Sites. Your use of the Sites to record your preferences, identify content relevant to you, and otherwise personalize your activity in relation to the Sites is intended for your benefit; however, we want to make you aware as described below how we use your Personal Information. You may also be required to provide certain Personal Information to us when you elect to use certain products or services available on the Sites. These may include: (a) registering for an account on our Sites; (b) entering a sweepstakes or contest sponsored by us or one of our partners; (c) signing up for special offers from selected third-parties; (d) sending us an email message; (e) submitting your credit card or other payment information when ordering and purchasing products and services on our Sites. To wit, we will use your information for, but not limited to, communicating with you in relation to services and/or products you have requested from us. We also may gather additional personal or non-personal information in the future in order to provide you with our services and the Sites.

Navigational Information. When you visit the Sites, our servers automatically record information that your browser sends whenever you visit a website. This information may include, but is not limited to, your computer’s Internet Protocol address, browser type, the web page you were visiting before you came to our Sites, access times and information you search for on our Sites (“Navigational Information”). Navigational Information is used for the operation of our services, to maintain quality of our services, and to provide general statistics regarding use of the Sites.

Cookies. Like many websites, we may also use “cookies” to collect information. A cookie is a small data file that we transfer to your computer’s hard disk for record-keeping purposes. We may use “persistent cookies” to save your username and password for future logins to the Sites; and we may use “session ID cookies” to enable certain features of the Sites, to better understand how you interact with the Sites and to monitor aggregate usage and web traffic routing on the Sites. You can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. If you do not accept cookies, however, you may not be able to use all portions of the Sites or all functionality of our services.

INFORMATION ABOUT MINORS/CHILDREN. We never collect, sell, share, or store data or personal information from minors. The only information we collect, store and use to provide the services is the personal information of the account creator, who must be above the age of 18. Individuals below the age of 18 (“Minors”) shall not be allowed to create an account on the sites without the express permission of a legal guardian or parent. If you become aware that violet has collected personal information from a Minor without parental or legal guardian consent, please let us know by contacting us at privacy@violet.io, so we can take appropriate action. To prevent inadvertent disclosure of Personal Information while using our services or Sites, assist in effective use of information, and ensure appropriate use of the sites, we strongly encourage the parent or guardian of any Minor to actively guide any interactions with and/or use of the sites.

B. Use of Your Data

Violet collects and uses your Data, including Personal Information, (i) to provide and improve our Sites, services, features and content, (ii) to administer your use of our Sites, (iii) to enable you to enjoy and easily navigate the Sites, (iv) to better understand your needs and interests, (v) to fulfill requests you may make, or (vi) to personalize your experience. We never sell or share any Data with third-parties unless doing so is required by law or to provide you with the services or access to the Sites.

Violet may also use your Personal Information to inform you of other products or services available from Violet and its affiliates, to which you have the right to opt-out of by unsubscribing from marketing emails or emailing us at privacy@violet.io. Further, we use Personal Information collected via the Sites for a variety of business purposes described below:

  1. To facilitate account creation and logon process.
  2. To send you marketing and promotional communications. We and/or our thirdparty marketing partners may use the Data you send or give to us for our marketing purposes, if this is in accordance with your marketing preferences. you can opt-out of our marketing emails at any time;
  3. To send administrative information and notices to you regarding your account.
  4. To fulfill and manage orders, returns, refunds, features, and other purchases or requests made by Shoppers.
  5. To deliver targeted advertising to you unless you opt out from receiving such advertising.
  6. To administer promotions, offers or discounts.
  7. To request feedback and to contact you about your use of the Sites;
  8. To protect our Sites from fraud monitoring and prevention;
  9. To enforce our terms, conditions and policies;
  10. To respond to legal requests and prevent harm.
  11. To manage user accounts.
  12. To deliver services to the user.
  13. To respond to user inquiries/offer support to users.
  14. For other business purposes. We may use your information for other business purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our services or Sites, products, marketing and your experience. We may use and store this information in aggregated and anonymized form so that it is not associated with individual end users and does not include Personal Information. We will not use identifiable Personal Information without Your consent.
  15. We may post user testimonials and comments on our Sites upon written notice to you, which may contain Personal Information. You have the right to request removal of such testimonial and/or comment(s) upon receiving our written notice.

C. Sharing Information with Third-Parties

Violet does not sell, rent or lease its customer lists to third-parties.

Violet may share data with trusted partners to help perform statistical analysis, send you email or postal mail, provide customer support, arrange for deliveries, to perform Sitesrelated services (including but not limited to data storage, maintenance services, database management, web analytics, payment processing, and improvement of the Sites features) or to assist us in analyzing how our Sites and service are used. All such third-parties are prohibited from using your Personal Information except to provide these services to Violet, and they are required to maintain the confidentiality of your information.

Violet may disclose your Personal Information, without notice, if required to do so by law or in the good faith belief that such action is necessary to: (a) conform to the edicts of the law or comply with legal process served on Violet or the Sites; (b) protect and defend the rights or property of Violet; and/or (c) act under exigent circumstances to protect the personal safety of users of Violet, or the public.

If we go through a business transfer, such as consolidation, merger, restructuring, acquisition, or sale of part or all of our assets, you acknowledge and consent to the transfer of your Data, including Personal Information. You further acknowledge and consent to the continued use of your Data by the recipient, so long as they comply with this Privacy Policy or a similar policy. In this event, you will be notified via email and/or a prominent notice on our Sites, of any change in ownership or business transfer, use of your Data, and the choices you may have regarding your Data.

D. Links and Third-Party Service Providers.

The Sites may contain links to other sites. Please be aware that we are not responsible for the content or privacy practices of such other sites that we may link to or that you may be required to access in order to use our services. We encourage our users to be aware when they leave our Sites and to read the privacy statements of any other site that collects personally identifiable information.

We may share your Data with third-party vendors, service providers, contractors or agents who perform services for us or on our behalf and require access to such information to do that work. Limited examples include: payment processing, data analysis, email delivery, hosting services, customer service and marketing efforts.

E. Data Retention Practices.

We will only keep your Personal Information for as long as it is necessary for the purposes set out in this Policy, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements). When we have no ongoing legitimate business need to process your Data, we will either delete, de-identify it or anonymize it. If this is not possible (for example, because your Data has been stored in backup archives), then we will securely store your Data and isolate it from any further processing until deletion is possible.

If you have elected to receive marketing communications from us, we may retain information about your marketing preferences for a reasonable period of time from the date you last expressed interest in our content or Sites, such as when you last opened an email from us or ceased using your Account. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.

F. Data Security and Technical Safeguards.

Violet secures your Personal Information from unauthorized access, use, or disclosure. Violet uses the following methods for this purpose: (a) Secure Sockets Layer (SSL) technology protects Data on Our Site using both server authentication and data encryption, ensuring that user data is safe, secure, and available only to authorized persons. When personal information (such as a credit card number) is transmitted to other websites, it is protected through the use of encryption, such as the Secure Sockets Layer (SSL) protocol.(b) Our computer systems are hosted in a secure data center environment that uses a firewall, intrusion detection systems, and other advanced technology to prevent interference or access from outside intruders.

We strive to take appropriate security measures to protect against unauthorized access to or alteration of your Personal Information. Unfortunately, no data transmission over the Internet or any wireless network can be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, you acknowledge that: (a) there are security and privacy limitations inherent to the Internet which are beyond our control; and (b) security, integrity, and privacy of any and all information and data exchanged between you and us through the Sites cannot be guaranteed. We are not responsible for the security of information You transmit to Us over networks that We do not control, including the internet and wireless networks, or the data that is stored on Your device.

We may store your data on servers provided by third-party hosting vendors with whom we have contracted. To facilitate global operations, we may transfer and access Personal Information from around the world, including to servers located inside or outside the United States. By providing information to Violet, you consent to the transfer and storage of Personal Information in these locations

We use the following technical safeguards to keep your Data safe and secure:

  1. Unique password requirements and limited employee access;
  2. Destruction, deletion or de-identification of Data;
  3. Industry standard security protocols;
  4. Employee training on how to handle sensitive data, breach notice and procedures;
  5. Secure Technology (SSL), server authentication and Data encryption and use of firewall to host data;
  6. Designated security coordinator on the Violet team;
  7. Sub-processors and third-parties are bound to same security practice obligations;
  8. Backups; and
  9. Periodic audits.

G. Breach Notification Process.

In the event of an actual data breach or the unauthorized access or disclosure of any sensitive or personal data, we will notify you in writing as soon as possible outlining the following information:

  1. What happened (date of breach is possible, or estimated date of incident, or the date range within which the breached occurred);
  2. What information was involved (list the type of Personal Information);
  3. What we are doing to help resolve or mitigate the issue (and if there was any delay in providing this notice due to law enforcement investigation);
  4. What you can do to help us;
  5. How you can get more information or contact us;
  6. Information about what we have done to protect individuals whose information has been breached;
  7. Advice on steps that the person whose information has been breached may take to protect himself or herself; and
  8. Information about the steps we have taken to cure the breach and the estimated timeframe for such cure.

H. GLOBAL DIGITAL PRIVACY REGULATIONS (GDPR) COMPLIANCE.

Our legal basis for collecting and using information described herein will depend on the Data concerned, and the specific context in which we collect it. However, we will normally collect Personal Information and Data from you only where we have your consent to do so, where we need the Personal Information and/or Data to perform a contract with you, or where the processing is in our legitimate interests is not outweighed by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect and maintain Personal Information and/or Data from you.

If We ask you to provide Personal Information and/or Data to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your Personal Information and/or Data is mandatory or not (as well as of the possible consequences if you do not provide your Personal Information and/or Data). Similarly, if we collect and use your Personal Information and/or Data in reliance on our legitimate interests (or those of any third-party), we will make clear to you at the relevant time what those legitimate interests are. Processing shall be lawful only if and to the extent that at least one of the following applies:

  1. the data subject has given consent to the processing of his or her personal data for one or more specific purposes;
  2. processing is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract;
  3. processing is necessary for compliance with a legal obligation to which the controller is subject;
  4. processing is necessary in order to protect the vital interests of the data subject or of another natural person;
  5. processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
  6. processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third-party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

I. YOUR DATA PRIVACY RIGHTS.

You have certain rights under applicable data protection laws. These may include the right (i) to request access and obtain a copy of your Personal Information, (ii) to request rectification or erasure; (iii) to restrict the processing of your Personal Information; and (iv) if applicable, to data portability. In certain circumstances, you may also have the right to object to the sharing of your Personal Information. To make such a request, please contact Us at privacy@violet.io. We will consider and act upon any request in accordance with applicable data protection laws.

If we are relying on your consent to process your Personal Information, you have the right to withdraw your consent at any time. Please note however that this will not affect the lawfulness of the processing before its withdrawal.

You may request a copy of your Personal Information by emailing us at privacy@violet.io with a subject of Personal Information Request. Please send the email from the same address attached to your Violet account and include your Violet username to verify your identity. We will respond within 30 days with files containing all your information.

If you would like to opt-out of or unsubscribe from receiving direct marketing communications, you can also use the unsubscribe link contained in the message you have received. However, you cannot opt out of receiving transactional emails related to your account with us or our Sites, unless you delete your account. Where we process your Data on the basis of our or a third-party's legitimate interest, you may object to such processing at any time by contacting us at the address below. Our affiliates and partners are solely responsible for their own marketing emails and other communications directed to you. We cannot unsubscribe you from Our partners’ communications. You may, however, unsubscribe from our communications regarding our partners’ by clicking on the "unsubscribe" link located on the bottom of their emails, or by contacting them directly. You can also use this address to lodge a complaint. If you are not satisfied about the manner in which we handle your complaint, you may also lodge a complaint with Your local data protection authority.

Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, some information may be retained in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our Terms of Service and/or comply with legal requirements.

You may also disable your Violet account in your account settings. Disabling your account removes any Personal Information attached with your account and anonymizes your statistical data.

If you would at any time like to review, update, correct, delete or change the information in your account or terminate your account, you can:

  1. Log into your account settings and update your Personal Information or Data; or
  2. Contact us using the contact information provided.

If you are resident in the European Economic Area and you believe we are unlawfully processing your Personal Information, you also have the right to complain to your local data protection supervisory authority. You can find their contact details here: 

http://ec.europa.eu/justice/dataprotection/bodies/authorities/index_en.htm.

J. California Resident Users’ Data Privacy Rights.

  1. If you are a California resident, you have certain additional rights with regard to your data under the California Consumer Privacy Act of 2018 ("CCPA") and other state laws, as further described below.
  2. We may collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device ("Personally Identifiable Information"). In particular, we have collected the following categories of Personally Identifiable Information from our Users within the last 12 months, for the purposes described in Section B above:
    1. Identifiers, including your name, address, IP address, and email address;
    2. Personal information from categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)), including your name, address, telephone number, and credit card information;
    3. Commercial information, including records of the products you used or purchased, and your purchasing history or tendencies; and
    4. Internet activity, including information about your interaction with Our Sites and applications.
  3. Personally Identifiable Information does not include publicly available information from government records, de-identified or aggregated consumer information, or other information excluded from the CCPA's scope. We will not collect additional categories or use the Personally Identifiable Information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
  4. In the preceding 12 months, we have not sold any of our Users Personally Identifiable Information.
  5. Your CCPA Rights: Pursuant to the CCPA, You have the following rights regarding Your Personally Identifiable Information: (1) Right to Notice; (2) Right to Access/Right to Request; (3) Right to Know; (4) Right to Delete; (5) Right to Opt-Out; (6) Right to Not Be Discriminated Against, and (7) Right to Notice of Financial Incentive.
  6. Upon a verified request, we will provide you with this information. You have the right to request that your Personally Identifiable Information be deleted, anonymized, de-identified, or not processed or shared. You can exercise these data rights by logging into your account or by emailing us at ccpa@violet.io with information that will help us verify your request or with the email associated with your account, if you have one

  7. In the preceding 12 months, we have not sold any of our Users Personally Identifiable Information.
  8. Total or Partial Data Deletion Requests. You have the right to request that we delete a portion or all of your Personally Identifiable Information that we collected from you and retained, subject to certain exceptions. This request can only be made twice within a 12-month period. Once we receive and confirm your verifiable consumer request, we will delete, de-identify or anonymize (and direct our service providers to do the same) your Personally Identifiable Information from our records, unless an exception applies. We will keep a confidential and secure log or record of all CCPA requests and outcomes, as required by CCPA, for 24 months thereafter. Such retention of records does not violate the CCPA. We may deny Your deletion request if retaining the information is necessary for Us or Our service providers to:
    1. Complete the transaction for which We collected the Personally Identifiable Information, provide a good or service that You requested, take actions reasonably anticipated within the context of Our ongoing business relationship with You, or otherwise perform our contract with You;
    2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
    3. Debug to identify and repair errors that impair existing intended functionality;
    4. Exercise free speech, ensure the right of another user to exercise their free speech rights, or exercise another right provided for by law;
    5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.);
    6. Enable solely internal uses that are reasonably aligned with consumer expectations based on Your relationship with Us;
    7. Comply with a legal obligation, court order or similar judicial request; or
    8. If the request is unverifiable.

  9. Access to Specific Information and Data Portability Rights. You have the right to request that we disclose certain information to you about our collection and use of your Personally Identifiable Information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you through a readily useable format:
    1. The categories of Personally Identifiable Information we collected about you;
    2. The categories of sources for the Personally Identifiable Information we collected about you;
    3. Our business or commercial purpose for collecting or selling that Personally Identifiable Information;
    4. The categories of third-parties with whom we share that Personally Identifiable Information;
    5. The specific pieces of Personally Identifiable Information we collected about you (also called a data portability request);
    6. If we disclosed your Personally Identifiable Information for a business purpose, the Personally Identifiable Information categories that each category of recipient obtained.

  10. Effect of Total or Partial Deletion. Upon deletion, de-identification, or anonymization, we will not be able to honor any outstanding or earned rewards, points, or other promotions and offers, and we will be unable to process refunds, returns, or credits earned, if any. After deleting all of your Personal Information with us, you will be required to create a new account in order to use our services and to be eligible for any rewards, offers, programs, or promotions. After you delete all of your data with us, we will be unable to communicate with you, other than to confirm we have deleted your data, unless you contact us directly or sign up for our services again. After you delete your data with us, we will not be able to reinstate this account, nor will we be able to link another request or contact with your account. Please note that we keep a record or log of all deletion requests for at least 24 months, which record retention does not violate the CCPA.
  11. How to Exercise Your Rights. To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by either:
    1. Emailing ccpa@violet.io with “California Privacy Rights” in the subject line;
    2. Accessing your Account; or
    3. Calling our toll-free number: (888) 521-4595
    Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. The verifiable consumer request must (i) provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, and (ii) describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

    We will not be able respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. However, if you do have an account with us, you can make a verifiable request through your account. We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.

    By writing to us, you agree to receive communication from us seeking information from you in order to verify you as the consumer from whom we have collected the data and such other information as reasonably required to enable us to honor your request.

    We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.