(last updated September 5, 2022)
This Policy governs your access to the Services regardless of how you access them, and by using our Services you consent to the collection, transfer, processing, storage, disclosure, and other uses described in this Policy. By using our Website, Application, and/or Services, you agree to the collection, storage, and use of information and data in accordance with this Policy. We recommend that you read this Policy carefully when using our Websites, application, and/or Services, or when transacting with us. By using our Websites, application, and/or Services, you are accepting the practices described in this Policy.
For questions or feedback regarding this Policy or our privacy practices, please email us at firstname.lastname@example.org.
Lace operates startlace.com and may operate other websites. It is Lace’s policy to respect your privacy regarding any information we may collect while operating our Websites and/or Services.
Lace values its users’ privacy. This Policy will help you understand how we collect and use personal information from those who visit our Website or make use of our online facilities and Services, and what we will and what we will not do with the information we collect. Our Policy has been designed and created to ensure those affiliated with Lace of our commitment and realization of our obligation not only to meet, but to exceed, most existing privacy standards.
We reserve the right to make changes to this Policy at any given time. If you want to make sure that you are up to date with the latest changes, we advise you to frequently visit this page. If at any point Lace decides to make use of any personally identifiable information on file, in a manner significantly different from that which was stated when this information was initially collected, the User or Users of our Services (“you,” “user,” or “users”) shall be promptly notified by email. Users at that time shall have the option as to whether to permit the use of their information in this separate manner.
This Policy applies to use of our Websites and all of our Services, and it governs any and all data collection and usage by Lace. Through the use of our Websites and/or Services, you are therefore consenting to the data collection procedures expressed in this Policy.
- INFORMATION YOU PROVIDE
a. PERSONAL INFORMATION. When you register for an account, we collect some personal information, including your name, email address, home or business address, and phone number. This information will be stored on Firebase's third-party cloud storage service. Data storage and processing systems are hosted in Amazon AWS, which is managed by Lace. We use the information you provide and the information we collect to create your account, through which we will provide the Services for which you registered, and for the purpose of contacting you for providing technical support related to the Services. We also collect your credit card and/or bank account details. This information is stored on Lace's [PAYMENT PROCESSING SERVICE] which processes your payments for Lace's Services. We collect information from individuals who visit the Website and/or use the Services (“Visitors”). You do not need to register for the Services in order to review the content on the Website as a Visitor. The information described in this paragraph is referred to collectively as “Personal Information.”
b. NON-PERSONAL INFORMATION. We collect the email addresses of people whom you may assign to pay your Lace bills, and email addresses of people with whom you share your files or to whom you offer consulting services. We collect information related to your business type, number of employees, and revenue of your business. We use this information for gathering market data and deciding upon future product offerings. This information is stored in databases hosted by Firebase's third-party cloud storage service. Data storage and processing systems are hosted in Amazon AWS, which is managed by Lace. The information described in this paragraph is referred to collectively as “Non-Personal Information.” Personal Information and Non-Personal Information are referred to collectively as “Information.”
- PERSONALLY IDENTIFIABLE INFORMATION WE COLLECT
a. All of the different forms of data, content, and information described above and below are collectively referred to as “Information.” We may collect and store the following Information when you access the Services.
b. It is always up to you whether to disclose personally identifiable information to us, although if you elect not to do so, we reserve the right to not register you as a user or provide you with any products or Services. Our Websites and/or Services collect various types of information, such as:
i. Voluntarily provided information which may include your name, address, email address, billing and/or credit card information, etc. which may be used when you purchase products and/or services and to deliver the Services you have requested.
ii. Information automatically collected when visiting our Websites and/or using our Services, which may include cookies, third-party tracking technologies, and server logs.
c. In addition, Lace may have the occasion to collect non-personally identifiable anonymous demographic information, such as age, gender, household income, political affiliation, and race and religion, as well as the type of browser you are using, IP address, or type of operating system, which will assist us in providing and in maintaining superior quality service.
d. Lace may also deem it necessary from time to time to follow websites that our users may frequent to determine what types of services and products may be the most popular to customers or to the general public.
e. Please rest assured that this Website and/or Services will only collect Personal Information that you knowingly and willingly provide to us by way of surveys, completed membership forms, content uploads (including, but not limited to, video recordings, webcam recordings, microphone recordings, and files), and emails. It is the intent of this Website and/or Services to use Personal Information only for the purpose for which it was requested or provided, and for any additional uses specifically provided for on this Policy.
- INFORMATION COLLECTED AUTOMATICALLY
a. We collect Information related to your device and its software when using the Services automatically, and store it in Firebase's third-party cloud storage service. Data storage and processing systems are hosted in Amazon AWS, which Is managed by Lace. This information includes Internet Protocol IP address, type of operating system, number of folders, files that are shared, names of folders and files, upload and download status, history of versions of files, configuration information of the Services and/or software installed on your device, times at which you accessed server software, number of messages sent by you or your clients, and times at which these messages were sent. We use this information for the purpose of diagnostics and troubleshooting to be able to provide quality support and maintenance to our customers.
b. As is true of most websites, we gather certain non-personally identifiable information from your device and its software when using the Services automatically and store that information in log files. This information includes internet protocol (IP) addresses, browser type, internet service providers (ISP), referring/exit pages, information you search for on our Websites and/or Services, your mobile carrier, operating system, system configuration information, date/time stamp, click stream data, and other fields. We use this information to analyze trends, to administer the Website and/or Services, to track users’ movements around the Websites and/or Services, and to gather demographic information about our user base as a whole.
a. We collect and store the computer files you upload, download, or access with the Services (“Files”). Your Files can be downloaded and accessed by the users with whom you share the folders containing the Files by providing their email address on the Services.
- WHY WE COLLECT INFORMATION AND FOR HOW LONG
a. We are collecting your data for several reasons:
i. To better understand your needs and to provide you with the Services you require and/or request;
ii. To fulfill our legitimate interest in improving and troubleshooting our Services and our products;
iii. To send you promotional emails containing information we think you may like when we have your consent to do so;
iv. To contact you to fill out surveys or to participate in other types of market research, when we have your consent to do so;
v. To customize the Websites and/or Services according to your online behavior and your personal preferences
b. The data we collect from you will be stored for no longer than necessary. The length of time we retain said information will be determined based upon the following criteria: the length of time your personal information remains relevant; the length of time it is reasonable to keep records to demonstrate that we have fulfilled our duties and obligations; any limitation periods within which claims might be made; any retention periods proscribed by law or recommended by regulators, professional bodies, or associations; the type of contract we have with you; the existence of your consent; and our legitimate interest in keeping such information as stated in this Policy.
c. As we offer our Services directly to our end users and our Services offer many different experiences, we need to collect and process Information so that:
i. Users can subscribe or register to use our Services online;
ii. We can send users any information they have asked us for or answer their questions;
iii. We can ask users to give us feedback on our Services through questionnaires and surveys;
iv. We can provide our users with relevant marketing information about our Services;
v. To improve and supplement our matching algorithms; display relevant public facing information for user profiles (such as professional data and videos/images) to other users on the platform, analytical purposes, and/or marketing purposes.
- SHARING OF INFORMATION
a. We may share the Information we collect about you as described in this Policy or as described at the time of collection or sharing, including as follows:
i. With third-party service providers to enable them to provide the Services you request, such as channel partners, Application developers, and/or analytics
ii. With the general public if you submit content in a public forum (such as through social media websites such as Google, Facebook, Twitter, Instagram, and LinkedIn) for reviews, comments, and social media posts, or with other features of our Services that are viewable by the general public;
iii. With third parties with whom you choose to let us share Information, for example other Applications or websites that integrate with our API or Services, or those with an API or Services with which we integrate.
b. Lace will share no more Information than is necessary to enable third-party providers to provide the Services requested.
- USE OF INFORMATION COLLECTED
a. Lace does not now, nor will it in the future, sell, rent, or lease any of its customer lists and/or names to any third parties.
b. Lace may collect and may make use of Personal and Non-Personal Information to assist in the operation of the Websites and Services, and to ensure delivery of the Services you need and request. At times, we may find it necessary to use personally-identifiable information as a means of keeping you informed of other possible products and/or Services that may be available to you from our Websites.
c. Lace will only use or disclose a user's personally identifiable information with that user's express consent. Users are not automatically opted-in to such consent, and must expressly consent to use or disclosure of their personally identifiable information when using the Websites, Services, and/or Application.
d. Lace may also be in contact with you with regards to completing surveys and/or research questionnaires related to your opinion of current or potential future Services that may be offered.
e. Lace uses various third-party social media features and other interactive programs. These may collect your IP address and require cookies to work properly. These services are governed by the privacy policies of the providers and are not within Lace’s control.
- DISCLOSURE OF INFORMATION
a. Lace may not use or disclose the Information provided by you except under the following circumstances:
i. As necessary to provide Services or products you have requested;
ii. In other ways described in this Policy or to which you have otherwise consented;
iii. In the aggregate with other information in such a way so that your identify cannot reasonably be determined;
iv. As required by, or in response to, a subpoena or search warrant;
v. To outside auditors who have agreed to keep the Information confidential;
vi. As necessary to enforce the Terms of Service;
vii. As necessary to maintain, safeguard, and preserve all the rights and properties of Lace.
b. Lace may disclose your Information:
i. To any person who, in our reasonable judgment, is authorized to receive your Information as your agent, including as a result of your business dealings with that person (for example, your attorney)
ii. To our third-party partners and service providers so that they may provide support for our internal and business operations, including handling of data processing; data verification; data storage; surveys; research; internal marketing; delivery of promotional, marketing, and transaction materials; and our Services maintenance and security. These companies are authorized to use your Information only as necessary to provide these Services to us and are contractually obligated to keep your Information confidential;
iii. As we deem necessary, in our sole discretion, if we believe that you are violating any applicable law, rule, or registration, or are otherwise interfering with another’s rights or property, including, without limitation, our rights and property;
iv. If requested by authorities in the event of any act of terrorism or instance of local, regional, or national emergency
v. To enforce our Terms of Service, this Policy, and any other applicable agreements and policies, and;
vi. To enforce or protect our rights.
c. When we disclose Personal Information for a business purpose or a commercial purpose, Lace enters into a contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and to not use it for any purpose except for performing that contract.
a. We may access, read, preserve, and disclose any Information that we reasonably believe is necessary to comply with law or court order, or protect the rights, property, or safety of us, our employees, our users, or others.
- ANALYTICS AND ADVERTISING SERVICES PROVIDED BY OTHERS
- SERVICE PROVIDERS
a. We may employ third-party companies and individuals to facilitate our Services, to provide the Services on our behalf, to perform Services-related services, and/or to assist us in analyzing how our Services are used. These third parties have access to your Information only to perform specific tasks for the purpose of providing the Services.
- NON-MARKETING PURPOSES
a. Lace greatly respects your privacy. We do maintain and reserve the right to contact you if needed for non-marketing purposes (such as bug alerts, security breaches, account issues, and/or changes to Lace products and Services). In certain circumstances, we may use the Websites, Services, newspapers, or other public means to post a notice.
- CHILDREN UNDER THE AGE OF 18
a. The Websites and Services are not directed to, and does not knowingly collect, personally-identifiable Information from children under the age of eighteen (18). If it is determined that such information has been inadvertently collected on anyone under the age of eighteen (18), we shall immediately take the necessary steps to ensure that such Information is deleted from our system’s database, or in the alternative, that verifiable parental consent is obtained for the use and storage of such Information. Anyone under the age of eighteen (18) must seek and obtain parent or legal guardian permission to use the Websites and/or Services.
- YOUR RIGHTS IN RELATION TO THE PERSONAL INFORMATION WE COLLECT
a. You have the right to access, correct, delete, restrict processing, and object to processing of your Personal Information. If you wish to: (1) update, alter, delete, or obtain a copy of your Personal Information that we hold; (2) restrict or stop us from using any of the Personal Information which we hold about you, including by withdrawing any consent you have previously given to the processing of such Information, unsubscribing, or opting-out; or (3) where any Personal Information has been processed on the basis of your consent or as necessary to perform a contract to which you are a party, request a copy of such Personal Information in a suitable format, email Lace at the address indicated at the end of this Policy. We endeavor to respond to such requests within a month or less, although we reserve the right to extend this period for complex requests and due to other circumstances.
b. Please note that, if you request that we restrict or stop using Information we hold about you, or withdraw a consent you have previously given to the processing of such Information, this may affect our ability to provide Services to you or negatively impact the Services we can provide to you and your experience of the Websites. We reserve the right to deny you access for any reason permitted under applicable laws. Such exemptions may include national security, corporate finance, and confidential references. If we deny you access or correction, we will provide you with written reasons for such denial unless it is unreasonable to do so and, where required by local data protection laws, will note your request and the denial of same in our records.
- LINKS TO OTHER WEBSITES
a. Our Websites and Services may contain links to affiliates, third parties, and other websites. Lace does not claim nor accept responsibility for any privacy policies, practices, and/or procedures of other such affiliates, third parties, and websites. Therefore, we encourage all users and Visitors to be aware when they leave our Websites, and encourage all users and Visitors to read the privacy policies of every website that collects Personally-Identifiable information. This Policy applies only and solely to the information collected by Lace’s Websites and Services.
a. Lace takes precautions to protect your Information. When you submit sensitive information via the Websites and/or the Services, your information is protected both online and offline. Wherever we collect sensitive information (e.g., credit card information), that information is encrypted and transmitted to us in a secure way. You can verify this by looking for a lock icon in the address bar and looking for “https” at the beginning of the address of the webpage. While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the Information to perform a specific job (for example, billing or customer service) are granted access to Personally-Identifiable Information. The computers and servers in which we store Personally-Identifiable Information are kept in a secure environment. This is done to prevent any loss, misuse, unauthorized access, disclosure, or modification of the user’s Personal Information under our control.
- OUR COMMITMENT TO YOUR PRIVACY
a. To make sure your Personal Information is secure, we communicate our privacy and security guidelines to Lace employees and strictly enforce privacy safeguards within Lace.
- HOW TO CONTACT US
a. If you have any questions or concerns regarding this Policy, please feel free to contact us at the following email, telephone number, or mailing address: email@example.com.
- WEBSITE VISITORS
a. Like most website operators, Lace collects Non-Personally-Identifying Information of the sort that web browsers and servers typically make available, such as browser type, language preference, referring site, and the date and time of each visitor request. Lace’s purpose in collecting Non-Personally-Identifying Information is to better understand how Lace’s users and Visitors use its Websites and/or Services.
b. Lace also collects potentially Personally-Identifying Information like Internet Protocol (IP) addresses for logged-in users and for users leaving comments on startlace.com. Lace only discloses logged-in user and commenter IP addresses under the same circumstances that it uses and discloses Personally-Identifying Information as described below, except that commenter IP addresses and email addresses are visible and disclosed to the administrators of the blog and/or website where the comment was left.
- GATHERING OF PERSONALLY-IDENTIFYING INFORMATION
a. Certain visitors to Lace’s Websites and Services choose to interact with Lace in ways that require Lace to gather Personally-Identifying Information. The amount and type of information that Lace gathers depends on the nature of the interaction. For example, we ask Visitors who sign up at startlace.com to provide their full name, username, password, and email address. Those who engage in transactions with Lace are asked to provide additional information, including when necessary the personal and financial information required to process those transactions. In each case, Lace collects such information only insofar as is necessary or appropriate to fulfill the purpose of the Visitor’s of user's interaction with Lace. Lace does not disclose Personally-Identifying Information other than as described below. And, Visitors and users can always refuse to supply Personally-Identifying Information, with the caveat that it may prevent them from engaging in certain website-related or Service-related activities.
- AGGREGATED STATISTICS
a. Lace may collect statistics about the behavior of Visitors and users of its Websites and Services. Lace may display this Information publicly or provide it to others. Lace does not disclose Personally-Identifying Information other than as described below.
- PROTECTION OF CERTAIN PERSONALLY-IDENTIFYING INFORMATION
a. Lace discloses potentially Personally-Identifying and Personally-Identifying Information only to those of its employees, contractors, and affiliated organizations that: (1) need to know that Information in order to process it on Lace’s behalf or to provide the Services available at Lace’s Websites, and (2) that have agreed not to disclose it to others. Some of those employees, contractors, and affiliated organizations may be located outside of your home country. By using Lace’s Websites and/or Services, you consent to the transfer of such information to them. Lace will not rent or sell potentially Personally-Identifying and Personally-Identifying Information to anyone. Other than to its employees, contractors, and affiliated organizations, as described above, Lace discloses potentially Personally-Identifying and Personally-Identifying Information only in response to a subpoena, court order, or other governmental request, or when Lace believes in good faith that disclosure is reasonably necessary to protect the property or rights of Lace, third parties, or the public at large. If you are a registered user of Lace's Websites and/or Service, and have supplied your email address, Lace may occasionally send you an email to tell you about new features, solicit your feedback, or just keep you up to date with what is going on with Lace and Lace’s products and Services. If you send us a request (for example, via email or via one of our feedback mechanisms), we reserve the right to publish it in order to help us clarify or respond to your request or to help us support other users. Lace takes all measures reasonably necessary satisfy your request or to help us support other users. Lace takes all measures reasonably necessary to protect against the unauthorized access, use, alteration, or destruction of potentially Personally-Identifying and Personally-Identifying Information.
ii. FLASH COOKIES. Certain features of our Services may use local stored objects (or Flash Cookies) to collect and store information about your preferences or your activity on our Services. Flash Cookies are not managed by the same browser settings as those used for Browser Cookies. For more information on how you can delete Flash Cookies, please read “Where can I change the settings for disabling, or deleting local shared objects?” available at: https://helpx.adobe.com/flash-player/kb/disable-local-shared-objects-flash.html#main_Where_can_I_change_the_settings_for_disabling__or_deleting_local_shared_objects_
iii. WEB BEACONS. Certain sections of our Services and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit Lace, for example, to count users who have visited those pages or opened an email, and to analyze other related website statistics (for example, recording the popularity of a certain section and of verifying system and server integrity).
c. Cookies can be “Persistent” or “Session” Cookies. Persistent Cookies remain on your personal computer or mobile device when you go offline, while Session Cookies are deleted as soon as you close your web browser.
- HOW WE USE INFORMATION
a. PERSONAL INFORMATION. Personal Information including name, email address, phone number, and address may be used: (1) to set up your account to provide the Services for which you registered; (2) to provide and to improve our Services; (3) to better understand your needs and your interests; and (4) to personalize and to improve your experience while using the Services.
b. SERVICES-RELATED NOTIFICATIONS FOR CUSTOMERS. We will send you notifications related to the Services as necessary to administer your use of the Services. For example, we will send you email notifications when your account is setup, when a password is required to be sent, or when a bill has become due. We will send you email notifications as we add software updates to our Services. These emails are necessary for the maintenance of your account with us and cannot be disabled as long as your account is active.
c. BUSINESS INFORMATION. Customers use our Services to upload and share computer files that may contain business data, financial information, project data, architectural designs, etc., related to their business (“Business Information”). That Business Information is considered confidential to our Customers. Lace will not review, share, distribute, or reference any such Business Information except for the purpose of resolving a problem, providing customer support, or to investigate a suspected violation of our business.
d. BILLING INFORMATION. All billing information that we collect, including credit card and bank details, is used solely to bill for our Services. Lace uses a third-party credit card processor to assist us in processing customer payments. This processing partner is not permitted to store, retain, or use the Personally- Identifiable Information provided, except for the sole purpose of credit card processing or collecting payments.
e. SPECIAL OFFERS AND UPDATES. With your prior express consent, we will occasionally send you new information regarding our Websites, Services, webinars, or new product offerings. We will use your Personal Information to send these communications to you. Out of respect for your privacy, you must expressly opt-in to receiving these types of communications if you prefer to hear from us. We will not send you said information otherwise. After receiving your consent to receive said information, you may opt-out of this service at any time and for any reason, and we will immediately cease sending such information to you.
- EMAIL MARKETING
a. We may use your Personal Information to contact you with newsletters, marketing, or promotional materials, and other information that may be of interest to you. You may opt-out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send to you or by contacting us. We may use Email Marketing Service Providers to manage and send emails to you if you have Indicated that you would like to receive these communications.
- BEHAVIORAL REMARKETING
b. These third-party vendors collect, store, use, process, and transfer information about your activity on our Services in accordance with their privacy policies and to enable us to:
i. Measure and analyze traffic and browsing activity on our Services;
ii. Show advertisements for our products and/or Services to you on third-party websites or applications; and
iii. Measure and analyze the performance of our advertising campaigns.
c. Some of these third-party vendors may use non-cookie technologies that may not be impacted by browser settings that block cookies. If your browser may not permit you to block such technologies, you can use the following third-party tools to decline the collection and use of information for the purpose of serving you interest-based advertising.
d. You may opt-out of all personalized advertising by enabling privacy features on your mobile device such as Limit Ad Tracking (iOS) and Opt Out of Ads Personalization (Android). See your mobile Help system for more information.
e. We may share information, such as hashed email addresses (if available) or other online identifiers collected on our Services with these third-party vendors (hashing is an encryption form which converts data through a formula, translating It into an easily findable or swappable code, string, or value). This allows our third-party vendors to recognize and deliver you advertisements across devices and browsers. To read more about technologies used by these third-party vendors and their cross-device capabilities please refer to the [PRIVACY POLICIES OF EACH VENDOR].
- WHO HAS ACCESS TO INFORMATION
a. We do not sell any of your Personal Information or Non-Personal Information. Entities listed in this section adhere to confidentiality and security measures, have been made aware of this Policy, and have executed non-disclosure agreements with Lace.
b. Employees and independent contractors of Lace have access to the Information on a need-to-know basis, for the purpose of software development, testing, diagnostics, bug fixing, customer support, and for other such purposes. Employees and independent contractors are covered by and adhere to this Policy.
- BUSINESS PARTNERS
a. We provide access to some of the Information for our business partners who have executed the required confidentiality agreements with us for the purpose of testing and supporting Lace products and Services. These business partners are not permitted to retain, share, store, or use your Information for any purpose other than to complete the contracted assignment and under obligations similar to those in this Policy.
- THIRD PARTIES
a. We may employ or use trusted third parties to act on our behalf regarding our Services, including, but not limited to, providing marketing support, providing analysis, and providing public relations. These third parties may have access to your Information. However, such third parties are not permitted to retain, share, store, or use your Information for any other purpose other than to complete the contracted assignment and under obligations similar to those in this Policy. From time to time, we may provide Services, or sell product lines jointly with selected business partners. We DO NOT share Personal Information with third parties for unknown reasons.
b. Our Services, as well as the email messages sent with respect to our Services, may contain links or access to websites operated by third parties that are beyond our control. Links or access to third parties from our Services are not an endorsement by us of such third parties, or of their websites, applications, products, services, or practices. These third-parties may send their own cookies to you and may independently collect data. If you visit or access a third-party website, application, or other property that is linked or accessed from our Services, we encourage you to read any privacy policies and terms of services of that third party before providing any Personally Identifiable Information. If you have any questions about those terms and services, privacy policies, or contents of third parties, please contact that third-party directly.
- BUSINESS TRANSFERS AND CORPORATE CHANGES
a. We may share Information with our subsequent owner, co-owner, successor, or operator of one or more of the Services, or in connection with (including, without limitation, during the negotiation or due diligence process) a corporate merger, consolidation, or restructuring; the sale of substantially all of our stock and/or assets; financing, acquisition, divestiture, or dissolution of all or a portion of our business; or other corporate changes.
- HOW LONG WE RETAIN YOUR INFORMATION
a. We generally retain your Information as long as reasonably necessary to provide you the Services or to comply with applicable law. We can retain copies of Information about you and any transactions or Services in which you may have participated for a period of time that is consistent with applicable law, applicable statutes of limitations, or as we believe is reasonably necessary to comply with applicable law, regulation, legal process, or governmental request; to detect or prevent fraud; to collect fees owed; to resolve disputes; to address problems with our Services; to assist with investigations; or to take any other actions consistent with applicable law.
- LEGAL DISCLAIMER
a. We reserve the right to disclose your Information when we have a good faith belief that disclosure is reasonably necessary to:
i. Protect our rights;
ii. Comply with a law, regulation, judicial proceeding, court order, or legal process served on us;
iii. Protect the safety of any person from death or serious bodily injury;
iv. Prevent fraud or abuse of Lace or its users or Visitors.
- BUSINESS TRANSFERS
- DATA SECURITY AND INTEGRITY
a. The security, integrity, and confidentiality of your Information is extremely important to us. We utilize robust security measures to protect your Information from unauthorized access. Your Information will be stored on Firebase's secure and dedicated third-party cloud storage and on data storage and processing systems maintained by Lace through Amazon AWS.
b. We strive to implement and maintain reasonable, industry-standard secure storage technologies, and commercially acceptable security procedures and practices appropriate to the Information we store, in order to protect it from unauthorized access, destruction, use, modification, or disclosure. We follow generally accepted standards to protect the information submitted to us, both during transmission and once we receive it. Sensitive Information is encrypted and website connections are protected using secure socket layer (SSL) technology with a minimum of 128-bit symmetric encryption and a 1024-bit authenticated key agreement. Our Websites and/or Services are hosted on a secure server environment that uses multi-layer, perimeter security including firewalls and other advanced technology to prevent interference or access from outside intruders. However, we cannot ensure or warrant 100% security of any Information you provide to us or guarantee that Information on the Websites and/or Services may not be accessed, disclosed, altered, or destroyed by unauthorized persons, or hardware or software failure. Further, please be aware that no method of transmission over the internet, or method of electronic storage is 100% secure. We are unable to guarantee the absolute security of the Information we collected from you.
c. Our users, employees, and partners also play an important role in protecting Information. We encourage users to choose passwords and other forms of user credentials for authentication that are difficult for others to guess and to keep their personal passwords and credentials secret.
d. Our users and Visitors are solely responsible for their interactions with other users and Visitors. Users and Visitors understand that we do not make criminal checks or otherwise inquire into the background of users and Visitors.
e. Should you notice any flaws or concerns in our security, please contact our team at firstname.lastname@example.org as soon as possible.
f. If we ever experience a data breach in which Information is at risk of being misused, we will contact users according to legal requirements. If necessary, we will also contact data protection authorities.
- NOTICE TO CALIFORNIA RESIDENTS
a. If you are a California resident, you are permitted by California Civil Code §1798.83 to request information regarding the disclosure of your Personal Information by us to third parties for the third parties’ direct marketing purposes. With respect to these entities, this Policy applies only to their activities within the State of California.
- CALIFORNIA CONSUMER PRIVACY ACT ("CCPA")
a. This privacy notice section for California residents supplements the information contained in this Policy and it applies solely to all Visitors, users, and others who reside in the State of California.
- YOUR RIGHTS UNDER THE CCPA. The CCPA provides California residents with specific rights regarding their Personal Information. If you are a resident of California, you have the following rights:
a. THE RIGHT TO NOTICE. You have the right to be notified which categories of your Personal Information are being collected and the purposes for which your Personal Information is being used.
b. THE RIGHT TO REQUEST. Under CCPA, you have the right to request that we disclose information to you about our collection, use, sale, disclosure for business purposes, and sharing of Personal Information. Once we receive and confirm your request, we will disclose to you:
i. The categories of Personal Information we collected about you;
ii. The categories or sources of the Personal Information we collected about you;
iii. Our business or commercial purpose for collecting or selling that Personal Information;
iv. The categories of third parties with whom we share that Personal Information;
v. The specific pieces of Personal Information we collected about you;
vi. If we sold your Personal Information or disclosed your Personal Information for a business purpose, we will disclose to you:
1. The categories of Personal Information sold;
2. The categories of Personal Information disclosed
- EXERCISING YOUR CCPA DATA PROTECTION RIGHTS
a. In order to exercise any of your rights under the CCPA, and if you are a California resident, you can contact us by email: email@example.com.
b. Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable request related to your Personal Information.
c. Your request to us must:
i. Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or are an authorized representative of that person.
ii. Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
d. We cannot respond to your requests nor provide you with the required information if we cannot:
i. Verify your identify or your authority to make the request; and
ii. Confirm that the Personal Information relates to you.
e. We will disclose and deliver the required information free of charge within 45 days of receiving your verifiable request. The time period to provide the required information may be extended once by an additional 45 days when reasonably necessary and with prior notice.
f. Any disclosures we provide will only cover the 12-month period preceding the verifiable request’s receipt.
g. For data portability requests, we will select a format to provide your Personal Information that is readily usable and should allow you to transmit the Information from one entity to another entity without hindrance.
- CATEGORIES OF PERSONAL INFORMATION COLLECTED UNDER CCPA
a. Please note that the categories and examples provided in the list below are those defined in the CCPA. This does not mean that all examples of that category of Personal Information were in fact collected by us, but reflects our good faith belief to the best of our knowledge that some of that Information from the applicable category may be and may have been collected. For example, certain categories of Personal Information would only be collected if you provided such Personal Information directly to us.
b. We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly, or indirectly, with a particular user or device. The following is a list of categories of Personal Information which we may collect or may have been collected from California residents within the last twelve (12) months.
- SOURCES OF PERSONAL INFORMATION UNDER CCPA. Under CCPA, we obtain the categories of Personal Information listed above from the following categories of sources:
a. DIRECTLY FROM YOU. For example, from the forms you complete on our Websites and/or Services, preferences you express or provide through our Websites and/or Services, or from your purchases on our Websites and/or Services.
b. INDIRECTLY FROM YOU. For example, from observing your activity on our Websites and/or Services.
c. AUTOMATICALLY FROM YOU. For example, through cookies we or our service providers set on your device as you navigate through our Services.
d. FROM SERVICE PROVIDERS, For example, when third-party vendors monitor and analyze your use of our Services, when third-party vendors deliver targeted advertising to you, when third-party vendors contemplate payment processing, or when other third-party vendors that we use provide services to you.
e. Please note that the examples provided above are illustrative and limited to CCPA, and are not intended to be exhaustive.
- USE OF PERSONAL INFORMATION FOR BUSINESS PURPOSES OR COMMERCIAL PURPOSES UNDER CCPA
a. As defined under CCPA, we may use or disclose Personal Information we collect for “business purposes” or “commercial purposes," which may include the following examples:
i. To operate our Services and provide you with our Services;
ii. To provide you with support and to respond to your inquiries, including to investigate and address your concerns to monitor and improve the Services.
iii. To fulfill or meet the reason you provided the Information. For example, if you share your contact information to ask a question about our Services, we will use that Personal Information to respond to your inquiry. If you provide your Personal Information to purchase a product or service, we will use that Information to process your payment and facilitate delivery.
iv. To respond to law enforcement requests and as required by applicable law, court order, or governmental regulation.
v. As described to you when collecting your Personal Information or as otherwise set forth in CCPA.
vi. For internal administrative and auditing purposes.
vii. To detect security incidents and protect against malicious, deceptive, fraudulent, or illegal activity, including, when necessary, to prosecute those responsible for such activities.
b. Please note that the examples provided above are illustrative and limited to CCPA, and are not intended to be exhaustive.
- DISCLOSURE OF PERSONAL INFORMATION FOR BUSINESS OR COMMERCIAL PURPOSES UNDER CCPA
a. PURPOSES. Please note that the categories listed above are those defined in CCPA. This does not mean that all examples of that category of Personal Information were in fact disclosed, but reflects our good faith belief to the best of our knowledge that some of that Information from the applicable category may be and may have been disclosed.
b. SALE OF PERSONAL INFORMATION.
i. As defined in the CCPA, “sell” and “sale” mean selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a user’s Personal Information by Lace to a third-party for valuable consideration. This means that Lace may have received some kind of benefit in return for sharing Personal Information, but not necessarily a monetary benefit.
ii. Please note that the categories listed below are those defined in the CCPA. This does not mean that all examples of that category of personal information were in fact sold, but reflects our good faith belief to the best of our knowledge that same of that Information from the applicable category may be and may have been shared for value in return.
iii. We may sell and may have sold in the last twelve (12) months the following categories of Personal Information:
1. Category A: Identifiers
2. Category B: Personal Information categories listed In the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
3. Category D: Commercial Information
4. Category F: Internet or other similar network activity
c. SHARE OF PERSONAL INFORMATION. We may share your Personal Information identified in the above categories with the following categories of third parties:
i. Service Providers
ii. Payment processors
iii. Lace affiliates
iv. Lace business partners
v. Third-party vendors to whom you or your agents authorize Lace to disclose your Personal Information in connection with products or Services we provide to you.
- THE RIGHT TO SAY NO TO THE SALE OF PERSONAL INFORMAITON (OPT-OUT)
a. The Service Providers we partner with (for example, our analytics or advertising partners) may use technology on the Services that sells Personal Information as defined by the CCPA law. If you wish to opt-out of the use of your Personal Information for interest-based advertising purposes and these potential sales as defined under CCPA law, you may do so by following the instructions below (Please note that any opt out is specific to the browser you use, you may need to opt out on every browser that you use):
i. You can opt out of receiving advertisements that are personalized as served by our Service Providers by following our instructions presented on the Services. The opt out will place a cookie on your computer that is unique to the browser you use to opt out. If you change browsers or delete the cookies saved by your browser, you will need to opt out again.
- YOUR CALIFORNIA PRIVACY RIGHTS UNDER CALIFORNIA'S SHINE THE LIGHT ACT
a. Under California Civil Code Section 1798, California residents with an established business relationship with us can request information once a year about sharing their Personal Information with third parties for the third parties’ direct marketing purposes.
b. If you would like to request more information under the California Shine the Light law, and if you are a California resident, you can contact us using the contact information provided below.
- NOTICE TO EUROPEAN UNION USERS
a. Lace’s operations are located primarily in the United States. If you provide information to us, it will be transferred out of the European Union (EU) and sent to the United States. The adequacy decision between the EU-US became operational on August 1, 2016. This framework protects the fundamental rights of anyone in the EU whose personal data is transferred to the United States for commercial purposes. It allows the free transfer of data to companies that are certified in the United States under the Privacy Shield, which provides a mechanism to comply with data protection requirements when transferring personal data from the EU and Switzerland to the United States. By providing personal Information to us, you are consenting to its storage and use as described in this Policy.
- DATA TRANSFERS, STORAGE, AND PROCESSING GLOBALLY
a. We may transfer your Personal Information to third parties in locations around the world for the purposes described in this Policy. We may use third-party service providers to process and store your Information in the United States, Canada, Japan, the European Union, and in other jurisdictions.
b. Information may be transferred to, and maintained on, computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. Whenever your Personal Information is transferred, stored, or processed by us or by companies carrying out such services on our behalf, we will take reasonable steps to safeguard the privacy of your Personal Information.
c. We will make sure we, as a minimum, use the standards of data privacy and security that follows from the European General Data Protection Regulation (“GDPR”) anywhere in the world where we collect, store, use, or share your Personal Information. Where your local rules require more from us than the GDPR, we will adjust our practices to make sure your Information is safe with us no matter what. The rules set by European data authorities across the European Union set some of the highest standards in the world on Information collection, storage, use, and sharing.
- GDPR PRIVACY
a. LEGAL BASIS FOR PROCESSING PERSONAL INFORMATION UNDER GDPR. We may process Personal Information under GDPR.
b. CONSENT. You have given your consent for processing Personal Information for one or more specific purposes.
c. PERFORMANCE OF CONTRACT. Provision of Personal Information is necessary for the performance of an agreement with you and/or for any pre-contractual obligations thereof.
d. LEGAL OBLIGATIONS. Processing Personal Information is necessary for compliance with a legal obligation to which Lace is subject.
e. VITAL INTERESTS. Processing Personal Information is necessary in order to protect your vital interests or those of another natural person.
f. PUBLIC INTERESTS. Processing Personal Information is related to a task that is carried out in the public interest or in the exercise of official authority vested in Lace.
g. LEGITIMATE INTERESTS. Processing Personal Information is necessary for the purposes of the legitimate interests pursued by Lace.
- YOUR RIGHTS UNDER THE GDPR
a. Lace undertakes to respect the confidentiality of your Personal Information and to guarantee you can exercise your rights.
b. You have the right under this Policy, and by law if you are within the EU, to:
i. REQUEST ACCESS TO YOUR PERSONAL INFORMATION. The right to access, update, or delete the Information we have about you. Whenever made possible, you can access, update, or request deletion of your Personal Information directly within your account settings. If you are unable to perform these actions yourself, please contact us to assist you. This also enables you to receive a copy of the Personal Information we hold about you.
ii. REQUEST CORRECTION OF THE PERSONAL INFORMATION THAT WE HOLD ABOUT YOU. You have the right to have any incomplete or inaccurate information we hold about you corrected.
iii. OBJECT TO PROCESSING OF YOUR PERSONAL INFORMATION. This right exists whenever we are relying on a legitimate interest as the legal basis for our processing of your Personal Information, and there is something about your particular situation which makes you want to object to our processing of your Personal Information on this ground. You also have the right to object when we are processing your Personal Information for direct marketing purposes.
iv. REQUEST ERASURE OF YOUR PERSONAL INFORMATION. You have the right to ask us to delete or remove any Personal Information we have about you when there is no good reason for us to continue processing it.
v. REQUEST THE TRANSFER OF YOUR PERSONAL INFORMATION. We will provide to you, or to a third-party you have chosen, your Personal Information in a structured, commonly used, machine-readable format. Please note that this right only applies to automated Information which you initially provided consent for us to use or where we used the Information to perform a contract with you.
vi. WITHDRAW YOUR CONSENT You have the right to withdraw your consent on using your Personal Information. If you withdraw your consent, we may not be able to provide you with access to certain specific functionalities of the Services.
c. EXERCISING OF YOUR GDPR DATA PROTECTION RIGHTS
i. You may exercise your rights of access, rectification, cancellation, and opposition by contacting us. Please note that we may ask you to verify your identity before responding to such requests. If you make a request, we will try our best to respond to you as soon as possible.
ii. You have the right to complain to a Data Protection Authority about our collection and use of your Personal Information. For more information, if you are in the European Economic Area (EEA), please contact your local data protection authority in the EEA.
- “DO NOT TRACK”
a. There is no accepted standard on how to respond to Do Not Track signals, and we do not respond to such signals.
a. Although most changes are likely to be minor, Lace may change the contents of this Policy from time to time, and in Lace’s sole discretion. Lace encourages Visitors and users to frequently check this page for any changes to its Policy. If you have a Lace account, you may also receive an alert informing you of such changes. Your continued use of this site after any change to this Policy will constitute your acceptance of such change.
b. We reserve the right to modify this Policy at any time. If we make material changes to this Policy, we will notify you here, and also as necessary via email. By continuing to use the Services after those changes become effective, you agree to be bound by the revised Policy.
- CHANGES TO PERSONAL INFORMATION
a. If your Personal Information changes, you may correct or update it on our Websites and/or Services by signing into your account and editing such Personal Information.
- INFORMATION RETENTION
a. We will retain your Information for as long as your Lace account is active or as needed to provide you the Services. If you wish to cancel your account or request that we no longer use your Information to provide you Services, you may delete your account by signing into your account at the Lace website and selecting “Close Account.” In most cases we will close your account within 48 hours of your request. In some cases, we may close your account after validating your request to avoid erroneous closures resulting in the loss of Information. After your account is closed, files uploaded to your account will be deleted after 30 days, if there are no other users sharing and using these files.
- PROTECTION ACT (CALOPPA)
a. Our Services do not respond to Do Not Track (“DNT”) signals.
b. However, some third-party websites do keep track of your browsing activities. If you are visiting such websites, you can set your preferences in your web browser to inform websites that you do not want to be tracked. You can enable or disable DNT by visiting the preferences or settings page of your web browser.
- THE RIGHT TO STOP SELLING PERSONAL INFORMATION. You have the right to direct us to not sell your Personal Information. To submit an opt-out request please contact us. Once we receive and confirm a verifiable consumer request from you, we will stop selling your Personal Information.
- THE RIGHT TO DELETE PERSONAL INFORMATION. You have the right to request the deletion of your Personal Information, subject to certain exceptions. Once Lace receives and confirms your request, we will delete (and direct our Service Providers to delete) your Personal Information from our records, unless an exception applies. We may deny your deletion request if retaining the Information is necessary for us or our Service Providers to:
a. Complete the transaction for which we collected the Personal Information, provide a requested good or service, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
b. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
c. Debug products to identify and repair errors that impair existing intended functionality.
d. Exercise free speech, ensure the right of another Client to exercise their free speech rights, or exercise another right provided for by law.
e. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code §1546 et. Seq.).
f. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the Information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
g. Enable solely internal uses that are reasonably aligned with user expectations based on your relationship with us.
h. Comply with a legal obligation.
i. Make other internal and lawful uses of that Information that are compatible with the context in which you provided it.
- THE RIGHT NOT TO BE DISCRIMINATED AGAINST. You have the right not to be discriminated against for exercising any of your consumer’s rights, including by:
a. Denying goods or services to you;
b. Charging different prices or rates for goods or services, including the use of discounts or other benefits, or imposing penalties;
c. Providing a different level or quality of goods or services to you;
d. Suggesting that you will receive a different price or rate for goods or services or a different level of quality for goods or services