YOUR PRIVACY IS IMPORTANT TO US
1. DATA WE COLLECT
2. HOW YOUR DATA IS USED
3. YOUR CHOICES
4. HOW WE PROTECT YOUR DATA
5. HOW TO CONTACT US
1. DATA WE COLLECT
1.1 Data you provide to us
When you create an account; place an order or make a return or exchange; inquire about our Services; request emails from us about our offerings; opt-in to marketing activities; receive a gift from someone else who purchases through our website; follow us or submit information including photographs, via third-party social media platforms (e.g., Facebook, Twitter. Instagram etc.); enter a contest or participate in a marketing survey; or submit other information to us directly or through third-party services, you are asked to provide personal information that uniquely identifies you.
We collect the following types of personal information: your contact information (such as name, postal or email address, or phone number), birthdate, due date, name and email address of gift card recipients, username and password, payment information such as PayPal, credit or debit card details, shipping information (including the shipping address and phone number), purchase history, shopping preferences (such as an interest in a particular product category), information about your age and/or your child’s age, information you provide by interacting with us through social media, and photographs that you submit on our sites or through our social media channels.
You don’t have to provide any information that directly identifies you to browse our website. However, we will ask you to provide certain personal information as necessary to provide you with requested products and services, complete the relevant transaction, or, if you wish, to avail of special features or functions of our website.
Content posted by you. We may provide you with the ability to rate or review products or services we sell, or otherwise post content on our website or through our social media channels. Any comments or reviews that you provide are accessible to all users of the relevant platform and may be visible to others or collected by third parties, so you should use discretion when posting information and you should not post personal information. If you do post personal information, you do so at your own risk.
1.2 Data we automatically get from you
We and our affiliates, analytics or service providers, and select businesses with whom we have marketing relationships, use technologies such as cookies, beacons, tags, and scripts to analyze trends, administer the website, tracking users’ movements around the website, and to gather non-sensitive demographic information about our user base as a whole. We may receive reports based on the use of these technologies on an individual or aggregate basis. Further information is contained below.
Analytics & Log Files. As is true of most websites, we gather certain information automatically and store it in log files. When you visit our websites, we automatically collect the following types of information: information about the device you use to access the Internet (such as the internet protocol (IP) address, internet service provider (ISP) or mobile carrier, proxy server, device type, browser and add-ons, and operating system), referring/exit pages, date/time stamps, information on your shopping behavior on our website (e.g., page views, paths you take through our websites, etc.), general geographic location information (e.g., country or city) that shows where you are when browsing our websites, and search terms that you enter to reach our websites or enter on our websites to find products. We utilize analytics services and log files to help us track the efficacy of our websites, help us learn more about our customers’ and visitors’ shopping behavior, and for troubleshooting and maintenance purposes. We may collect and summarize customer and visitor information in a non-personal, aggregate format for statistical and research purposes.
Targeted Advertising. Third-party advertising companies serve ads on our behalf across the Internet. They may collect information about you through cookies and/or web beacons on our websites and other sites, and then display targeted ads on various sites that you visit.
Social Media Features. Some of our websites include social media features, such as the Facebook “Like” button and widgets, the “share this” widget, or interactive mini-programs that run on our site. These features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our websites. Your interactions with these features are governed by the privacy statement of the company providing it.
2. HOW YOUR DATA IS USED
2.1 How we use your data
We use your data to provide, support, personalize, and develop our Services. How we use your personal information will depend on which Services you use, how you use those Services, and the choices you make in your settings. We use the information that we have about you to provide and personalize, including with the help of automated systems and inferences we make, our Services (including ads) so that they can be more relevant and useful to you and others. When providing direct services, advertising or marketing, or performing security, administrative, or customer service activities, we may use the information we collect in the following manner, including without limitation, to:
Providing Direct Services
- complete a sales transaction, including to process and track website orders;
- provide products and services that you request;
- place pre-orders on your behalf;
- administer rebates or extended service agreements.
Advertising and Marketing
- send you email updates, newsletters, promotions, surveys, and direct mailings;
- manage your participation in events and sweepstakes;
- communicate with you about our products and services, and to customize our communications with you, including by identifying preferences you provide to us;
- analyze your purchases and preferences to better understand your product and service needs and eligibility and to tailor our online content to you;
- share your Baby Registry or Wish List with those whose email addresses you provide for the sole purpose of completing your request;
- publish customer testimonials or photos;
- analyze our marketing strategies and trends regarding your use of our website or social media channels;
- facilitate your acceptance of offers made by our third-party marketing partners;
- improve the effectiveness of our marketing campaigns; and/or
- to send follow-up communications thanking you for your business or inquiring as to your satisfaction.
- register and manage your account;
- administer our loyalty program;
- track the efficacy of our website and help us learn more about our visitors’ and customers’ shopping behavior; and/or
- improve our website experience.
- protect against error, fraud, unauthorized transactions, claims, and other liabilities;
- manage exposure to risk from unauthorized users;
- comply with applicable legal mandates, our policies, or industry standards.
Customer Service Activities
- provide customer service when you need help and/or to improve customer experiences;
- provide status updates on your order;
- provide information concerning product recalls or products you have purchased; and/or
- enable you to communicate with us through social networks or other interactive media.
2.2 How we share your data
Direct Marketing and Do Not Track Signals. We do not share personal data with third parties for their direct marketing purposes without your permission.
Security. In the event we become aware that the security of the sites has been compromised or users’ personal information has been disclosed to unrelated third parties as a result of external activity, including, but not limited to, security attacks or fraud, we reserve the right to take reasonably appropriate measures, including, but not limited to, investigation and reporting, as well as notification to and cooperation with data protection and law enforcement authorities.
Legal Disclosure. We may need to share your data when we believe it’s required by law or to help protect the rights and safety of you, us, or others. It is possible that we will need to disclose information about you when required by law, subpoena, or other legal process or if we have a good faith belief that disclosure is reasonably necessary to (1) investigate, prevent, or take action regarding suspected or actual illegal activities or to assist government enforcement agencies; (2) enforce our agreements with you, (3) investigate and defend ourselves against any third-party claims or allegations; or (4) protect the security or integrity of our Service. We attempt to notify customers about legal demands for their personal data when appropriate in our judgment, unless prohibited by law or court order, or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague, or lack proper authority, but we do not promise to challenge every demand.
Data Controller. Unless explicitly stated otherwise, Magic Beans is the controller of your personal data provided to, or collected by or for, or processed in connection with our Services.
California Online Privacy Protection Act Compliance
Because we value your privacy, we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act. We therefore will not distribute your personal information to outside parties without your consent.
Children's Online Privacy Protection Act Compliance
We are in compliance with the requirements of COPPA (Children's Online Privacy Protection Act), as we do not collect any information from anyone under 13 years of age. Our website, products, and services are all directed to people who are at least 13 years old or older.
3. YOUR CHOICES
3.1 Rights to access and control your personal information
We provide many choices about the collection, use and sharing of your data, from deleting or correcting data you include in your profile to advertising opt-outs and communication controls.
- If you have registered for an account or don’t have a registered account, you can contact us at firstname.lastname@example.org or our address: Magic Beans, 1 Westinghouse Place, Suite K1, Hyde Park, MA 02136.
- For further details, see section 3.2 below.
For personal information that we have about you, you can request the following:
Delete Data: You can ask us to erase or delete all or some of your personal data (e.g., if it is no longer necessary to provide Services to you).
Change or Correct Data: If you have created an account on our website, you can edit some of your personal data through the customer Dashboard. You can also ask us to change, update, or fix your data in certain cases, particularly if it’s inaccurate.
Object to, or Limit or Restrict, Use of Data: You can ask us to stop using all or some of your personal data (e.g., if we have no legal right to keep using it) or to limit our use of it (e.g., your personal data is inaccurate or unlawfully held).
Right to Access and/or Take Your Data: You may contact Eli Gurock, the owner of Magic Beans to request a copy of your personal data at email@example.com and can ask for a copy of personal data be provided in machine readable form. You can also ask to review any of the information that we have retained, how we have used it, and to whom we have disclosed it at any time by contacting us.
3.2 Opting out of communications
We offer you choices about how to manage how we communicate with you.
- Email/Direct Mail. You may opt out of receiving marketing emails from us at any time by sending an email to firstname.lastname@example.org or by clicking on the unsubscribe link in our emails. You will continue to receive service-related emails (e.g. order status). To opt out of direct mail, please send your request to email@example.com and include your postal address in the body of the email.
- Targeted Advertising. If you do not want information about your activity on our sites to be used for tailored advertising, please visit the page hosted by the Network Advertising Initiative and follow the instructions there.
- Cookies. You may disable cookies in your Web browser or go incognito, but doing so will impact the usability of the website. We may also use technologies, such as our own cookies, to provide you with personalized online display advertising tailored to your interests. Updating Your Profile. You may update or correct your personal information related to your account by contacting Customer Support at firstname.lastname@example.org. If you wish to request deletion of your personal information, then please contact us at email@example.com. We will respond to requests within a reasonable timeframe. We retain and use your information as necessary to comply with our legal obligations, contractual statute of limitations, resolution of disputes, and enforcement of our agreements. Please note that we may not be able to delete all of your data upon request depending on the reasons above and the nature of your interactions.
- Contests. From time to time, we may provide you the opportunity to participate in contests, sweepstakes, surveys and/or other promotions on our website. If you participate, we will request certain personal information from you. Participation in these contests, sweepstakes, surveys and/or promotions is completely voluntary, and you therefore have a choice about whether or not to disclose this information. We may use a third-party service provider to conduct these surveys or contests; in those cases, that company will be prohibited from using our users’ personally identifiable information for any other purpose. We will not share the personal data you provide through a contest, sweepstakes, survey and/or promotion with other third parties unless we give you prior notice and choice.
- Gift Card Recipients. Your gift card recipient may contact us at firstname.lastname@example.org to request an update, correction, or deletion of their personal information. Again, for various reasons stated above, we may not be able to delete information upon request.
3.3 Data retention and account closure
If you wish to close your account, we will keep some of your data even after you close your account. We retain your personal data even after you have closed your account if reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, resolve disputes, maintain security, prevent fraud and abuse, enforce our Terms and Conditions, or fulfill your request to “unsubscribe” from further messages from us. We will retain de-personalized information after your account has been closed, but will destroy your personal data when it is no longer needed for the foregoing purposes, or we remove your personal information to render it anonymous.
4. HOW WE PROTECT YOUR DATA
Security. We monitor for and try to prevent security breaches. We implement appropriate security safeguards designed to protect your data. For example, electronic records are stored in secure, limited-access servers; electronic data is stored behind secured encryption access; we use technological tools like firewalls and passwords; and we ensure our employees are trained on the importance of maintaining the security and confidentiality of personal information. We regularly monitor our systems for possible vulnerabilities and attacks, however, we cannot warrant the security of any information that you send us. There is no guarantee that data may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, organizational, or managerial safeguards.
- SSL Technology. Our website uses encryption technology, such as Secure Sockets Layer (“SSL”), to protect your personal information during data transport. SSL encrypts ordering information such as your name, address, and credit card number.
Lawful Bases for Processing. We will only collect and process personal data about you where we have a lawful bases to do so. Lawful bases include consent (where you have given it), contractual necessity (where processing is necessary for the performance of a contract with you (e.g., to deliver Services you have requested)), and legitimate interests. Where we process data based on consent, we will ask for your explicit affirmative consent. We will rely on legitimate interests as a basis for data processing only where the processing of your data is not overridden by your interests or fundamental rights and freedoms.
Minors. Our website is not intended for use by anyone under the age of 13. If you are under 13 years old, please do not attempt to create an account or send any information about yourself to us, including your name, address, telephone number or email address. No one under the age of 13 may provide any personal information to us, and we do not knowingly collect personal information from anyone under the age of 13. If we learn that we have collected personal information from a child under age 13 without verification of parental consent, we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under the age of 13, please contact us immediately.
5. HOW TO CONTACT US
If you have questions about how we collect, store, and use personal data, please contact us at the following:
C/o Data Protection
1 Westinghouse Plaza, Suite K1
Hyde Park, MA 02136
Please remember that an email sent over the Internet is not secure. If you send an email directly to us from your own email account, the contents will not be encrypted. Do not send sensitive information (like a credit card number) to us via unencrypted email. We are not responsible for any transmission by you of any personal information over the Internet.