Privacy
- Scope and Updates of This User Privacy Notice
This User Privacy Notice applies to your use of this website and all Darigold services and sites (collectively the “Services”), regardless of how you access or use these Services, including access via mobile devices and third-party apps (e.g., Facebook, Twitter).
This User Privacy Notice also applies if explicit reference is made to it via a link or in a similar manner (e.g. on websites of partners on which Services from Darigold are offered).
We may change this User Privacy Notice at any time by posting the revised User Privacy Notice on this website and indicating the effective date of the revised User Privacy Notice.
You may have rights under the California Consumer Protection Act. You can learn more by going here.
- What Personal Data We Collect and Process
We collect personal data when you use our Services, provide us with information via a web form, participate in online community discussions or otherwise interact with us. The data we collect depends on the context of your interactions with Darigold and the choices you make. You have choices when it comes to the technology you use and the data you share. When we ask you to provide personal data, you can decline. Some Services may require personal data to provide you with a service. If you choose not to provide data required to provide you with a service, you cannot use that particular service. Likewise, where we need to collect personal data by law or to enter into or carry out a contract with you, and you do not provide the data, we will not be able to enter into the contract or, if this relates to an existing service you’re using, we may have to suspend or cancel that service. We will notify you if this is the case at the time. Where providing the data is optional, and you choose not to share personal data, features like personalization that use such data will not work for you. We also collect personal data from other sources (such as other Darigold Inc. corporate family members, public sources, or third parties).
In total, we collect the following personal data:
2.1 Personal Data You Provide When Using Our Services
- Data that identifies you, such as your name, address, telephone numbers or email addresses, or your user name that you provide when accessing certain Services.
- Identification data and tax identification numbers that you may provide when engage with us as a content provider.
- You may provide us with information through a web form, by participating in community discussions, inquiries, dispute resolution, customer service calls recorded with your consent, or if you contact us for any other reason regarding our Services.
- Other data that we are required or entitled by applicable law to collect and process and that we need for your authentication or identification, or for the verification of the data we collect.
2.2 Personal Data We May Collect When You Use Our Services
- Data regarding your interactions with our Services and your communications with us.
- Computer and connection information, such as statistics regarding your use of services from Darigold, information on data traffic to and from websites, referral URL, your IP address, your access times, your browser history data, your language settings and your weblog information.
- Content consumption data. Information about media content (e.g., TV, video, and apps) you access through our website.
- Social data and other information about your relationships and interactions between you, other people, and organizations in connection with the social media and other aspects of our website.
- Content of your files and communications you input, upload, receive, create, and control, such as comments, suggestions, feedback, survey data, product reviews you write, and other posts.
- Other content we collect when providing products to you include: communications, including audio, video, text (typed, inked, dictated, or otherwise), in a message, email, or call.
2.3 Personal Data We Collect in Connection with the Use of Cookies and Similar Technologies
We use cookies, web beacons and similar technologies to collect data while you use our Services. We collect this data from the devices (including mobile devices) that you use to engage our Services. The data collected includes the following usage- and device-related information:
- Data about the pages you visit, the access time, frequency and duration of visits, the links on which you click and other actions you take as part of your use of our Services and email content.
- Your user segment.
- Model or device type, operating system and version, browser type and settings, device ID or individual device identifier, advertisement ID, individual device token, and cookie-related data (e.g. cookie ID).
- The IP address from which your device accesses the Services.
- Location data, including the location data of your mobile device. Please note that most mobile devices allow you to manage or disable the use of location services for all applications in the settings menu.
2.4 Personal Data from Other Sources
We also collect personal data about you from other sources and from third parties to the extent permitted by applicable law. We protect data obtained from third parties according to the practices described in this statement, plus any additional restrictions imposed by the source of the data. These third-party sources vary over time and include:
- Services that make user-generated content from their service available to others, such as local business reviews or public social media posts.
- Communication services, including email providers and social networks, when you give us permission to access your data on such third-party services or networks.
- Service providers that help us determine your device’s location.
- Publicly available sources, such as open government databases.
We combine or connect the personal data we collect from you with data from these other sources. Where personal data is disclosed to us by third parties, we take steps to confirm that the information has been collected with your consent and/or that these third parties are otherwise legally permitted to disclose your personal data to us.
2.5 Social Network Data You Share with Us
- We allow you to share personal data with social networks, to use social networks to create a Darigold account or to link your Darigold account to a social network. These social networks may automatically provide us with access to certain personal data they have stored about you (e.g. content you have viewed or enjoyed, information about the advertisements you have been shown or clicked on, etc.). You can determine the personal data that we can access through the privacy settings of each social network.
- If you give us access to content pages, your grant of access is your consent that we may, for at least two years, or until you withdraw your consent or are no longer connected to the social network, share with and collect from social networks information regarding your viewing of videos.
- We may also use plug-ins or other technologies from various social networks. If you click on a link displayed through a social network plug-in, you voluntarily connect to that social network.
- Purposes and Legal Basis for Data Processing and Categories of Recipients
We process your personal data for various purposes and pursuant to various legal bases. We process your personal data primarily to provide and improve our Services, to provide you with a personalized user experience on this website, to contact you about your interactions with Darigold and our Services, to provide customer service, and to detect, prevent, mitigate and investigate fraudulent or illegal activity.
Below you will find a summary of the purposes for which we process your personal data, including the categories of recipients to whom we transmit personal data for the purposes stated, sorted by legal basis:
3.1 Data Processing and Contractual Obligations. We process your personal data in order to fulfil our contract with you and to provide you with our Services. This includes the following purposes:
- Processing of data relating to you for the purpose of entering into a contract with you and executing it.
- Provision of our Services, including but not limited, providing and enhancing features of the website, providing other services you may use, and ensuring the functionality of our Services.
- Resolving disputes and providing other services within the scope of customer service. For these purposes, we may contact you via your email, telephone, by SMS or push notification on your mobile device, or by postal mail.
- Processing of general location data (such as IP address or postal code) in order to provide you with location-based services.
- Enforcement of our User Agreement, this User Privacy Notice and other rules and policies.
- Publication and promotion of your content on our websites.
3.2 Data Processing and Legal Obligations. We process your personal data in order to comply with legal obligations to which we are subject. This includes the following purposes:
- Participation in proceedings (including judicial proceedings) conducted by public authorities or government agencies, in particular, for the purpose of detecting, investigating and prosecuting illegal acts.
- Prevention, detection and mitigation of illegal activities.
- Ensuring the information security of our Services.
- Retention and storage of your personal data to comply with specific legal retention requirements (for more information on Darigold’s storage of your data, see Storage Duration and Erasure).
Where necessary, we transmit your personal data to processors and the following recipients for one or several of the purposes described above:
- Law enforcement agencies, courts, government agencies or public authorities.
- Third party service providers
- Third parties who are involved in judicial proceedings, in particular, if they submit a legal order, court order or equivalent legal order to us.
3.3 Limited Third Party Data Processing. We process your personal data where necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms. In order to reconcile our legitimate interests with your rights, we have introduced appropriate control mechanisms. On this basis, we process your data for the following purposes:
- Participation in proceedings (including judicial proceedings) conducted by courts, law enforcement agencies, government agencies or public authorities, in particular for the purpose of detecting, investigating and prosecuting illegal acts, unless there is a statutory obligation to this effect, and we may legitimately assume that the disclosure of the data is necessary to avert imminent disadvantages or to report a suspicion of an illegal act. In such cases, we will only disclose what we believe is necessary.
- Protection of the legitimate interests of third parties in connection with civil law disputes, unless there is a statutory obligation to this effect, if we may legitimately assume that it is legally necessary to disclose the data to such third parties.
- Prevention, detection, mitigation and investigation of fraud, security breaches and other prohibited or unlawful activities, including the assessment of corresponding risks (e.g. through the use of captchas or the telephone number stored in your Darigold account for two-factor authentication), unless there is a statutory obligation to this effect.
- Monitoring and improvement of the information security of our Services, unless there is a statutory obligation to this effect.
- Analysis and improvement of the Services, e.g. by reviewing information from users about blocked or crashed pages in order to identify and solve problems and to provide you with an improved user experience, including as part of product development.
- Analysis of telephone conversations with our customer service that we recorded with your consent.
- Customization of page content to display the items and services you may like based on the actions you take.
- Evaluation of the quality and success of our email marketing campaigns (e.g. through analysis of opening and click rates).
- Assertion of or defense against legal claims
Where necessary, we transmit your personal data to processors and the following recipients for one or several of the purposes described above:
- Law enforcement agencies, courts, government agencies or public authorities, intergovernmental or supranational bodies
- Third parties who are involved in judicial proceedings
- Other companies in the context of a company acquisition
- In the event of an investigation for fraud, intellectual property infringement, product piracy or other unlawful activity, if we, in our sole discretion, deem the investigation of such incident necessary or useful. In such cases, we will disclose the seller’s name, address, city, zip code, country, telephone number, email address and company name and bind the party by a worldwide non-disclosure agreement to treat the data as confidential
- Information about your right to object to processing based on our legitimate interests can be found below under Rights as a Data Subject and, with regard to the use of cookies and similar technologies, below under Cookies & Similar Technologies.
We will do not sell or otherwise pass on your personal data to third parties for their marketing or advertising purposes nor will we sell or otherwise make it available to third parties for a fee.
3.4 How to Access and Control Your Personal Data
You can access and control your personal data by contacting Darigold. For instance:
- If Darigold obtained your consent to use your personal data, you can withdraw that consent at any time.
- You can request access to, erasure of, and updates to your personal data.
- If you’d like to port your data elsewhere, you can use tools Darigold provides to do so, or if none are available, you can contact Darigold for assistance.
You may have these rights under applicable laws, including the EU General Data Protection Regulation (GDPR), but we offer them regardless of your location. In some cases, your ability to access or control your personal data will be limited, as required or permitted by applicable law.
3.5 Browser-based Controls
When you use a browser, you can control your personal data using certain features. For example:
- Cookie controls. You can control the data stored by cookies and withdraw consent to cookies by using the browser-based cookie controls described in the Cookies section of this privacy statement.
- Tracking protection. You can control the data third-party sites can collect about you using Tracking Protection in Internet Explorer (versions 9 and up). This feature will block third-party content, including cookies, from any site that is listed in a Tracking Protection List you add.
- Browser controls for “Do Not Track.” Some browsers have incorporated “Do Not Track” (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Because there is not yet a common understanding of how to interpret the DNT signal, Darigold services do not currently respond to browser DNT signals.
- Storage Duration and Erasure
Your personal data will be stored by us in accordance with applicable data protection laws to the extent necessary for the processing purposes set out in this User Privacy Notice. Subsequently, we will delete your personal data in accordance with our data retention and deletion policy or take steps to properly render the data anonymous, unless we are legally obliged to keep your personal data longer (e.g. for tax, accounting, auditing, or other legal purposes). As far as legally permissible or required, we restrict the processing of your data instead of deleting it (e.g. by restricting access to it). This applies in particular to cases where we may still need the data for the execution of the contract or for the assertion of or defense against legal claims. In these cases, the duration of the restriction of processing depends on the respective statutory limitation or retention periods. The length of time we retain personal data may vary depending on the Services we provide and our legal obligations under applicable national law.
The following factors typically affect the retention period:
- Necessity for the provision of our Services: This includes such things as executing the User Agreement with you, maintaining and improving the performance of our products, keeping our systems secure, and maintaining appropriate business and financial records. Most of our retention periods are determined on the basis of this general rule.
- Special categories of personal data: If we store special categories of personal data, a shorter retention period is usually appropriate.
- Consent-based processing of personal data: If we process personal data on the basis of consent (including consent to the extended storage), we store the data for as long as necessary in order to process it according to your consent.
- Statutory, contractual or other similar obligations: Corresponding storage obligations may arise, for example, from laws or official orders. It may also be necessary to store personal data with regard to pending or future legal disputes. Personal data contained in contracts, notifications and business letters may be subject to statutory storage obligations depending on national law.
- Rights as a Data Subject
Subject to possible restrictions under national law, as a data subject, you have the right to access, rectification, erasure, restriction of processing and data portability with regard to your personal data. In addition, you can withdraw your consent and object to our processing of your personal data on the basis of legitimate interests. You can also lodge a complaint with a supervisory authority.
Your rights in detail:
- You can withdraw your consent to the processing of your personal data by us at any time. As a result, we may no longer process your personal data based on this consent in the future. The withdrawal of consent has no effect on the lawfulness of processing based on consent before its withdrawal.
- You have the right to obtain access to your personal data that is being processed by us. In particular, you may request information on the purposes of the processing, the categories of personal data concerned, the categories of recipients to whom the personal data have been or will be disclosed, the envisaged period for which the personal data will be stored, the existence of the right to request rectification or erasure of personal data or restriction of processing of personal data or to object to such processing, the right to lodge a complaint with a supervisory authority, any available information as to the personal data’s source (where they are not collected from you), the existence of automated decision-making, including profiling and, where appropriate, meaningful information on its details. You may make such a request no more than two (2) times within any twelve month period.
- You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
- You have the right to obtain from us the erasure of personal data concerning you, unless processing is necessary to complete a transaction, detect wrongdoing (e.g., fraud, deception, etc.), repair errors, exercise the right of freedom of expression and information, exercise of a legal right, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims.
- You have the right to obtain from us restriction of processing to the extent that
- the accuracy of the data is disputed by you,
- the processing is unlawful, but you oppose the erasure of the personal data,
- we no longer need the data, but you need it to assert, exercise or defend legal claims or
- you have objected to the processing.
- You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller (“right to data portability”).
- You have the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence, your place of work or the registered office of the controller.
If your personal data is processed on the basis of legitimate interests, you have the right to object to the processing of your personal data on grounds relating to your particular situation. This also applies to profiling. If your personal data is processed by us for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing.
The exercise of the above data subjects’ rights (e.g. right to access or erasure) is generally free of charge. Where requests are manifestly unfounded or excessive, in particular because of their repetitive character, we may charge an appropriate fee (at most our actual costs) in accordance with the applicable statutory regulations or refuse to process the application.
You can exercise your rights as a data subject by directing an inquiry to:
Data Protection Officer
Darigold, Inc.
5601 Sixth Avenue South, Suite 300
Seattle, WA 98108
dpo@darigold.com
- Cookies & Similar Technologies
Cookies are small text files placed on your device to store data that can be recalled by a web server in the domain that placed the cookie. We use cookies and similar technologies for storing and honoring your preferences and settings, enabling you to sign in, combating fraud, analyzing how our products perform, and fulfilling other legitimate purposes.
We also use “web beacons” to help deliver cookies and gather usage and performance data. Our websites may include web beacons, cookies, or similar technologies from third-party service providers.
You have a variety of tools to control the data collected by cookies, web beacons, and similar technologies. For example, you can use controls in your internet browser to limit how the websites you visit are able to use cookies and to withdraw your consent by clearing or blocking cookies.
Our use of cookies and similar technologies
Darigold uses cookies and similar technologies for several purposes, depending on the context or product, including:
- Storing your preferences and settings. We use cookies to store your preferences and settings on your device, and to enhance your experiences. Saving your preferences with cookies prevents you from having to set your preferences repeatedly.
- Sign-in and authentication. We use cookies to authenticate you. When you sign in using your personal Darigold account, we store a unique ID number, and the time you signed in, in an encrypted cookie on your device. This cookie allows you to move from page to page within the site without having to sign in again on each page. You can also save your login information so you do not have to login each time you return to the site.
- We use cookies to process information that helps us secure our products, as well as detect fraud and abuse.
- Storing information you provide to a website. We use cookies to remember information you shared. When you provide information to Darigold we store the data in a cookie for the purpose of remembering the information.
- Social media. We may use social media cookies, including those that enable users who are signed in to the social media service to share content via that service.
- Darigold uses cookies to enable you to provide feedback on a website.
- We use first- and third-party cookies and other identifiers to gather usage and performance data. For example, we use cookies to count the number of unique visitors to a web page or service and to develop other statistics about the operations of our products.
- Darigold uses cookies to understand and improve how our products perform. For example, we use cookies to gather data that helps with load balancing; this helps ensure that our websites remain up and running.
In addition to the cookies Darigold sets when you visit our websites, third parties can also set cookies when you visit Darigold sites. For example:
- Companies we hire to provide services on our behalf, such as site analytics, place cookies when you visit our sites. See opt-out links below.
- Companies that deliver content, such as videos or news, place cookies on their own. These companies use the data they process in accordance with their privacy policies, which may enable these companies to collect and combine information about your activities across websites, apps, or online services.
How to control cookies
Most web browsers automatically accept cookies but provide controls that allow you to block or delete them. Certain features of Darigold products depend on cookies. If you choose to block cookies, you cannot sign in or use some of those features, and preferences that are dependent on cookies will be lost. If you choose to delete cookies, any settings and preferences controlled by those cookies, including advertising preferences, are deleted and will need to be recreated.
Our use of web beacons and analytics services
Some Darigold webpages contain electronic tags known as web beacons that we use to help deliver cookies on our websites, count users who have visited those websites, and deliver branded products. We also include web beacons or similar technologies in our electronic communications to determine whether you open and act on them.
In addition to placing web beacons on our own websites, we sometimes work with other companies to place our web beacons on their websites. This helps us to, for example, develop statistics on how often clicking on a link on a Darigold website results in a particular activity. It also allows us to understand your activity on the website of a Darigold partner in connection with your use of a Darigold service.
Finally, Darigold products often contain web beacons or similar technologies from third-party analytics providers, which help us compile aggregated statistics about the effectiveness of our promotional campaigns or other operations. These technologies enable the analytics providers to set or read their own cookies or other identifiers on your device, through which they can collect information about your online activities across applications, websites, or other products. However, we prohibit these analytics providers from using web beacons on our sites to collect or access information that directly identifies you (such as your name or email address).
- Data Security
Darigold is committed to protecting the security of your personal data. We use a variety of security technologies and procedures to help protect your personal data from unauthorized access, use, or disclosure. For example, we store the personal data you provide on computer systems that have limited access and are in controlled facilities. When we transmit highly confidential data (such as a credit card number or password) over the internet, we protect it through the use of encryption. Darigold complies with applicable data protection laws, including applicable security breach notification laws.
- Other Important Information Regarding Data Protection
This section contains important additional information about the protection of personal data in connection with the use of our Services, including whether you are required to provide personal data.
Personal data relating to third parties
If you provide us with personal data relating to another person, you must obtain the consent of this person or the disclosure of the data to us must be otherwise legally permissible. You must inform the other person of how we process personal data in accordance with our User Privacy Notice.
Collection of data from children
We follow all applicable data protection laws when collecting personal information online from children. For example, in the EU we do not collect personal information from children under 16 years of age unless we get consent from a parent. Similarly, in the U.S., we obtain verified parental consent when collecting personal information from children younger than 13.
- California Consumer Privacy Act
If you are a California resident, we process your personal data in accordance with the California Consumer Privacy Act (CCPA). This CCPA section of our Privacy Statement contains information required by the CCPA and supplements our Privacy Statement.
- Sale. We do not sell your personal data. So, we do not offer an opt-out to the sale of personal data.
- Your Rights. You have the right to request that we (i) disclose what personal data we collect, use, disclose, and sell and (ii) delete your personal data. You may make these requests yourself or through an authorized agent. If you use an authorized agent, we may request information from you or the agent demonstrating that the agent is acting on your behalf.
- You may exercise your rights by contacting us by email (dpo@darigold.com). Upon receipt of your request, we will send you a verification form by email or postal mail. To complete your request, please respond to the verification form when you receive it. To verify your identity, we may require you to provide certain information, including name, email address, postal address, or other information you may have provided us in relation to the Services. In addition, if you ask us to provide you with specific pieces of personal information, we will require you to sign a declaration under penalty of perjury that you are the consumer whose personal information is the subject of the request. Under the CCPA, you may designate an authorized agent to make a request on your behalf but the agent will need to complete the verification process, including the submission of proof that it has been designated to act on your behalf. For access and deletion requests made by an authorized agent on your behalf, we also may require you to verify your own identity directly with us (as described above).
- Please understand that Darigold cannot delete personal information in those situations where our retention is required for our own internal business purposes or otherwise permitted by the applicable law (such as fraud prevention or legal compliance). In these situations, we will retain your information in accordance with our records retention program and securely delete it at the end of the retention period.
- Non-Discrimination. You have a right not to receive discriminatory treatment if you exercise your CCPA rights. We will not discriminate against you if you exercise your CCPA rights.
- Personal Information Processing. In the bulleted list below, we outline the categories of personal data we collect, the sources of the personal data, our purposes of processing, and the categories of third-party recipients with whom we share the personal data. For a description of the data included in each category, please see the Section 3 of the Privacy Notice: Purposes and Legal Basis for Data Processing and Categories of Recipients.
- Contact Us
Questions and requests regarding this Privacy Policy or the information we collect from you are welcome and should be addressed to:
Data Protection Officer
Darigold, Inc.
5601 Sixth Avenue South, Suite 300
Seattle, WA 98108
dpo@darigold.com