Privacy Policy
1. About Us
2.1 Personal Data
"Personal data" is any information about an identifiable individual. In practice, these include all data that is related to a person in any way. For example, your name, email address, postal address, phone number, I.P. address, device identifiers, browsing history, online activity, telephone, credit card or personnel number, account data, customer number, or address are all personal data. We use the more informal term “personal information” in this Policy to mean “personal data”.
As data controllers, we respect your right to privacy and will only process your personal information by applicable data protection laws and as described in this Policy.
We may revise and update this Policy occasionally at our sole discretion. It is your responsibility to check for updates to this Policy regularly. We will inform you of any change if reasonably possible. If you disagree with this Policy, please discontinue using the Website. We last updated the Website on January 18, 2023.
2.2 Data Processing
2.2.1 Personal Data We Collect About You.
The personal data we collect about you depends on the products and services we provide. We will collect and use the following personal data you provide:
- Contact information (name, email address, phone number);
- Demographic information (age, gender, location);
- Financial information (payment methods, billing details); and
- Content you provide (reviews, comments, photos).
We also collect data as described in our [HYPERLINK COOKIE POLICY], including but not limited to:
- Usage data (browsing history, search queries, clicks); and
- Device information (I.P. address, device type, operating system)
2.2.1 How and why we use your personal data:
Under data protection law, we can only use your personal data if we have a proper reason, such as:
- Where you have given consent;
- To comply with our legal and regulatory obligations;
- For the performance of a contract with you or to take steps at your request before entering into a contract; or,
- For our legitimate interests or those of a third party.
A legitimate interest is when we have a business or commercial reason to use your personal information, as long as your rights and interests do not override this. Our legitimate interests are those where we have implemented sufficient checks and protections to ensure that your rights and interests are not unreasonably intruded on.
However, you can object to processing based on legitimate interests. If you do so, we will stop processing the personal information unless we can show compelling, legitimate grounds that override your rights and interests, or we need the data to establish, exercise, or defend legal claims.
The table below explains what we use your personal data for and why.
What We Use Your Personal Information For | Our Reasons |
---|---|
Providing products and services to you | To perform our contract with you or to take steps at your request before entering into an agreement. |
Preventing and detecting fraud against you or us | For our legitimate interest, i.e., to minimize fraud that could be damaging for you or us |
Conducting checks to identify our customers and verify their identity. Screening for financial and other sanctions or embargoes. Other activities necessary to comply with legal and regulatory obligations that apply to our business (e.g., under health and safety law) | Depending on the circumstances: —to comply with our legal and regulatory obligations —for our legitimate interests |
To enforce legal rights or defend or undertake legal proceedings | Depending on the circumstances: —to comply with our legal and regulatory obligations; —in other cases, for our legitimate interests, i.e., to protect our business, interests, and rights |
Gathering and providing information required by or relating to audits, inquiries, or investigations by regulatory bodies | To comply with our legal and regulatory obligations |
Ensuring business policies are adhered to, e.g., policies covering security and Internet use | For our legitimate interests, i.e., to make sure we are following our internal procedures so we can deliver the best service to you |
Operational reasons, such as improving efficiency, training, and quality control | For our legitimate interests, i.e., to be as efficient as we can so we can deliver the best service to you at the best price |
Ensuring the confidentiality of commercially sensitive information | Depending on the circumstances: —for our legitimate interests, i.e., to protect trade secrets and other commercially valuable information; —to comply with our legal and regulatory obligations |
Statistical analysis to help us manage our business, e.g., about customer base, product range, or other efficiency measures | For our legitimate interests, i.e., to be as efficient as possible to deliver the best service to you at the best price. |
Preventing unauthorized access and modifications to systems | Depending on the circumstances: —for our legitimate interests, i.e., to prevent and detect criminal activity that could be damaging for you or us; —to comply with our legal and regulatory obligations |
Protecting the security of systems and data used to provide the goods and services | To comply with our legal and regulatory obligations. We may also use your personal data to ensure systems and data security to a standard that goes beyond our legal obligations. In those cases, our reasons are for our legitimate interests, i.e., to protect systems and data and to prevent and detect criminal activity that could damage you or us. |
Updating and enhancing customer records | Depending on the circumstances: —to perform our contract with you or to take steps at your request before entering into a contract; —to comply with our legal and regulatory obligations; —for our legitimate interests, e.g., making sure that we can keep in touch with our customers about existing orders and new products |
Ensuring safe working practices, staff administration, and assessments | Depending on the circumstances: —to comply with our legal and regulatory obligations; —for our legitimate interests, e.g., to make sure we are following our internal procedures and efficiently working so we can deliver the best service to you |
Marketing our services to: —existing and former customers; —third parties who have previously expressed an interest in our services; —third parties with whom we have had no previous dealings. | For our legitimate interests, i.e., to promote our business to existing and former customers. |
3. Children Under the Age of 16
4. Disclosure of Your Information
4.1. Principle
4.2. Exceptions
5. Applying to Work with Us
6. Cookies and Other Tracking Technology
7. Notice to United States Residents
8. Security
9. Data Retention
10. Data Transfers
11. Your Rights
You have the following rights as a data subject:
- If you have given permission, we may contact you by mail, telephone, SMS, text/picture/video message, social media, and email about products, services, promotions, and special offers that may interest you. If you prefer not to receive any such direct marketing communications from us, you may "opt-out" of receiving marketing or promotional messages from us by following the instructions in those messages;
- The right to access to personal information that we hold about you;
- The right to ask us to update or correct any out-of-date or incorrect personal information that we hold about you;
- The right to erasure where the conditions of Article 17 of the GDPR have been met;
- The right to restriction of processing where the conditions of Article 18 of the GDPR have been met;
- The right to data portability insofar as the conditions of Article 20 GDPR apply to you; the right to object to the processing of personal data concerning you insofar as the conditions under Article 21 GDPR have been met; and
- The right to complain to a data protection regulator.
You can learn more about these rights in the E.U. by reading the General Data Protection Regulation here: https://eur-lex.europa.eu/eli/reg/2016/679/oj. You can find out more about these rights in the U.K. by reading the U.K. General Data Protection Regulation (UK GDPR) here https://www.legislation.gov.uk/eur/2016/679/contents (please also see the U.K. Information Commissioner Office's guidance here https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/).
You may additionally have certain rights under the CCPA:
- The right of access and data portability;
- The right to deletion;
- The right to correction;
- The right to limit the use and disclosure of sensitive information; and
- The right to opt out.
You can learn more about the CCPA under the California Civil Code §1798.140. If you need help, wish to exercise the above rights, or have questions, please get in touch with us using the details below.
We will consider all such requests and respond as soon as possible. Please note, however, that certain conditions may apply to certain rights (as indicated above), and certain exemptions may apply in certain circumstances, including needing to keep processing your personal information for our legitimate interests or to comply with a legal obligation. Please note that we may request you provide us with the information necessary to confirm your identity. To exercise these rights, please refer to section 12 below.
12. Contact Us
If you have any questions about the Website, please contact:
T.D. Williamson,
Inc. Attention: Website Manager
6120 South Yale, Suite 1700
Tulsa, Oklahoma 74136
United States of America
Thank you for visiting the Website.