AMAFFI NEW YORK LLC

PRIVACY POLICY

Last Update: 02/16/2021

Amaffi New York LLC ("Amaffi", "we", "us" or "our") is committed to protecting the privacy of the personal information of visitors and customers of its Website (also "you," "your").

This policy (together with our Terms of Use at [LINK], and our Terms of Sale at [LINK] and any other documents or guidelines referenced; "Privacy Policy"), sets out the basis on which any personal information we collect from you, or that you provide to us, will be processed by Amaffi. Please read this Privacy Policy carefully to understand the types of information we collect from you, how we use that information, the circumstances under which we will share it with third parties, and your rights in relation to the personal data you provide to us.

When visiting our website at www.amaffi.com (our "Website") or buying any of our products sold via the Website ("Products"), you acknowledge, and where applicable consent to, the practices described in this Privacy Policy.

Our Website contains links to third party websites. If you follow a link to any of those third party websites, please note that they have their own privacy policies and that we do not accept any responsibility or liability for their policies or processing of your personal information. Please check these policies before you submit any personal information to such third party websites.

Scope

For the purposes of this Privacy Policy, "Personal Information" may include your first and last name, your e-mail address, your home or other physical address, including a street name and name of a city or town, your telephone number, any payment or financial information, or any other identifier that permits us to contact a natural human person, like you, and/or any information that we, or our authorized third-party vendors or partners, maintain that could be used to identify you in combination with any of the identifying information described above, including information that identifies, relates, to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.

This Privacy Policy applies only to Personal Information. It does not cover data we, or our authorized third-party vendors or partners, collect that cannot be used to identify an individual or to pseudonymous data. Nor does it include encoded or anonymized information or aggregated data which we collect or create about a group or category of services, users, or features that does not contain personally identifying information. We reserve the right to collect and share aggregate, encoded, or anonymized information with potential partners or other third parties without restriction.

International Visitors

The Website and services we offer are intended for visitors located within the United States. If you use the U.S. Website or engage with our services via the European Union, Canada, or other regions with laws governing data collection and use that may differ from U.S. law, please note that you may be transferring your Personal Information to the United States. The United States does not have the same data protection laws as the EU, Canada, and some other regions. If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through our contact information below. Also, we may transfer your data from the United States to other countries or regions in connection with storage and processing of data, fulfilling your requests, marketing efforts, and operating our business. By providing your Personal Information via our U.S. Website, you consent to the transfer of your personal data to the United States and the use of your Personal Information, in accordance with this Policy.

Information We May Collect

We may collect and process the following data, including Personal Information, about you:

·         Information that you may provide to us. You will be asked to provide us with your information when you:

-       fill in forms on our Website, or correspond with us by phone, email, or otherwise;

-       register to purchase our Products;

-       report a problem with our Website; or

-       complete any surveys we ask you to fill in that we use for research purposes (although you do not have to respond to these if you do not want to).

You must have obtained clear permission from the individuals whose data you provide us with before sharing that data with us.

For the avoidance of any doubt, any reference in this Privacy Policy to your data shall include data about other individuals that you have provided us with.

The information you will be asked to provide to us for these purposes will include your name, address, email address and phone number, as well as other information that may be necessary to fulfill our services or your requests, or may be optional (such as your preferences), as noted at the time of collection.

·         Information automatically collected. With regard to each of your visits to our Website we may automatically collect the following information:

-       device-specific information, such as your hardware model, operating system version, unique device identifiers, and mobile network information;

-       technical information about your computer, including where available, your IP address, operating system and browser type, for system administration and analytical purposes; and 

-       details of your visits to our Website, including the full Uniform Resource Locators (URL) clickstream to, through and from our Website (including date and time), length of visits to certain pages, and page interaction information (such as scrolling, clicks, and mouse-overs)

-       Audio and visual information, such as recordings of your voice when you call our customer service and images we record through CCTV in our retail stores.

·         Information we receive from other sources. We may be in contact with third parties who may provide us with certain information about you in order to enable you to buy our Products. This includes information that may be necessary to fulfill our services or your requests, to confirm the accuracy of information you provide to us, to support inferences drawn from or created based on any of the information collected, or for other reasons as noted at the time of collection.

·         Information we may collect about others. We may collect and process data about others that you provide us with, including (but not limited to) information that you provide by filling in forms on our Website or that you provide to us by email. This information might include, but is not limited to, name, address, email address and phone number, as well as other information that may be necessary to fulfill our services or your request, as noted at the time of collection.

How We Collect Information

We may obtain Personal Information about you from various sources. The categories of sources from which we collect Personal Information are:

§ directly from you, such as when you make a purchase on our Website or in one of our retail stores, contact us with a question or complaint, use one of our mobile applications, create an account on our Website, respond to a survey, participate in a contest or other promotion, sign-up to attend an event, apply for employment, or sign-up to receive marketing communications;

§ as a result of a purchase. If you participate in a transaction through the Website, such as making a payment through the Website for a Product, we our third party payment processor will receive your payment information for purposes of processing such transaction and Amaffi will receive such payment after any applicable fees have been deducted in accordance with our agreement with such third party payment processor. The policies of any payment processor identified at the time of purchase are also considered a part of this Privacy Policy and part of your agreement with us. If you use another website to purchase our Products, you do so at your own risk and you should carefully review the privacy policy and terms of any such websites.

§ from your friends or family members, such as when your friend or family member sends you a gift or makes a referral;

§ cookies and automatic collection methods. Like many sites, we use "cookies" to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some aspects of our Website. When you visit our Website or use one of our mobile applications we may make available, and when you open or click on emails we send you, we, and third parties we work with, may automatically collect information from your browser or device using technologies such as cookies, web beacons, pixel tags, and similar technologies. Cookies are small text files that websites send to your computer or other Internet-connected device to uniquely identify your browser or to store information or settings in your browser. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org Web beacons or pixel tags are small images which are embedded into our Website or emails that provide us with information about your browser or device, or whether you open or clicked on the emails we send you. These technologies enable us, or the third parties who place such technologies, to collect information such as device identifiers and online or other network activity information;

§ through in-store and other offline technologies, such as video surveillance and WiFi technology in and around our retail stores, and call recording technology when you speak to customer service;

§ from our business partners and service providers, such as demographic companies, analytics providers, advertising companies and networks, and other third parties that we choose to collaborate or work with. For instance, our web servers may collect "log data". Log data provides aggregate information about the number of visits to different pages on the Website. We may use log data for troubleshooting purposes and to track which pages people visit in order to improve the Website. We do not link log data collected to Personal Information. Third-party vendors may also collect aggregate log data independently from us;

§ from social media platforms and networks, such as Facebook, Twitter, Pinterest, and Instagram. For example, we may obtain your information from a social media platform or network if you interact with us on social media or choose to log-in to our Website using your social media credentials.

How We Use Information

In compliance with privacy laws, we only use your Personal Information if we have a proper reason for doing so, e.g.:

·         To comply with our legal and regulatory obligations;

·         For the performance of our contract with you or to take steps at your request before entering into a contract;

·         For our legitimate interests or those of a third party; or

·         Where you have given consent.

A legitimate interest is when we have a business or commercial reason to use your Personal Information, so long as this is not overridden by your own rights and interests.

The table below explains our uses of Personal Information and the corresponding reason(s):

Uses of Personal Information

Reasons

To provide services or Products to you

Tocommunicatewithyou

For the performance of our contract with you or to take steps at your request before entering into a contract

To prevent and detect fraud or abuse

For our legitimate interests or those of a third party, i.e. to minimize fraud that could be damaging for us, a third party or for you

Conducting checks to identify our customers and verify their identity

Other processing necessary to comply with professional, legal, and regulatory obligations that apply to our business, e.g. under health and safety regulation or rules issued by our professional regulator

To comply with our legal and regulatory obligations

Gathering and providing information required by or relating to audits, inquiries, or investigations by regulatory entities

To comply with our legal and regulatory obligations

Ensuring business policies are followed, e.g. policies covering security and internet use

For our legitimate interests or those of a third party, i.e. to make sure we are following our own internal procedures so we can improve our services

Operational reasons, such as improving efficiency, training, and quality control

For our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can improve our services

Ensuring the confidentiality of commercially sensitive information

For our legitimate interests or those of a third party, i.e. to protect trade secrets and other commercially valuable information

To comply with our legal and regulatory obligations

Statistical analysis to help us manage our business, e.g. in relation to our financial performance, customer base, product or service range, or other efficiency measures

For our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can improve our services

Preventing unauthorized access and modifications to our systems

For our legitimate interests or those of a third party, i.e. to prevent and detect criminal activity that could be damaging for us and for you

To comply with our legal and regulatory obligations

Updating and enhancing customer records

For the performance of our contract with you or to take steps at your request before entering into a contract

To comply with our legal and regulatory obligations

For our legitimate interests or those of a third party, e.g. making sure that we can keep in touch with our customers about existing orders and new Products

Ensuring safe working practices, staff administration, and assessments, and to enforce our policies and terms

To comply with our legal and regulatory obligations

For our legitimate interests or those of a third party, e.g. to make sure we are following our own internal procedures and working efficiently so we can deliver the best service to you

When in line with the preferences you have shared with us, marketing our Products and services and those of selected third parties to:

existing and former customers;

third parties who have previously expressed an interest in our Products or services;

third parties with whom we have had no previous dealings

For our legitimate interests or those of a third party, i.e. to promote our business to existing and former customers

Credit reference checks via external credit reference agencies

For our legitimate interests or those of a third party, i.e. to ensure our customers are likely to be able to pay for our Products or services

External audits and quality checks, e.g. security accreditation and the audit of our accounts

For our legitimate interests or a those of a third party, i.e. to maintain our accreditations so we can demonstrate we operate at the highest standards

To comply with our legal and regulatory obligations

We also may use such to perform functions as otherwise described to you at the time of collection.

What Information We Disclose

We want you to understand when and with whom we may share personal or other information we have collected about you or your activities via our Website. WeroutinelysharePersonalInformationwith:

·         Our affiliates and business partners;

·         Our service providers and those with whom we've contracted in connection with our Website, such as payment service providers, marketing agencies, and website hosts;

·         Third parties approved by you, including social media sites you choose to link to your account or third-party payment providers;

·         Creditreportingagencies;

·         Ourinsurersandbrokers; and

·         Our financial and legal institutions.

We may disclose and exchange Personal Information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations, to establish or exercise our legal rights; to defend against legal claims; or as otherwise required by law. In such cases, we may raise or waive any legal objection or right available to us, in our sole discretion. We may disclose and exchange Personal Information in connection with a substantial corporate transaction, such as the sale of our business, a divestiture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy.

We also work with third-party platforms, including platforms operated by social networks, such as Google, Instagram and Facebook, to show you advertisements. We may convert your email address, telephone number, or other information into a unique value and have these third-party platforms match this unique value with a user on their platform or with other data they may have collected about you. This matching enables us to deliver advertisements to you and others on these platforms. You also can request that we refrain from using your personal information in this way by contacting us by email at orders.newyork@amaffi.com We may also use third parties such as these, including, Google Analytics, to help us understand how our customers use the Website -- you can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/ You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout

Any third parties to whom we may disclose Personal Information may have their own privacy policies which describe how they use and disclose Personal Information. Those policies will govern use, handling, and disclosure of your Personal Information once we have shared it with those third parties as described in this Privacy Policy. If you want to learn more about their privacy practices, we encourage you to visit the websites of those third parties. These entities or their servers may be located either inside or outside the United States.

We may share aggregated and non-personal information we collect under any of the above circumstances. We may also share it with third parties to develop and deliver targeted advertising on the Website and on websites of third parties. You can opt out of some of these services by visiting the Digital Advertising Alliance's opt-out portal at: http://optout.aboutads.info/ For more information about how targeted advertising works, you can visit the Network Advertising Initiative's (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work

We may combine non-personal information we collect with additional non-personal information collected from other sources. We also may share aggregated information with third parties, including advisors, advertisers, and investors, for the purpose of conducting general business analysis. For example, we may tell our advertisers the number of visitors to our Website and the most popular Products, features, or services accessed. This information does not contain any Personal Information and may be used to develop Website content and services that we hope you and other users will find of interest and to target content and advertising. We may also report aggregated, de-identified data relating to activity on the Website to third parties or the general public. We may combine such data with data obtained from third-party sources in order to generate such reports.

In the event of a merger, sale of capital stock or assets, reorganization, consolidation, or similar transaction involving Amaffi, the information we possess (including personally identifiable information) shall be transferred as a corporate asset to the acquiring entity, provided that such entity will continue to handle such information in accordance with this Privacy Policy.

How Long We Keep Information

Your personal information is stored by us and/or our service providers for as long as necessary to fulfill the specific purposes described herein and to the extent permitted by applicable laws. When we no longer have a legitimate business purpose for your personal information, or when you request that we delete your personal information (except where we need to retain it in order to comply with a legal obligation or to establish, exercise or defend legal claims), we will remove such information from our systems and records, which includes taking steps to anonymise it so that you can no longer be identified from it.

How We Protect Information

No data transmission over the internet or Website can be guaranteed to be secure from intrusion. However, we maintain reasonable administrative, technical, and physical safeguards designed to protect the personal information you provide against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure, or use.

Sensitive information between your browser and our Website is transferred in encrypted form using secure socket layer ("SSL") or equivalent cryptographic protocols using certificates issued by a trusted third party authority.

All information you provide to us is stored on our or our subcontractors' secure servers, and accessed and used subject to our security policies and standards.

We use hosted servers in the course of our business, including for the permission of marketing and sales activity. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Website, you are responsible for keeping this password confidential and for complying with any other security procedures that we notify you of. To mitigate this risk, you should use secure usernames and passwords and carefully protect them from disclosure and implement updated internet security and virus protection on your computer. If you suspect that your computer's security or your information has been compromised or your password accessed or used by an unauthorized third party, immediately change your password.

If we become aware of a security systems breach, we may attempt to notify you electronically so that you can take appropriate protective steps. We may post a notice through the Website if a security breach occurs. We may also send an email to you at the email address you have provided to use in these circumstances. Depending on where you live, you may have a legal right to receive notice of a security breach in writing.

Users should also be aware of how they handle and disclose their Personal Information and should avoid sending Personal Information through insecure email. Please refer to the Federal Trade Commission's website at http://www.business.ftc.gov/privacy-and-security/consumer-privacy for information about how to protect yourself against identity theft.

Your Rights

You can choose not to provide us with certain information, but that may result in you being unable to use certain features of our Website because such information may be required in order for you to register an account with us; purchase Products or services; participate in a contest, promotion, survey, or sweepstakes; ask a question; or initiate other transactions on our Website.We also reserve the right to verify the identity of any person making a request to opt-out or to delete or modify Personal Information; provided, however, that we will have no liability of any kind resulting from false or erroneous requests or any change or deletion made by us for any reason.

§     Accessing, Updating and Modifying Personal Information

Subject to applicable law, you may have the right to request access to and receive details about the Personal Information we maintain about you, update and correct inaccuracies in your Personal Information, and have the Personal Information deleted, as appropriate. These rights may be limited in some circumstances by local law. We may take reasonable steps to verify your identity before granting access or making corrections. You may request to access, change or delete your personal information, please contact us by email at orders.newyork@amaffi.com Also, changes to, or deletion of, any user information associated with an account you have with us does not affect any other information collected by Amaffi, which Amaffi may retain and continue to use or disclose in accordance with this Privacy Policy. If we have already provided your information to a third party before you have changed your preferences or updated your information, you may have to change your preferences directly with that third party.

§     Email and SMS Opt-Out

We may contact you via mail, email, and SMS. You can at any time tell us not to send you marketing communications (i) by mail by following the instructions that are included in a particular promotion, (ii) by email by clicking on the unsubscribe link within the marketing emails you receive from us or (iii) by SMS by following the "STOP" instructions provided with the message. If you have registered with us, you may also be able  to opt out of receiving marketing materials (by mail, email and/or SMS) by logging into your account and changing your preferences. Opt-out requests may not be able to be immediately processed, and we may also continue to send you other types of transactional and relationship email communications, such as service announcements, administrative notices, and surveys, without offering you the opportunity to opt out of receiving them. Please also note that changing information in any account you may have with us or otherwise opting out of receipt of promotional email communications will only affect future activities or communications from us.

§     Geolocation Information Opt-Out

When you use one of our mobile applications, we may ask you to share your location. You may choose not to share your geolocation details by adjusting your mobile device's location services settings.

Children's Privacy

Amaffi does not knowingly collect information from children under 18 and the Website, Products, and services related thereto are intended for adults over the age of 18. If you are a parent or guardian and believe that your child under the age of 18 has used the Website and provided personally identifiable information to us, please contact us at orders.newyork@amaffi.com and we will work to delete any such personally identifiable information.

Link To Other Websites

Our Website or mobile applications may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Law And Jurisdiction

This Privacy Policyis governed by New York law. All legal proceedings arising out of or in connection with this Privacy Policy shall be brought solely in the City of New York, State of New York. The United Nations Convention on Contracts for the International Sale of Goods shall not apply to any purchase or sale hereunder.

How To Contact Us

If you have any questions or comments about this Privacy Policy, please contact us by email at orders.newyork@amaffi.com

If we need, or are required, to contact you concerning any event that involves your Personal Information we may do so by telephone or email.

For California Residents

The following provisions apply only to residents of the state of California:

§ Do Not Track

Section 22575 of the California Business & Professions Code requires website and online service operators to disclose whether they honor web browser "Do Not Track" settings. At this time, no standard has been adopted by the World Wide Web Consortium (W3C) regarding such practices, and given current industry considerations, Amaffi does not generally respond to "do not track" signals and may collect Personal Information about your online activities over time and across different web sites when you visit the Website, for example by using cookies on our Website. We will update our practices and Policy as these standards evolve. For more information about Do Not Track, please visit www.allaboutdnt.org

§ CCPA

You have the right under the California Consumer Privacy Act of 2018 (CCPA) and certain other privacy and data protection laws, as applicable, to exercise free of charge:

Disclosure of Personal Information We Collect About You

You have the right to know:

·         The categories of Personal Information we have collected about you;

·         The categories of sources from which the Personal Information is collected;

·         Our business or commercial purpose for collecting or selling Personal Information;

·         The categories of third parties with whom we share Personal Information, if any; and

·         The specific pieces of Personal Information we have collected about you.

Please note that we are not required to:

·         Retain any Personal Information about you that was collected for a single one-time transaction if, in the ordinary course of business, that information about you is not retained;

·         Reidentify or otherwise link any data that, in the ordinary course of business, is not maintained in a manner that would be considered Personal Information; or

·         Provide the Personal Information to you more than twice in a 12-month period.

Personal Information Sold or Used for a Business Purpose

In connection with any Personal Information we may sell or disclose to a third party for a business purpose, you have the right to know:

·         The categories of Personal Information about you that we sold and the categories of third parties to whom the Personal Information was sold; and

·         The categories of Personal Information that we disclosed about you for a business purpose.

·         You have the right under the California Consumer Privacy Act of 2018 (CCPA) and certain other privacy and data protection laws, as applicable, to opt-out of the sale of your Personal Information.

RighttoDeletion

Subject to certain exceptions set out below, on receipt of a verifiable request from you, we will:

·         Delete your Personal Information from our records; and

·         Direct any service providers to delete your Personal Information from their records.

Please note that we may not delete your Personal Information if it is necessary to:

·        Complete the transaction for which the Personal Information was collected, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between you and us;

·        Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity;

·        Debug to identify and repair errors that impair existing intended functionality;

·        Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law;

·        Comply with the California Electronic Communications Privacy Act;

·        Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the achievement of such research, provided we have obtained your informed consent;

·        Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us;

·        Comply with an existing legal obligation; or

·        Otherwise use your Personal Information, internally, in a lawful manner that is compatible with the context in which you provided the information.

ProtectionAgainstDiscrimination

You have the right to not be discriminated against by us because you exercised any of your rights under the CCPA. Thismeanswecannot, amongotherthings:

·        Deny goods or services to you;

·        Charge different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties;

·        Provide a different level or quality of goods or services to you; or

·        Suggest that you will receive a different price or rate for goods or services or a different level or quality of goods or services.

Please note that we may charge a different price or rate or provide a different level or quality of goods and/or services to you, if that difference is reasonably related to the value provided to our business by your Personal Information.

§ California Do Not Sell My Personal Information

In California, the disclosure of personal information for which we receive valuable consideration (i.e., the receipt of some benefit other than money) is considered a "sale". We may disclose device information and network activity information for valuable consideration. This disclosure occurs through the use of cookies, primarily targeted advertising cookies, and you have the right to opt-out of the use of cookies on your browser.

Please note that your opt-out only applies to the browser you use to submit your opt-out, so if you use multiple browsers or devices, you must opt-out on each browser, on each device. Your opt-out is enabled using cookies so once you opt-out, if you delete your browser's saved cookies on a device, you will need to opt-out again on that browser on that device.

We do not sell the personal information of minors under 16 years of age without affirmative authorization if we have actual knowledge of the individual's age.

Nevada Residents

Amaffi does not "sell" personal information as defined under Nevada's consumer privacy law (SB 220). As an added assurance to individuals who entrust their personal data to us, they may sign up for a Do Not Sell My Information Log that we maintain. To do so, please email us at us orders.newyork@amaffi.com and include the reference line “Nevada Do Not Sell". We may contact you for additional information in order to process your request.

Updates To Our Privacy Policy

This Privacy Policy may be updated periodically and without prior notice to you to reflect changes in our personal information practices. If we decide to change this Privacy Policy, we will post a new version on the Website and update the date set forth above. Any changes or modifications to the Policy will be effective upon posting of the revisions. Your continued use of the Website following posting of any changes or modifications constitutes your acceptance of such changes or modifications and if you do not agree with these changes or modifications, you must immediately cease using the Website. For this reason, you should frequently review this Privacy Policy and any other applicable policies, including their dates.

Questions / Contact Information

If you would like to exercise any of your rights as described in this Privacy Policy, please:

·         Email/write to us at headquarters@amaffi.com or contact us via the form on our website.

Please note that those to whom the CCPA applies may only make a CCPA-related data access or data portability disclosure request twice within a 12-month period.

If you choose to contact us directly, you will need to provide us with:

·         Enough information to identify you (e.g., your full name, address and customer or matter reference number);

·         Proof of your identity and address (e.g., a copy of your driving license or passport and a recent utility or credit card bill); and

·         A description of what right you want to exercise and the information to which your request relates.

We are not obligated to make a data access or data portability disclosure if we cannot verify that the person making the request is the person about whom we collected information, or is someone authorized to act on such person's behalf.

Any Personal Information we collect from you to verify your identity in connection with you request will be used solely for the purposes of verification.

If you have any questions about our Privacy Policy, please contact us at headquarters@amaffi.com

wp-content\themes\uncode\library\img