Please read our privacy policy carefully to get a clear understanding of
how we collect, use, protect or otherwise handle your Personally Identifiable
Information in accordance with our website and services. By accessing or using the
Service, including browsing the site, you expressly consent to the collection, use,
storage, processing, and disclosure of your information in accordance with our Privacy
Policy.
Please read our privacy policy carefully to get a clear understanding of
how we collect, use, protect or otherwise handle your Personally Identifiable
Information in accordance with our website and services. By accessing or using the
Service, including browsing the site, you expressly consent to the collection, use,
storage, processing, and disclosure of your information in accordance with our Privacy
Policy.
Compliance concerning accordance with Regulation EU 2016/679 (GDPR
Compliance)
General Data Protection Regulation enters into force at May 25, 2018.
Vanan Online Services, located at Vanan Online Services, Inc., 10711 Spotsylvania Ave,
Suite A, Fredericksburg VA 22408, USA is dedicated to fulfill European standards of data
protection and to actively support it. This GDPR compliance shall be understood as
unilaterally binding upon us and become operational as an exhibit to the Privacy Policy.
Vanan Online Services as a Controller in relation to data content and
Personal Data (and in some cases a data processor in relation to Personal Data) of
Customers, dedicates itself to fulfill all standards necessary to ensure proper data
protection. As this Compliance form is unilaterally binding upon us, it may be used by
any party using Vanan Online Services as a proof for our declaration concerning GDPR
compliance.
We have also entered into data processing agreements (DPAs) with all of
our sub processors and we have a DPA available for customers as well. So, if you’re
interested please send us a request either through our support email –
[email protected] or you can contact our below listed Data Protection Officer
(DPO) and we will send you the instructions to proceed.
What personal information do we collect from the people that visit
our blog, website or app?
When ordering or registering on our site, as appropriate, you may be
asked to enter your name, email address, mailing address, phone number, credit card
information or other details to help you with your experience.
When do we collect information?
We collect information from you when you register on our site, place an
order, subscribe to a newsletter, respond to a survey, fill out a form, Use Live Chat,
Open a Support Ticket or enter information on our site or when you provide us with
feedback on our products or services.
How do we use your information?
We may use the information we collect from you when you register, make a
purchase, sign up for our newsletter, respond to a survey or marketing communication,
surf the website, or use certain other site features in the following ways:
- To personalize your experience and to allow us to deliver the type
of content and product offerings in which you are most interested.
- To improve our website in order to better serve you.
- To allow us to accurately respond to your customer service requests.
- To administer a contest, promotion, survey or other site feature.
- To quickly process your transactions.
- To ask for ratings and reviews of services or products.
- To follow up with our customers after the initial contact (live
chat, email or phone inquiries).
- To secure (establish, investigate or defend) Customer’s, as well as
Company’s claims that may arise due to the Services.
Consent for processing and transferring Personal Data
The Customer agrees and warrants that the processing, including the
transfer of its Personal Data has been and will continue to be carried out in accordance
with the relevant provisions of the applicable Data Protection Laws (and, where
applicable, has been notified to the relevant authorities of the Member State where the
Company is established or has its representative) and does not violate the relevant
provisions of that State.
Profiling Personal Data
Please note that by using our Services, Customer gives its consent to the
profiling of its Personal Data that was given to the Company, for the purpose of proper
maintenance and providing the Service and others specified in the Privacy Policy.
Customer agrees that the profiling of its data shall serve, in particular, the purpose
of providing Customer with content that is accurate and consistent with the scope of the
Service. Customer acknowledges that it has the right not to be profiled. In such case
the request can be made at any time at [email protected]. Withdrawing the
consent is tantamount to the termination of the Agreement.
Retention of Copies
The Company may retain Customer Personal Data to the extent required by
applicable European Union law or the law of an EU Member State and only to the extent
and for such period as required by such laws and always provided that the Company shall
ensure the confidentiality of all such Customer Personal Data and shall ensure that such
Personal Data is only processed as necessary for the purpose(s) specified in such law
requiring its storage and for no other purpose.
The Customer agrees that after the termination or expiration of the
Agreement its data may be stored as a backup for the time needed to secure (establish,
investigate or defend) Customer’s and Company’s claims that may arise due to the
performance of the Services (for the time it takes for the claims to be barred).
Right to Access, Amend or Erasure
Each data subject has the right to access, correct, amend, block or
delete its Personal Data. The Company shall comply with any commercially reasonable
request by Customer to correct, amend, block or delete Customer’s Personal Data, as
required by Data Protection Laws, to the extent the Company is legally permitted to do
so. If you wish to access, amend, or confirm that Vanan Online Services has Personal
Data relating to you, or if you wish to correct or delete your Personal Information if
it is inaccurate, please notify us at: [email protected]. If your Personal Data
changes, or if you no longer desire our Services, you may correct, update, delete
inaccuracies or request deactivation of your account e-mailing us at
[email protected]. We will respond to your access request within 30 days. To
request removal of your personal data from our testimonials or customer support forum,
please contact us at [email protected]. In some cases, we may not be able to
remove your Personal Information, in which case we will let you know if we are unable to
do so and why.
Geo-Location data
Please be aware Vanan Online Services may have access to your
geo-location data as we collect and process IP address of all devices you use to access
our website or customer portal. Collecting and processing your geo-location data refers
to mobile devices as well as computers. It happens regardless you are a Visitor or a
Customer.
How do we protect your information?
We guarantee that we take reasonable and appropriate technical and
operational measures to protect your Personal Information we collect and hold from loss,
misuse and unauthorized access, disclosure, alteration, and destruction. While
protecting your personal data we take into due account the risk involved in the
processing and the nature of the Personal Data.
Due to the scale of data processing being part of operational process of
Vanan Online Services, we conduct periodical Risk Assessments & Malware Scanning to
ensure data protection.
Our website is scanned on a regular basis for security holes and known
vulnerabilities in order to make your visit to our site as safe as possible.
Your personal information is contained behind secured networks and is
only accessible by a limited number of persons who have special access rights to such
systems, and are required to keep the information confidential. In addition, all
sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL)
technology.
We implement a variety of security measures when a user places an order
enters, submits, or accesses their information to maintain the safety of your personal
information.
All payment transactions are processed through a gateway provider and are
not stored or processed on our servers.
Do we use 'cookies'?
The so called ‘cookies’ are used while using Services or products
rendered by Vanan or browsing any of the website where our Services are installed. These
are pieces of information sent by the server, stored on a user’s computer for the
purpose of automatic identification of a particular user when using our Services.
‘Cookies’ enable us to quickly confirm your identity and owing to them the use of our
Services becomes much easier and more widely available. ‘Cookies’ are used by Vanan
solely with the purpose of personalizing a particular user. ‘Cookies’ can be used on
condition that they are accepted by a browser and that they shall not be removed from
the storage media. Users who removed ‘cookies’ from their storage media or have not
accepted them on their browser may not have complete access to the Services rendered by
Vanan. We do not link the information we store in cookies to any Personal Data you
submit while on our site. The use of third party cookies is not covered by our Privacy
Policy. We do not have access or control over these cookies.
We use cookies to:
- Help remember and process the services you require.
- Understand and save user's preferences for future visits.
- Keep track of advertisements.
- Compile aggregate data about site traffic and site interactions in
order to offer better site experiences and tools in the future.
Third-party disclosure
We do not sell, trade, or otherwise transfer to outside parties your
Personally Identifiable Information unless we provide users with advance notice. This
does not include website hosting partners and other parties who assist us in operating
our website, conducting our business, or serving our users, so long as those parties
agree to keep this information confidential. We may also release information when its
release is appropriate to comply with the law, enforce our site policies, or protect
ours or others' rights, property or safety.
However, non-personally identifiable visitor information may be provided
to other parties for marketing, advertising, or other uses.
Third-party links
We do not include or offer third-party products or services on our
website.
Sub-processors
If we need to use a Sub-processor in order to provide and support the
features of our Services, we may share your Personal Information for that purpose. All
third parties with which we share this information are required to use your Personal
Information in a manner that is consistent with this Policy. We will provide an
individual opt-out or opt-in choice before we share data with third parties other than
our Third Party Service Providers we use while providing our Services, or before we use
it for a purpose other than which it was originally collected or subsequently
authorized. To limit the use and disclosure of your Personal Information, please submit
a written request by e-mailing us at [email protected].
Social media (features) and widget
Our websites includes social media features, such as the ‘Facebook Like
button’ and Widgets, such as the ‘Share This button’ or interactive mini-programs that
run on our site. These features may collect your IP address, which page you are visiting
on our site, and may set a cookie to enable the feature to function properly. Social
media features and widgets are either hosted by a third party or hosted directly on our
site. Your interactions with these features are governed by the privacy policy of the
company providing it.
Testimonials
We post Customer testimonials on our websites which may contain Personal
Data. We use pre-defined java script to display our Customers’ comments on our websites.
In any other scenario, we do obtain the Customer’s consent via e-mail prior to posting
the testimonial to post their name along with their testimonial. To request removal of
your Personal Data from our testimonials or customer support forum, please contact us at
[email protected]. Data correction, return or deletion requests will be answered
within 30 days.
Blog Comment system
In order to post comments on our websites (i.e. our blogs) you must sign
into Wordpress, Twitter, Disqus or Google, as we use ‘blog plugins’ to allow Visitors
and Customers to leave comments on our blogs. No Personal Information is tied to your
posts. You subscribe to our blogs by providing your e-mail address. We will only use
this to send you an e-mail notification when new blogs have been posted and when users
comment on a blog that you previously have commented. We will not use this information
for any other purpose. You have the opportunity to opt-out from our blog e-mails by
using ‘unsubscribe’ button.
Google Adwords
Google's advertising requirements can be summed up by Google's
Advertising Principles. They are put in place to provide a positive experience for
users. Link
Google, as a third-party vendor, uses cookies to serve ads on our site.
We, along with third-party vendors such as Google use first-party cookies (such as the
Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or
other third-party identifiers together to compile data regarding user interactions with
ad impressions and other ad service functions as they relate to our website.
Opting out of Google Adwords:
Users can set preferences for how Google advertises to you using the
Google Ad Settings page. Alternatively, you can opt out by visiting the Network
Advertising Initiative Opt Out page or by using the Google Analytics Opt-Out Browser add
on.
California Online Privacy Protection Act
CalOPPA is the first state law in the nation to require commercial
websites and online services to post a privacy policy. The law's reach stretches well
beyond California to require any person or company in the United States (and conceivably
the world) that operates websites collecting Personally Identifiable Information from
California consumers to post a conspicuous privacy policy on its website stating exactly
the information being collected and those individuals or companies with whom it is being
shared. - See more at:
http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf
According to CalOPPA, we agree to the following:
- Users can visit our site anonymously.
- Once this privacy policy is created, we will add a link to it on our
home page or as a minimum, on the first significant page after entering our website.
- Our Privacy Policy link includes the word 'Privacy' and can easily
be found on the page specified above.
You will be notified of any Privacy Policy changes:
- On our Privacy Policy Page
You can change your personal information:
- By emailing us at [email protected]
- By calling us
- By logging in to your account
- By chatting with us or by sending us a support ticket
How does our site handle Do Not Track signals?
We honor Do Not Track signals and Do Not Track, plant cookies, or use
advertising when a Do Not Track (DNT) browser mechanism is in place.
Does our site allow third-party behavioral tracking?
It's also important to note that we do not allow third-party behavioral
tracking
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children
under the age of 13 years old, the Children's Online Privacy Protection Act (COPPA) puts
parents in control. The Federal Trade Commission, United States' consumer protection
agency, enforces the COPPA Rule, which spells out what operators of websites and online
services must do to protect children's privacy and safety online.
- We do not specifically market to children under the age of 13 years
old.
- We do not let third-parties, including ad networks or plug-ins
collect PII from children under 13.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email,
establishes requirements for commercial messages, gives recipients the right to have
emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
- Send information, respond to inquiries, and/or other requests or
questions.
- Process orders and to send information and updates pertaining to
orders.
- Send you additional information related to your product and/or
service.
- Market to our mailing list or continue to send emails to our clients
after the original transaction has occurred.
To be in accordance with CANSPAM, we agree to the following:
- Not use false or misleading subjects or email addresses.
- Identify the message as an advertisement in some reasonable way.
- Include the physical address of our business or site headquarters.
- Monitor third-party email marketing services for compliance, if one
is used.
- Honor opt-out/unsubscribe requests quickly.
- Allow users to unsubscribe by using the link at the bottom of each
email.
Data Breach & Incident response plan
Data Breach is defined as the unauthorized acquisition or access of
unencrypted Confidential Information or Personal Data that compromises the
confidentiality, integrity, or availability of that information. A Data Breach can occur
not only virtually through computer networks but also physically through unauthorized
access into Vanan Online Services locations or computers. A Data Breach can also include
any breaches that affect third-party vendors that provide services or hosting to Vanan
Online Services.
Vanan Online Services maintains a Security Incident Response Plan that is
based on guidelines from the US privacy law & EU GDPR.
All employees & sub-processors are required to immediately notify the
IT Department of any actual or suspected Data Breach – including events that affect
third-party vendors. The IT department will then follow the Security Incident Response
Plan.
Vanan Online Services commits to notify affected individual via email as
soon as possible but no later than 72 hours after reasonable suspicion of a Data Breach.
SMS & Mobile Messaging Privacy
We collect mobile phone numbers only with the user’s explicit consent for
service-related communications such as order updates, file requests, or customer
support.
We do not share or sell mobile phone numbers to third parties for
marketing purposes.
You can opt out of receiving SMS messages at any time by replying STOP to
any message. For help, reply HELP or contact us at [email protected].
Standard message and data rates may apply.
Privacy Policy modification
We may update this privacy statement to reflect changes to our
information practices. If we make any significant material changes we will notify
you by e-mail (sent to the e-mail address specified in your ‘customer
account/order’) or by means of a notice on the website prior to the change becoming
effective. We encourage you to periodically review this website for the latest
information on our privacy practices.