Effective as of 2022 March 21.
This “Privacy Policy” describes the privacy practices of Shared Spirits, Inc. (“Shared Spirits”, “we”, “us”, or “our”) and how we handle personal information that we collect as a controller (such as when we collect personal information when you contact us directly), and also describes our practices regarding personal information we collect on our business customers’ (i.e., ecommerce merchants that offer the Service on their websites) behalf as a processor (such as when we collect personal information from end users, such as the sender of a digital credit and the recipient of a digital credit, through our business customers’ implementation of our products and services (the “Service”)). As appropriate, this Privacy Policy will distinguish between our practices as a processor (which is when we process data on behalf of our business customers as a service provider in connection with our provision of the Service) and our practices as a controller (which is when we process data for our own purposes). Further, this Privacy Policy only applies to personal information collected from consumers and end users of our Service (i.e., senders and recipients of digital credits) and does not apply to the personal information of our business customers (e.g., business contact information).
Shared Spirits may provide additional or supplemental privacy policies to individuals for specific products or services that we offer at the time we collect personal information. These supplemental privacy policies will govern how we may process the information in the context of the specific product or service.
Table of Contents
- Personal information we collect as a Controller
- How we use your personal information as a Controller
- How we share your personal information as a Controller
- Your choices for personal information we collect as a Controller
- Personal information we collect as a Processor
- How we use your personal information as a Processor
- How we share your personal information as a Processor
- Other sites and services
- Security practices
- International data transfers
- Children
- Changes to this Privacy Policy
- How to contact us
Personal information we collect as a Controller
When you communicate with us or use the Service, we may collect certain personal information about you for which we act as a controller. This section describes the types of personal information we may collect about you as a controller, and the ways in which we collect such information:
Information you provide to us. We may collect the following types of personal information directly from you when you provide it to us:
- Contact data, such as your name and email address, when you contact us with feedback.
- Feedback or correspondence, such as information you provide when you contact us with questions, feedback, or otherwise correspond with us online.
- Usage information, such as information about how you use the Service and interact with us.
Automatic data collection. We or our service providers may automatically log the following types of information about you, your computer or mobile device, and your interactions over time with us:
- Device data, such as your computer’s or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, language settings, mobile device carrier, radio/network information (e.g., Wi-Fi, LTE, 3G), and general location information such as city, state or geographic area.
- Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to the website, navigation paths between pages or screens, information about your activity on a page or screen, access times and duration of access, and whether you have opened our marketing emails or clicked links within them.
Cookies and similar technologies. Like many online services, we may collect limited information about you through cookies and other similar technologies. Cookies are text files that websites store on a visitor‘s device to uniquely identify the visitor’s browser or to store information or settings in the browser for the purpose of helping you navigate between pages efficiently, remembering your preferences , enabling functionality, helping us understand user activity and patterns, and facilitating analytics.
How we use your personal information as a Controller
For the personal information we collect about you as a controller, we may use such personal information for the following purposes or as otherwise described at the time of collection:
Service delivery and business operations. We may use your personal information to:
- provide, operate and improve our business;
- communicate with you, including by sending announcements, updates, security alerts, and support and administrative messages;
- understand your needs and interests, and personalize your experience with our communications; and
- provide support for the Service, and respond to your requests, questions and feedback.
- all of the above may be delivered via sms, text, email, or other services that become available. All modes of communication will be opt in with the exception of certain communications that are required for fulfillment of the Service.
Research and development. We may use your personal information for research and development purposes, including to analyze and improve our business. As part of these activities, we may create aggregated, de-identified or anonymous data from personal information we collect. We may use this aggregated, de-identified or anonymous data and share it with third parties for our lawful business purposes, including to analyze and improve the website and promote our business.
Compliance and protection. We may use your personal information to:
- comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities;
- protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims);
- audit our internal processes for compliance with legal and contractual requirements or our internal policies;
- enforce the terms and conditions that govern the website or otherwise; and
- prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.
With your consent. In some cases, we may specifically ask for your consent to collect, use or share your personal information, such as when required by law.
How we share your personal information as a Controller
For the personal information we collect about you as a controller, we may share such personal information with the following parties and as otherwise described in this Privacy Policy or at the time of collection.
Service providers. Third parties that provide services on our behalf or help us operate our business (such as information technology, customer support, email delivery, and website analytics).
Professional advisors. Professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.
Authorities and others. Law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.
Business transferees.Acquirers and other relevant participants in transactions (or negotiations and diligence for such transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests in, Shared Spirits or our affiliates (including, in connection with a bankruptcy or similar proceedings).
Your choices for personal information we collect as a Controller
For the personal information we collect about you as a controller, you have the following choices with respect to such personal information.
Cookies. Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. Please note that if you set your browser to disable cookies, the Service may not work properly. For more information about cookies, including how to see what cookies have been set on your browser and how to manage and delete them, visit www.allaboutcookies.org.
Analytics Providers. We work with third party analytics service providers, such as Google Analytics, to help us better understand how people use the Service. For example, we use Google Analytics to learn more about the types of users that use the Service and to help improve our Service. To provide this service, Google Analytics may collect certain information about you from your computer, including the pages you visit, the length of your visit, information about your device (such as your IP address), and other information about you. You can learn more about Google Analytics and how it collects and processes data by visiting https://policies.google.com/technologies/partner-sites. You can opt out of Google Analytics by using the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout/, or by disabling cookies on your browser.
Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
Personal information we collect as a Processor
When you use our business customers’ implementation of our Services (e.g., you send or receive a digital drink credit), we may collect certain personal information about you, for which we act as a processor on behalf of our business customers (who act as the controllers of such data). This section describes the types of personal information we may collect about you as a processor, and the ways in which we collect such information. Please note our business customers may have their own privacy policies that govern the personal information collected in connection with their use of our Services, and you should consult the policies of and/or contact the applicable business customer to see how they process and share your personal information relating to the Services, including with respect to any rights you may have to such personal information.
- As a sender of a digital credit, we may collect the following types of personal information directly from you (on behalf of our business customers) when you provide it through the Services:
- Contact information, such as your first and last name, email and mailing addresses, and mobile number.
- Content you choose to upload to the Service, such as text when you are writing a message to the recipient of a digital credit.
- Contact information of the recipient, such as the recipient’s first and last name, email address, and mobile number. (Note that if you are a sender, our Terms of Use require you to obtain the express consent of the recipient prior to sharing their contact information with us for purposes of facilitating delivery of their digital credit).
- Payment information,such as payment card information (billing name, credit card number, expiration data, CVV, and billing address) that is collected and processed by our payment processor Stripe as further described below in the “How we share your personal information as a Processor” section.
- Transaction information, such as information about payments to and from you and other details of products or services you have purchased.
- Marketing information, such as your preferences for receiving communications about our business customer’s products, services, offers, activities, events, and publications.
- As a recipient of a digital credit, we may collect the following information from you:
- Contact information, such as your first and last name, email and shipping addresses, and mobile number.
- Your preferences regarding your digital credits, such as, when offered, your choices, categories, varieties, favorite merchants or other customization options.
- Marketing information, such as your preferences for receiving communications about our business customer’s products, services, offers, activities, events, and publications.
Other information that we may collect which is not specifically listed here, but which we will use in accordance with this Privacy Policy or as otherwise disclosed at the time of collection.
How we use your personal information as a Processor
For the personal information we collect about you as a processor on our business customers’ behalf, we may use such personal information for the following purposes or as otherwise described at the time of collection:
Service delivery. We use your personal information to:
- provide, operate and improve the Services;
- provide support and maintenance for the Services; and
- respond to your requests, questions and feedback.
Research and development. We may use your personal information for research and development purposes, including to analyze and improve the Services and our business. As part of these activities, we may create aggregated, de-identified or other anonymous data from personal information we collect. We may use this aggregated, de-identified or anonymous data and share it with third parties for our lawful business purposes, including to analyze and improve the product and promote our business.
Compliance and protection. We may use your personal information to:
- comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities;
- protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims);
- audit our internal processes for compliance with legal and contractual requirements or our internal policies;
- enforce the terms and conditions that govern the Services; and
- prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.
With your consent. In some cases, we may specifically ask for your consent to collect, use or share your personal information, such as when required by law.
How we share your personal information as a Processor
For the personal information we collect about you as a processor on our business customers’ behalf, we may share such personal information with the following parties and as otherwise described in this Privacy Policy or at the time of collection.
Recipients of a digital credit. If you are a sender of a digital credit, we will share certain personal information, such as your first and last name and mobile number, with the recipient so that the recipient is aware that you have sent them a treat.
Business Customers. If you are a sender or recipient of a digital credit, we will share your personal information with our business customers to facilitate the transaction. Please note our business customers may have their own privacy policies that govern the personal information collected in connection with their use of our Services, and you should consult the policies of and/or contact the applicable business customer to see how they process and share your personal information relating to the Services.
Service providers. Third parties that provide services on our behalf or help us operate the product or our business (such as hosting, information technology, customer support, email delivery, or marketing).
Payment processors. Any payment card information you use to make a purchase on the Service is collected and processed directly by our payment processor, Stripe. Stripe may use your information, including payment information, in accordance with its privacy policy,https://stripe.com/privacy.
Third parties designated by our business customers. We may share your personal information with third parties where our business customers have instructed us to do so.
Professional advisors. Professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.
Authorities and others. Law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.
Other sites and services
The Service may contain links to websites, mobile applications, and other online services operated by third parties. In addition, our content may be integrated into web pages or other online services that are not associated with us. These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. We do not control websites, mobile applications or online services operated by third parties, and we are not responsible for their actions. We encourage you to read the privacy policies of the other websites and mobile applications and online services you use.
Security practices
We employ organizational, technical and physical safeguards designed to protect the personal information we collect. However, security risk is inherent in all internet and information technologies and we cannot guarantee the security of your personal information.
International data transfers
We are headquartered in the United States and may use service providers that operate in other countries. Your personal information may be transferred to the United States or other locations where privacy laws may not be as protective as those in your state, province, or country.
Children
The Service is not directed to, and we do not knowingly collect personal information from, anyone under the age of 21. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us. We will delete such information from our files as soon as reasonably practicable. We encourage parents with concerns to contact us.
Changes to this Privacy Policy
We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the Service. We may, and if required by law will, also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via e-mail (if you have an account where we have your contact information) or another manner through the Service.
Any modifications to this Privacy Policy will be effective upon our posting the new terms and/or upon implementation of the new changes on the Service (or as otherwise indicated at the time of posting). In all cases, your continued use of the Service after the posting of any modified Privacy Policy indicates your acceptance of the terms of the modified Privacy Policy.
How to contact us
Please direct any questions or comments about this Policy or privacy practices to [email protected]. You may also write to us via postal mail at:
Shared Spirits, Inc. Attn: Legal/Privacy 1804 Williamson Court, Suite 207 Brentwood, TN 37027