The Shelf's Privacy Policy

Effective Date: May 25 2018

 
 

Welcome to The Shelf! The Shelf provides a platform for brands and influencers to work together (the “Shelf Platform”). This Privacy Policy tells you how The Shelf uses your data when you sign up to use the services on the Shelf Platform (the “Services”). We value the privacy of everyone who uses the Shelf Platform and are fully committed to protecting any information that you provide us. It is important that you read this privacy policy so you are fully aware of how and why we are using your data.

If you have any questions or comments concerning this policy, please feel free to contact us.

I. THE PERSONAL DATA WE COLLECT

Personal data means any information about an individual user from which that person can be identified. The Shelf will only collect personal data about you with your consent. The only information collected by us is what has been provided by you, collected by us, or provided to us lawfully by third parties including social media platforms such as Linkedin, Facebook, Instagram and Google.

The personal data we collect fall into the following categories:

  • Account Information includes first name, last name, username, password, and location. If you interact with us through social media, this may include your social media username.
  • Contact Information includes billing address, delivery address, email address and telephone number.
  • Profile Information includes details your username, your business name, your social media handles, as well as any additional profile data which has been added by you or us.
  • Financial Information includes payment details.
  • Transaction Information includes details about payments to and from you, and other details of the products/services purchased.
  • Your Content includes any information, material or content obtained by The Shelf from publicly available sources or third-party content providers and made available through your profile on the Shelf Platform. This includes your social media posts and blog posts across the channels that you include in your Shelf Platform profile as well as the information that you choose to post directly to the Shelf Platform.
  • Communications includes any communications that you make with us (via email, phone or through the Shelf Platform, or otherwise) or communications you make with other users.
  • Technical Information includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access the Services.
  • Usage Information includes information about how you use the Services.
  • Tracking Information includes information we or other parties collect about you from cookies and similar tracking technologies, such as web beacons, pixels and other identifiers.
  • Aggregated Information such as statistical or demographic data for any purpose. Aggregate Information may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity.
  • Marketing Information, which includes your preferences in receiving marketing from us.

We do not collect Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic biometric data). Nor do we collect any information about criminal convictions or offenses.

II. HOW WE COLLECT PERSONAL DATA

There are different methods in which we collect personal data from you.

Information that you provide us. You may give us your Account, Profile, Contact and Financial Information when registering for the Services or if you have previously provided us with this information prior to this Privacy Policy coming into effect, either directly from you or via a third party.

Automated Technologies or Interactions. When you use the Services, we may automatically collect Technical and Transactional Information, Communications, and Your Content,  that may, in certain circumstances, constitute personal data. We may also collect Tracking Information when you use our Services. Some of the ways in which we or the Shelf Platform may collect are as follows:

  1. Cookies and other technologies. We may place a “cookie” on the hard drive of the device that you use to access the Services. Cookies are text files that are saved on the hard drive of your device by means of your browser, enabling us to recognize your browser for purposes of automatically authenticating and logging you into the Services, saving your preferences and directing information to you.

  2. Web Beacon. A “Web beacon,” also sometimes called a pixel tag or transparent GIF, is an object that is embedded in a web page.  It is usually invisible to you, but allows website operators to check whether you have viewed a particular web page or email communication.  We may place web beacons on our website, and in the emails we send to you.

  3. Analytics Tools. By using cookies and web beacons, Google Analytics collects and stores data such as time of visit, pages visited, time spent on each page of the website, the Internet Protocol address, and the type of operating system used in the devices used access the Service. You can opt out of Google Analytics by using a browser plugin provided by Google (http://www.google.com/ads/preferences/plugin/).

  4. Clickstream Data. When you use the Services, a trail of electronic information is left at each website you visit. This information is referred to as “Clickstream Data”, and can be collected and stored by a website’s server. All clicks and pages that our users click are collected to determine how much much time a visitor spends on each page on the Shelf Platform, how users navigate the Shelf Platform and how we can tailor the Shelf Platform to meet the needs of our users. This information can be used to improve the Shelf Platform and our Services. Any collection or use of Clickstream Data will be anonymously aggregated, and will not intentionally contain any personal data.

  5. Location Data. The Shelf Platform, when given permission, will estimate the latitude and longitude coordinates of your IP address. We use this information to help us improve the relevance of search results.

Third Parties or Publicly Available Sources. We may also receive personal data about you from various third parties, including

  • Technical and/or Tracking Information from analytics providers, advertising networks and search information providers;
  • Contact, Financial and Transaction Information from providers of payment and fraud prevention services;

  • Account and Contact Information from data partners; and

  • Data from third parties who are permitted by law or have your permission to share your personal data with us, such as via social media or review sites. We will only use your personal data when the law allow us to.


III. HOW WE USE YOUR PERSONAL DATA

We will never sell your personal data to third parties for their use or marketing purposes. The Shelf uses the personal data that we collect for the following purposes:

  1. To provide you with our Services.To provide you with the Services, communicate with you about your use of the Services, respond to inquiries, provide troubleshooting, and for customer service purposes.

  2. To Personalize the Services. To provide you with personalized content through the Services, to suggest partnerships between you and a brand and/or influencer, to personalize help and instructions, and to otherwise personalize your experience on the Services.

  3. Marketing and Promotional Use. For marketing and promotional purposes, such as to send you news and newsletters, special offers, and promotions, or to otherwise contact you about information we think may interest you.

  4. Analytics. To gather metrics to better understand how users access and use the Services, to evaluate and improve the Services, and to develop new product features.

  5. To Prevent Misuse. Where we believe it is necessary to investigate, prevent or take action regarding illegal activities, suspected fraud, or situations involving threats of safety to any person or a violation of our Terms of Use or this privacy policy.

  6. For Contests, Giveaways and Promotions. In connection with contests, giveaways and other promotions that you may choose to participate in.  Any information you submit in connection with promotions will be subject to the terms of the promotion, not this Privacy Policy.  You will be given the option to consent to the use of your information at the time you sign up for the promotion. You will not be required to participate in any promotion, contest or giveaway.  

  7. To Comply with Law. If required to do so by law, court order or other government or law enforcement authority or regulatory agency; or, if we believe in good faith that disclosing this information is necessary or advisable, including, for example, to protect the rights, property, or safety of The Shelf, you, users, or others.  This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction.


IV. DISCLOSURE OF PERSONAL DATA

We may share your personal data with certain parties set out below for the purposes set forth in this Privacy Policy. We may also share your personal data if the law otherwise allows it.

We may share personal data with the following categories of third parties:

  1. Other users of the Services in accordance with this Privacy Policy (such as the availability of your Profile Information and Content to other users on the Shelf Platform);

  2. Service providers (such as technology service providers, hosting providers, payment processing, auditors, advisors, consultants, customer service and support providers, and fraud prevention providers);

  3. Subsidiaries and affiliates of The Shelf;

  4. Business Transfers (such as in the case of any merger, sale, and transfer of assets, acquisition or restructuring of all or part of our business, bankruptcy or similar events);

  5. Legally required (to public authorities, such as law enforcement, if we are legally required to or if we need to protect our rights or the rights of third parties);

  6. Protection of rights (where we believe it is necessary to respond to claims asserted against us, or comply with legal process, enforce or administer our agreements and terms, fraud prevention, risk assessment, investigation, and protect the rights, property and safety of our users).

We may also share data with third parties connected to advertising, retargeting and analytics (see Cookies Policy below for more information).

We may also share data with third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. We may also seek to acquire other businesses or merge with them. If a change happens to our business, the new owners may use your personal data in the same ways set forth in this privacy policy.

We require all third parties to respect the security of your personal data and to treat it in accordance with law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specific purposes in accordance with our instructions.

Cookies are small pieces of text used to store information on web browsers by a web server. The purpose of a cookie to to identify users and help create a customized experience for them. By using the Shelf Platform and the Services, you agree to the use of cookies for the purposes described in this Section V.

Cookies may be placed on your computer or device, which will allow us and other trusted partners (see below) to receive information stored in cookies when you visit the Shelf Platform and use the Services.  

Different types of cookies are used when using the Services. These include:

  1. Authentication. When signing into the Services, cookies help us recognize you.

  2. Research, Analytics and Fraud Prevention. Cookies may be used to understand how our users use the Services so we can improve them.

  3. Feature and Services. Cookies can be used to personalize the features on the Services based on your preference and history.

  4. Advertising. We may install tracking from advertising networks such as Linkedin, Facebook and Google in our Services. The data collected by these networks allows us to target ads to our users and measure their performance.

We allow a few trusted partners to use cookies in our Services. Here is a list of the third parties using cookies on the Shelf Platform and through our Services:

  1. Google Analytics

  2. Stripe

  3. Linkedin Ads

  4. Facebook Ads

  5. Intercom.io

You can remove or block certain cooking using the settings in your browser. If you choose to remove or block certain cookies, you may still use our Services however your access to some functionality and areas may be restricted.


VI. PAYMENT INFORMATION

The Shelf uses third party payment processor Stripe.com to process transactions made via the Services.  All online payments will be conducted in accordance with Payment Card Industry (PCI) data security standards and your billing information is encrypted before being communicated to them. Subject to the below exceptions, your credit card details are communicated directly from your browser to these payment processors. The Shelf never sees your payment information. This means the payment form is either off-site or displayed in a frame on the payment page.

VII. INTERNATIONAL TRANSFER OF PERSONAL DATA

The Shelf is a worldwide service that is maintained in the United States. By using Services, you authorize us to transfer and store your information outside your home country to the United States, for the purposes described in this privacy policy. If you are situated in the EU, please see section Rights of European Union Data Subject below.

Privacy Shield Notice

The Shelf participates in and has certified its compliance with the EU-U.S. and Swiss-US Privacy Shield Framework. The Shelf is committed to subjecting all personal data received from European Union (EU) member countries and Switzerland in reliance on the Privacy Shield Framework’s applicable Principles. To learn more about Privacy Shield Framework, visit U.S. Department of Commerce Privacy Shield List at http://www.privacyshield.gov.

The Shelf is responsible for the processing of personal data it receives under the Privacy Shield Framework and subsequently transfers to a third party acting as an agent on its behalf. The Shelf complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.

With respect to personal data received or transferred pursuant to the Privacy Shield Framework, The Shelf is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situation, The Shelf may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

 

VIII. HOW WE STORE INFORMATION

The security of personal data is important to us! The Shelf will take reasonable steps to protect all personal data, and to keep this information accurate, up to date, complete and relevant.

Our standard procedures call for us to retain information submitted by users for an indefinite length of time. The Shelf understands your submissions as consent to store all your information in one place for this indefinite length of time, if we so wish. If required by law, as is the case to comply with the Children's Online Privacy Protection Act (COPPA), we will nullify user information by erasing it from our database. We will also respond to written user requests to nullify account information.

Your profile is password-protected so that only you have access to your account information. If you have registered for a Shelf Platform account using the single-sign on or account synchronization applications of Facebook, Twitter, or other social network services, then your login and password shall be the same as your social network login and password. In order to maintain this protection, do not give your password to anyone. The Shelf staff will never proactively reach out to you and ask for any personal account information, including your password.  For our web application, you should sign out of Your account and the browser window before someone else obtains access. You should never share devices. This will help protect your information entered on public terminals from disclosure to third parties.

Unfortunately, no data transmission can be guaranteed to be 100% secure. As a result, we cannot guarantee the security of any information you transmit, and you do so at your own risk. If You have any further questions on this issue, please refer our Terms of Use. The Shelf expressly disclaims any liability that may arise should any other individuals obtain the information you submit.

 

IX. CHOICES YOU HAVE

You may check your information to verify, update or correct it, and to have any obsolete information removed. If you created an account on our website, you can access and change your online account profile yourself. You can also review any of the information that we have retained, how we have used it, and to whom we have disclosed it at any time by contacting us as indicated in the Contact Us section below. Subject to certain exceptions prescribed by law, and provided we can authenticate your identity, you will be given reasonable access to your personal information, and will be entitled to challenge the accuracy and completeness of the information and to have it amended as appropriate. You may also ask us to change your preferences regarding how we use or disclose your information, or let us know that you do not wish to receive any further communication from us.

 

X. OUR POLICY ON CHILDREN’S INFORMATION

The collection of personal data is neither intended for, nor direct to, persons who are under the age of thirteen (13) years old. Personal data will not be collected by any person who is known by The Shelf to be under the age of thirteen (13) without the consent of a parent or legal guardian. Persons under age thirteen (13) may only use the Services with the involvement and consent of a parent or legal guardian.

 

XI. LINKS TO OTHER WEBSITES

The Shelf Platform may contain links to third party sites or online services. We are not responsible for the practices of such third parties, whose information practices are subject to their own policies and procedures.

 

XII. CALIFORNIA PRIVACY

This Section applies to California residents. Under California Law, California residents have the right to request in writing from a business where a business relationship exists:

  1. A list of categories of personally identifiable information, such as name, email address and mailing address and the type of service provided to the customer that a business has disclosed to third parties (including affiliates that are separate legal entities) during the preceding calendar year for the third parties’ direct marketing purposes; and

  2. The names and addresses of all such third parties.

To request the above information or opt out of the use of your personally identifiable information, please contact us.

 

XIII. CHANGES TO THIS POLICY

If at any point we change our privacy policy, we will post those changes to this page. If we decide to use particular personal data in a manner materially different from that stated at the time it was collected, We will notify users by way of an email and your continued use of the Service will constitute acceptance of the new terms. We also encourage you to review this Privacy Policy periodically.

 

XIV.. QUESTIONS OR CONCERNS

Whether you live in or outside the United States, The Shelf, Inc is the data controller and is responsible for your personal data. You can contact Our data controller at privacy_support@theshelf.com.

If you have any questions or concerns about Our Privacy Policy, please contact us at privacy_support@theshelf.com.

 

XV. RIGHTS OF EUROPEAN UNION DATA SUBJECTS

Shelf, Inc. generally acts as the data controller of the information you submit through the Shelf Platform. The Shelf complies with the European Union General Data Protection Regulation (“GDPR”), which comes into effect May 25, 2018. The GDPR deals with the processing of personal data.

You have no obligation to provide us with personal data. However, if you do not provide us with personal data, you withdraw your consent, or you request restriction over or otherwise object to our processing of your personal data, we may not be able to provide you with access to, or the functionality of the Services and The Shelf Platform.

 

Legal Bases of Processing

Below are the lawful basis that we rely on to process your personal data:

  1. Consent. The Shelf processes your personal data on the legal basis of consent, which you grant when you sign up for our Services.

  2. Performance of Contract. The Shelf also processes personal data in order to perform its obligations under its agreement with you under The Shelf Terms of Use, and where necessary, for the purposes of legitimate interests as set out in this Privacy Policy. To the extent that your personal data is provided to The Shelf, it is a contractual requirement.

  3. Legitimate Interest. The Shelf processes personal data in order to conduct and manage our business and to enable us to give you the best service/product with the best and most secure experience.

  4. Comply with Legal or Regulatory Obligations. The Shelf may process your personal data to comply with legal or regulatory obligations that we are subject to.

Purposes for processing of personal data

The Shelf will process personal data that we collect from you from third parties in accordance with this Privacy Policy. Personal data from your use of The Shelf Platform, including usage performance information, device information and other information in accordance with Section III.  

Recipients or categories of recipients of personal data

The recipients of the personal data are The Shelf and the entities as set forth in Section IV.  

Overseas recipients

The Shelf is headquartered in the United States. As such, the recipients of your personal data may be located in countries in which the privacy or data protection laws differ from those of the European Union, and which are not subject of any adequacy decision by the European Commission. By using the Shelf Platform, you freely and specifically give us your consent to export and use your information within the United States. You understand that the data stored in the United States is subject to lawful requests by the courts or law enforcement authorities in the United States. If you are in the EU, whenever we transfer personal data to processors out of the EU, we take appropriate safeguards to protect your personal data. We may use specific contracts approved by the European Commission which give personal data the same protection it has in the EU.

Withdrawing consent, or objecting or restricting to processing of personal data

You may withdraw your consent at any time for the processing of personal data, or otherwise request that we restrict our processing of your personal data.

How long we keep your personal data

The Shelf will store your personal information for as long as you subscribe to our Services and for a period of time afterwards based on our document retention obligations imposed by law, to comply with audit and financial obligations, and in relation to personal information contained in material which you have licensed or assigned to us for a period of time required to enforce or establish our rights in that material.

Your rights under the GDPR

You have a number of rights under the GDPR. These include the right to:

  1. Request access to your personal data from us;

  2. Request that we correct or erase your personal data:

  3. Withdraw your consent for us to use your personal data;

  4. In some circumstances, to object to the use of your personal data by us and request that we restrict our use of your personal information;

  5. Receive your personal information held by us, in a commonly used electronic format, or to have us transfer such personal information to another service provider of your choosing;

  6. Lodge a complaint in relation to our processing of your personal information with a data protection supervisory authority under the GDPR; and

  7. Be informed generally about the collection and use of your personal information, including where we intend to further process your personal information for additional purposes other than as discussed above.


 

Effective May 25, 2018