Last updated: August 5, 2022
Shelf is committed to meet all European Union (EU) General Data Protection Regulation (GDPR) and California Consumer Protection Act (CCPA or CaCPA) requirements.
THE INFORMATION WE COLLECT AND RECEIVE
In order to create a Shelf account and use our services, we need to collect and process certain information. We collect and receive this information in a variety of ways and may include:
- Personal Data
Personally identifiable information, such as your name, shipping address, email address, and telephone number, and demographic information, such as your age, gender, hometown, and interests, that you voluntarily give to us when you register with the Site or when you choose to participate in various activities related to the Site, such as online chat and message boards. You are under no obligation to provide us with personal information of any kind, however, your refusal to do so may prevent you from using certain features of the Site.
- Derivative and Usage Data
Information our servers automatically collect when you access the Site, such as your IP address, your browser type, your operating system, your access times, and the pages you have viewed directly before and after accessing the Site; Information about the ways people visit and interact with our Site, in the form of traffic analytics. You can opt out of being included in Google Analytics here.
- Financial Data
Financial information, such as data related to your payment method (e.g. valid credit card number, card brand, expiration date) that we may collect when you purchase, order, return, exchange, or request information about our services from the Site. Shelf partners with Stripe for payment processing and the payment you submit is collected and used by them in accordance with their privacy policies, which are available here. Shelf does not store your payment information apart from the type of credit or debit card, the last four digits of the card, the expiration date of the card, and the name associated with the card.
- Data From Social Networks
User information from social networking sites, such as LinkedIn and Facebook including your first and last name, your social network username, location, gender, birth date, email address, profile picture, and public data for contacts, if you connect your account to such social networks.
- Mobile Device Data
Device information, such as your mobile device ID, model, and manufacturer, and information about the location of your device, if you access the Site from a mobile device.
Communications you send to us (for example, when you ask for support, send us questions or comments, or report a problem); and Information that you submit on or to Shelf in the form of comments, contributions to discussions, or messages to other users.
USE OF YOUR INFORMATION
Having accurate information about you permits us to provide you with a smooth, efficient, and customized experience. Specifically, we may use information collected about you via the Site to:
Assist law enforcement and respond to subpoena.
Compile anonymous statistical data and analysis for use internally or with third parties.
Create and manage your account.
Email you regarding your account or order.
Enable user-to-user communications.
Fulfill and manage purchases, orders, payments, and other transactions related to the Site.
Generate a personal profile about you to make future visits to the Site more personalized.
Increase the efficiency and operation of the Site.
Monitor and analyze usage and trends to improve your experience with the Site.
Notify you of updates to the Site.
Perform other business activities as needed.
Prevent fraudulent transactions, monitor against theft, and protect against criminal activity.
Process payments and refunds.
Request feedback and contact you about your use of the Site.
Resolve disputes and troubleshoot problems.
Respond to product and customer service requests.
DISCLOSURE OF YOUR INFORMATION
We may share information we have collected about you in certain situations. Your information may be disclosed as follows:
By Law or to Protect Rights
If we believe the release of information about you is necessary to respond to legal process, to investigate or remedy potential violations of our policies, or to protect the rights, property, and safety of others, we may share your information as permitted or required by any applicable law, rule, or regulation. This includes exchanging information with other entities for fraud protection and credit risk reduction.
Third-Party Service Providers
We may share your information with third parties that perform services for us or on our behalf, including payment processing, data analysis, email delivery, hosting services, customer service, and marketing assistance, etc.
With your consent, or with an opportunity for you to withdraw consent, we may share your information with third parties for marketing purposes, as permitted by law. Marketing emails from Shelf give you the ability to “opt out”. If you opt out, we may still send you non-marketing emails. Non-marketing emails include emails about your accounts and our business dealings with you that are necessary for fulfilling our obligations to our customers.
Interactions with Other Users
If you interact with other users of the Site, those users may see your name, profile photo, and descriptions of your activity, including sending invitations to other users, chatting with other users, liking posts, following blogs.
We may use third-party advertising companies to serve ads when you visit the Site. These companies may use information about your visits to the Site and other websites that are contained in web cookies in order to provide advertisements about goods and services of interest to you.
We may share your information with our business partners to offer you certain products, services or promotions.
Other Third Parties
We may share your information with advertisers and investors for the purpose of conducting general business analysis. We may also share your information with such third parties for marketing purposes, as permitted by law.
Sale or Bankruptcy
We are not responsible for the actions of third parties with whom you share personal or sensitive data, and we have no authority to manage or control third-party solicitations. If you no longer wish to receive correspondence, emails or other communications from third parties, you are responsible for contacting the third party directly.
Shelf securely stores your data at AWS file system storage and databases, which are encrypted by Transparent Data Encryption standard (TDE) and Advanced Encryption Standard (AES) technologies in accordance.
We will retain your personal information for no longer than is necessary to fulfill the purposes for which the information was originally collected unless a longer retention period is required or permitted by law, for legal, tax or regulatory reasons, or other legitimate and lawful business purposes.
Where we have no ongoing legitimate business need to process your personal information, we will either delete, aggregate or otherwise anonymize it.
- Cookies and Web Beacons
- Website Analytics
You should be aware that getting a new computer, installing a new browser, upgrading an existing browser, or erasing or otherwise altering your browser’s cookies files may also clear certain opt-out cookies, plug-ins, or settings.
- Third-party websites
SECURITY OF YOUR INFORMATION
We use administrative, technical, and physical security measures to help protect your personal information. While we have taken reasonable steps, including contractual restrictions and physical, electronic and administrative safeguards such as firewalls, data encryption, SSL and other up-to-date technologies, to secure the personal information you provide to us.
Please be aware that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse. Any information disclosed online is vulnerable to interception and misuse by unauthorized parties. Therefore, we cannot guarantee complete security if you provide personal information.
Regardless of that, Shelf takes reasonable and appropriate measures to protect data from loss, misuse and unauthorized access, disclosure, alteration and destruction.
POLICY FOR CHILDREN
We do not knowingly solicit information from or market to children under the age of 16. If you become aware of any data we have collected from children under age 16, please contact us using the contact information provided below.
CONTROLS FOR DO-NOT-TRACK FEATURES
OPTIONS REGARDING YOUR INFORMATION
- Account Information
You may at any time review or change the information in your account or terminate your account by:
Logging into your account settings and updating your account
Contacting us using the contact information provided below
- Emails and Communications
If you no longer wish to receive correspondence, emails, or other communications from us, you may opt-out by:
Logging into your account settings and updating your preferences.
Contacting us using the contact information provided below.
If you no longer wish to receive correspondence, emails, or other communications from third parties, you are responsible for contacting the third party directly.
- Personal Information
You may send requests about personal information firstname.lastname@example.org. You can request to change contact choices, opt-out of our sharing with others, and update your personal information.
We strive to provide you the tools to update your personal information. If you are unable to correct inaccurate information on your own, you may request our assistance to update such information by contacting email@example.com.
Shelf relies on SCCs (Standard Contractual Clauses) as a framework for allowing lawful export of personal data from the European Economic Area, Switzerland, and the U.K. to the U.S.
You can obtain Shelf’s current Data Protection Agreement, including the Standard Contractual Clauses by sending an email to firstname.lastname@example.org. If you need to have a DPA signed, please reach out to the very same address noted above. Please allow up to 45 hours for us to respond to your request.
Shelf continues to closely monitor the situation in the EU with regard to personal data transfers.
Attn: Data Protection Officer
Address: 175 Atlantic St., Stamford, CT 06901, USA
Phone number: + 1(833) 200 8222 (toll free)