Privacy Policy

This privacy policy has been compiled to better serve those who are concerned with how their ‘Personally Identifiable Information’ (PII) is being used online. PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website.

Who we are?

Our website address is:
https://www.photo4less.com

Our mailing address is:
Photo 4 Less Inc.
1833 54th Street
Brooklyn, NY 11204

What personal information do we collect from the people that visit our blog, website or app?
When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, mailing address, phone number, credit card information or other details to help you with your experience.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

When do we collect information?
We collect information from you when you register on our site, place an order, subscribe to a newsletter, respond to a survey, fill out a form, Use Live Chat, Open a Support Ticket, leave a comment/review/question or enter information on our site.
Provide us with feedback on our products or services. If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:

• To personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested.
• To improve our website in order to better serve you.
• To allow us to better service you in responding to your customer service requests.
• To administer a contest, promotion, survey or other site feature.
• To quickly process your transactions.
• To ask for ratings and reviews of services or products
• To follow up with them after correspondence (live chat, email or phone inquiries)

How do we protect your information?
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible. We use regular Malware Scanning. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology. We implement a variety of security measures when a user places an order enters, submits, or accesses their information to maintain the safety of your personal information. All transactions are processed through a gateway provider and are not stored or processed on our servers.

Do we use ‘cookies’?
Yes.

If you leave a comment on our site you may opt-in to save your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year. If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed. If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

We use cookies to:

• Help remember and process the items in the shopping cart.
• Understand and save user’s preferences for future visits.
• Keep track of advertisements.

Embedded content on our site
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since the browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website. Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

How long we retain your information
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue. For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

If users disable cookies in their browser:
If you turn cookies off, Some of the features that make your site experience more efficient may not function properly. Some of the features that make your site experience more efficient and may not function properly.

Third-party disclosure
We do not sell, trade, or otherwise, transfer to outside parties your Personally Identifiable Information unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when it’s release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property or safety.
However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.

Third-party links
Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We, therefore, have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.

Google
Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users. https://support.google.com/adwordspolicy/answer/1316548?hl=en

We use Google AdSense Advertising on our website.
Google, as a third-party vendor, uses cookies to serve ads on our site. Google’s use of the DART cookie enables it to serve ads to our users based on previous visits to our site and other sites on the Internet. Users may opt-out of the use of the DART cookie by visiting the Google Ad and Content Network privacy policy.

We have implemented the following:

• Remarketing with Google AdSense
• Google Display Network Impression Reporting
• Demographics and Interests Reporting
• DoubleClick Platform Integration

We, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website.

We collect information about you during the checkout process on our store.

What we collect and store

While you visit our site, we’ll track:

• Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
• Location, IP address, and browser type: we’ll use this for purposes like estimating taxes and shipping
• Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!

We’ll also use cookies to keep track of cart contents while you’re browsing our site.

When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:

• Send you information about your account and order
• Respond to your requests, including refunds and complaints
• Process payments and prevent fraud
• Set up your account for our store
• Comply with any legal obligations we have, such as calculating taxes
• Improve our store offerings
• Send you marketing messages, if you choose to receive them

If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.

We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for XXX years for tax and accounting purposes. This includes your name, email address, and billing and shipping addresses.

We will also store comments or reviews if you choose to leave them.

Who on our team has access

Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:

• Order information like what was purchased, when it was purchased and where it should be sent, and
• Customer information like your name, email address, and billing and shipping information.

Our team members have access to this information to help fulfill orders, process refunds and support you.

What we share with others

We share information with third parties who help us provide our orders and store services to you; for example —

Payments

We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information.

Please see the PayPal Privacy Policy for more details. We also accept payments via Authorize.net – which is connected via API from our servers to theirs and it’s protected by an Extended SSL 256bit Certificate and backed by a $100,000 protection.

This includes the basics of what personal data your store may be collecting, storing and sharing. Depending on what settings are enabled and which additional plugins are used, the specific information shared by your store will vary.

Eye4Fraud, receives every credit card transaction and verifies if the charge is a legitimate charge.

What the Plugin Does

• When a user adds a product to cart and doesn’t complete their purchase within a specified time, their cart will be considered as abandoned
• An email will be sent to the user who has abandoned the cart. The user can complete the purchase by clicking the purchase link provided in the email
• The user can unsubscribe from the abandoned cart emails using the unsubscribe link provided in the emails.

What we collect and store

– Email ID

For logged in users, their registered email id will be recorded. For guests, email id will be recorded from the email id field on the checkout page. The email id obtained will be used for sending abandoned cart emails.

– User First Name and Last Name

For logged in users, their first name and last name will be obtained from their profile. For guests, their first name and last name will be obtained from the first name and last name fields on the checkout page. The name obtained will be used in the abandoned cart emails.

– Phone Number

For guests, their phone number will be recorded from the phone number field on the checkout page.

– Cookies

We use cookies to

• Track the orders which were recovered using the purchase link provided in the abandoned cart emails.
• Capture the carts abandoned by guests

– IP Address

We record the IP address of guests to differentiate one guest user from an another user

Opting out:
Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt-out by visiting the Network Advertising Initiative Opt-Out page or by using the Google Analytics Opt-Out Browser Add-on.

California Online Privacy Protection Act
CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting Personally Identifiable Information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared. – See more at http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf

According to CalOPPA, we agree to the following:
Users can visit our site anonymously. Once this privacy policy is created, we will add a link to it on our homepage or as a minimum, on the first significant page after entering our website. Our Privacy Policy link includes the word ‘Privacy’ and can easily be found on the page specified above. You will be notified of any Privacy Policy changes:

California Personal Data Rights

If you are a California resident, you have the right to receive: (a) information identifying all third-party companies to whom Photo4Less may have disclosed, within the past year, Personal Information pertaining to you and your family for that company’s direct marketing purposes; and (b) a description of the categories of Personal Information disclosed. To obtain this information, please email your request.

You can change your personal information:

• By emailing us
• By calling us
• By logging in to your account
• By chatting with us or by sending us a support ticket

We will need to verify that you are indeed this person by confirming your email address on file or by emailing us your Government Issued Photo ID card.

What rights you have over your data
If you have an account on this site or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes. When we delete any information upon proper request, it will be deleted from the active database, but may remain in our archives or backups. We may also retain your information for fraud prevention or similar purposes.

How does our site handle Do Not Track signals?
We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.

Does our site allow third-party behavioral tracking?
It’s also important to note that we allow third-party behavioral tracking. And, Visitor comments may be checked through an automated spam detection service.

COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.

We do not specifically market to children under the age of 13 years old.

Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:

• We will notify you via email: Within 7 business days
• We will notify the users via in-site notification: Within 7 business days

We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.

CAN-SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

We collect your email address in order to:

• Send information, respond to inquiries, and/or other requests or questions
• Process orders and to send information and updates pertaining to orders.
• Send you additional information related to your product and/or service
• Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.

To be in accordance with CAN-SPAM, we agree to the following:

• Not use false or misleading subjects or email addresses.
• Identify the message as an advertisement in some reasonable way.
• Include the physical address of our business or site headquarters.
• Monitor third-party email marketing services for compliance, if one is used.
• Honor opt-out/unsubscribe requests quickly.
• Allow users to unsubscribe by using the link at the bottom of each email.

The General Data Protection Regulation (GDPR) – EU Residents:

An EU resident has a right to a copy of all the data you’ve collected about him or her, ideally in an electronic format. This includes information like name, address, and phone number, along with less obvious things like shipment tracking numbers or VAT IDs.

By sending us multiple requests from the same customer, we are permitted under the law to assess a reasonable fee. Send us one request via our Contact Us page, we will respond usually between 1 or 2 business days. Please note, that our company is based in New York State, United States. So based on ‘our’ location timezone, holidays. Check our website for any notices if the company has a personal holiday. It will usually be displayed on the TOP section of the Home Page with the updated information. As with Right to Erasure requests, we will comply as long as this does not include any data we are obliged to keep for administrative, accounting, legal, financial or security purposes. When we delete any information upon proper request, it will be deleted from the active database, but may remain in our archives or backups. We may also retain your information for fraud prevention or similar purposes.

If at any time you would like to unsubscribe from receiving future emails, you can email us at

• Follow the instructions at the bottom of each email. and we will promptly remove you from ALL correspondence.

Contacting Us
If there are any questions regarding this privacy policy, you may contact us using the information below.

Photo 4 Less Inc.
1833 54th Street
Brooklyn, NY 11204
USA

Email: customer (at) photo4less (dot) com (Customer Service)
Website: Our Contact Us Page
Phone: +1-718-851-3510 (USA – New York)

Last Edited on 2018/10/31