Last Updated: March 2021
Effective: April 2021
Your privacy is important to us at Hyperlite Mountain Gear (“HMG”, “we”, “us” or our”). We understand that you provide personal information in the course of doing business with us online, by mail and by telephone. So that you understand how we operate to protect this information, the following is a description of our policies on collecting and protecting the information you provide to us.
This policy describes the types of information we may collect from you or that you may provide when you visit the website www.hyperlitemountaingear.com (our “Website”), make a purchase or otherwise interact with Us, as well as our practices for collecting, using, maintaining, protecting, and disclosing that information. This policy also describes your rights and choices regarding your personal information.
- On this Website.
- When you make a purchase.
- In email, text, and other electronic messages between you and this Website.
- When you contact us (via our Website, email or telephone)
- Us offline or through any other means, including on any other website operated by Company or any third party; or
- Any third party, including through any platform, application or content (including social media or advertising) that may link to or be accessible from the Website.
WHAT INFORMATION DO WE COLLECT?
We collect information from you when you register on our Website, place an order, subscribe to our newsletter, respond to a survey, or fill out a form.
When ordering or registering on our Website, as appropriate, you may be asked to enter your: name, e-mail address, mailing address, phone number, or credit card information. When you register and open an account, you will be asked to create a login ID and unique password. You may, however, visit our Website without registering. In any event, we collect the following information from all users:
- Device information (IP address, browser type and language, operating system)
- Log data of interactions with our Website (pages viewed, time spent, number of clicks, domain names, data and time of interactions)
- Purchase history (if any)
- Cookies and other tracking technologies (as described below)
We may receive personal information about you from a social media platform if you connect to the Website through that service or platform.
When you purchase an item in our online store, your credit card or debit card information is collected directly by a third-party payment processor. We have no access to this personal information.
Sensitive Information - We ask that you not send us, and you not disclose to us, any “sensitive” personal information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background or trade union membership) on or through our Website or otherwise.
WHAT DO WE USE YOUR INFORMATION FOR?
Any of the information we collect from you may be used in one of the following ways:
- To process transactions between you and us;
- To personalize your experience (information about you helps us to better respond to your individual needs);
- To improve our Website (we continually strive to improve our website offerings based on the information and feedback we receive from you);
- To improve customer service (information about you helps us to more effectively respond to your customer service requests and support needs);
- To administer a contest, promotion, survey or other Website feature; and
- To market our products and services. We may use information about you to provide you with materials about offers, products, and services from us that may be of interest. We may provide you with these materials by phone, postal mail, text, email or other means, as permitted by applicable law.
Other uses include:
- To tailor content, advertisements, and offers;
- To notify you about offers, products, and services that may be of interest to you;
- To develop and provide products or services to you and our partners;
- For other purposes disclosed at the time information is collected; or
- Otherwise with your consent
HOW DO WE PROTECT YOUR INFORMATION?
We implement a variety of security measures to maintain the safety of your personal information when you place an order or access your personal information.
We offer the use of a secure server. All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our payment gateway providers database only to be accessible by those authorized with special access rights to such systems and are required to keep the information confidential. After a transaction, your private information (credit card, etc.) will not be stored on our servers.
Please be aware though that, despite our best efforts, no security measures are perfect or impenetrable, and we cannot guarantee “perfect security.” Any information you send us through any means is transmitted at your own risk.
If you register and open an account with us, you are advised not to provide your login ID and password to any other person. We cannot be responsible if your login ID and password are used by unauthorized persons.
HOW LONG DO WE RETAIN YOUR INFORMATION?
We will retain your personal information for as long as needed or permitted in light of the purpose(s) for which it was obtained and consistent with applicable law. The criteria we use to determine our retention periods include:
- The length of time we have an ongoing relationship with you and provide the services to you (for example, for as long as you have an account with us or keep using our Website);
- Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or
- Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
DO WE DISCLOSE ANY INFORMATION TO OUTSIDE PARTIES?
We may provide the information we collect to third parties who assist us in operating our Website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. More specifically, we may share personal information as follows:
- With authorized service providers for business purposes. These trusted third parties who assist us in operating our Website, conducting our business, or servicing you, include: (i) payment processors; (ii) data analytics vendors; (iii) security vendors; (iv) website hosting vendors; (v) email marketing providers; and (vi) professional advisors (e.g., auditors, law firms, or accounting firms). These service providers receiving this information assist us with many different functions and tasks, such as: (i) processing and fulfilling orders and returns; (ii) providing customer service and customer relationship management services; (iii) providing data storage and disaster recovery services; (iv) processing payments; (v) communicating with you; (vi) securing our Website and services and preventing fraud; (viii) running analytics and better understanding user interaction with the services; and (ix) promoting our products and services.
- For legal reasons and to protect our or others’ rights, property, or safety. We may also share information about you in response to a legal obligation or when we believe that it is necessary to share information about you to (i) comply with the law, or any obligations thereunder (e.g., cooperation with law enforcement, judicial orders, and regulatory inquiries), (ii) enforce site policies, (iii) protect our or others’ rights, property, or safety, or (iv) exercise or defend legal claims.
- In connection with an asset sale, merger, bankruptcy, or other business transaction. We may share information about you while negotiating or in relation to a change of corporate control such as a restructuring, merger, or sale of our assets.
- To ensure the safety and security of HMG, our Website and/or our users and customers.
- When you request us to share certain information with third parties.
We sometimes share the information we collect with other reputable companies and you may be contacted by these companies regarding co-marketing or co-promotions. You can, however, request at any time for your personal information not to be shared for these purposes by emailing us at email@example.com.
Non-personally identifiable visitor information may be provided to other parties for marketing, advertising, analytics or other uses.
The following types of cookies are deployed on the Website:
- Necessary Cookies: These cookies are strictly necessary to provide the Website. For example, they are used to authenticate and identify returning users.
- Preference Cookies: These cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region where you are located.
- Performance and Functionality Cookies: These cookies provide statistical information on site usage, such as web analytics. They also help us to personalize and enhance your online experience.
- Advertising and Marketing Cookies: These cookies are used to create profiles or personalize content to serve you interest-based advertisements that we think are most relevant to you. These cookies and resettable device identifiers use information about your use of this and other websites and apps, your response to ads and emails, and to deliver ads that are more relevant to you.
Just like any other usage information we collect, information from cookies allows us to improve the Website and customize your online experience. You can set your browser to accept all cookies, reject all cookies, or notify you when a cookie is set. See www.allaboutcookies.org to learn how to disable cookies on your browser or otherwise opt out of cookies. if you set your browser to disable all cookies or opt out, some features of the Website may not function properly. A full list of the cookies on our Website is available below (“Cookies Information”).
Other Tracking Technologies -- Like many websites, we may use standard Internet technology, such as web beacons, site tags, clear GIFs and other similar technologies, to collect and maintain information about your activity when visiting the Website and or other websites, as well as third-party websites. We also may include web beacons or pixels in advertisements and promotional e-mail messages to determine whether advertising or messages have been acted upon. The information we obtain in this manner enables us to customize the services we offer our visitors to deliver interest-based advertisements and to measure the overall effectiveness of our online advertising, content, programming or other activities.
DO NOT TRACK SIGNALS
Some web browsers and devices allow you to broadcast a preference that your activities online not be “tracked”. At this time, our Website does not honor these “do not track” signals.
LOCATED IN THE UNITED STATES
HMG and our Website are owned and operated in the United States (US) and are governed by US law. If you are outside the US when you visit our Website, purchase a product, or engage in communications with us, be aware that your personal information may be transferred to, stored, and processed by our data centers in the United States. Any information you provide to us, or that we collect through your use of the Website or services, will be stored, processed, and transferred within, or to, the United States. Please be aware that the United States and jurisdictions other than the one in which you are located may not provide the same level of data protection as the location from which you are accessing the Website. Note also that your personal information may be available to the US Government or its agencies under legal processes in the US.
EEA AND UK PRIVACY RIGHTS
For residents of the European Economic Area (EEA) and United Kingdom (UK), we advise that your personal information will be transferred to and processed in the United States, which has data protection laws that are different than those in your country and may not be as protective. The United States has not sought or received a finding of “adequacy” from the European Union under Article 45 of the General Data Protection Regulation (GDPR).
Our legal basis for collecting and using your personal information is to do so with your consent; where we need the Personal Information for performance of a contract or requested service, or where the collection and use is in our or another’s legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect the personal information in question. If we collected your personal information with your consent, you may withdraw your consent at any time by contacting us at firstname.lastname@example.org.
Our retention of your personal information and any subsequent communications are based on our legitimate interest in providing you with new and potentially relevant materials based on your geography, role, or company. As always, you can elect to opt out from receiving such future communications.
To the extent that we transfer personal information from the EEA or UK to a jurisdiction outside the EEA or UK that has not been adduced by the European Commission as providing adequate data protections (such as the United States), we will ensure that such personal information is safeguarded through appropriate contractual terms or other approved mechanisms.
The GDPR provides individuals in the EEA or UK certain rights regarding their collected personal information. An individual may exercise these rights by making a request to HMG (a “Data Rights Request”). Data subject rights include:
- Access to a copy of the personal information retained by us
- Erasure of personal information retained by us (this right is also referred to as the "right to be forgotten")
- Ceasing processing activities of personal information by or behalf of HMG based on some objection;
- Rectification(correction) of personal information retained by us
- Restriction of the processing activities for personal information by us
- Portability of personal data from us to another entity;
- Excluding the individual from automated decision-making by us; and
- Removing the individual from any direct marketing by us
Please direct any Data Subject Requests to us at email@example.com. We will respond as described below.
We will make an initial assessment of any Data Rights Request to assess whether HMG is the data controller or a data processor and will verify that the request is valid. Any Data Rights Request must be made by the individual about whom the personal information pertains and further verification of identity may be required.
If it is determined that a customer or other third party is the data controller in relation to a Data Rights Request, we will notify the appropriate data controller of the request as soon as possible and will assist the data controller with complying with such request (in accordance with any contract terms or other obligations outlined by applicable data protection law). However, if it is determined that we are the data controller in relation to a Data Rights Request, the requestor will be contacted to confirm receipt of the request and seek confirmation of identity (if not already validated).
Data Subject Requests will be responded to without undue delay and no later than one (1) month following receipt of the request. Where a request is particularly complex, additional time may be required. Where a request cannot be completed in the typical timeframe, we are entitled to extend the response period by up to two (2) additional months provided we give the requestor notice within the original timeframe of the intent to respond and the reason for the delay.
HMG is not permitted to charge for responding to a Data Rights Request unless the request is determined to be excessive and/or manifestly unfounded. In such cases and where we agree to respond to a request, a reasonable fee may be charged based on the administrative costs of providing the information or taking the action requested.
If you are not satisfied with our response, or believe we are processing your Personal Information in violation of the law, you have the right to lodge a complaint with a Supervisory Authority (also known as Data Protection Authority) or other appropriate governmental authority in your EEA Member State or UK. A list of Supervisory Authorities is available here: https://edpb.europa.eu/about-edpb/board/members_en.
CANADA PRIVACY RIGHTS
You may request access to or correction of your personal information, or withdraw consent to our collection, use or disclosure of your personal information, by contacting at firstname.lastname@example.org. These rights are subject to applicable contractual and legal restrictions and reasonable notice. We may take reasonable steps to verify your identity before honoring any such requests.
AUSTRALIA PRIVACY RIGHTS
For users who are residents of Australia, the collection and processing of your personal information is governed by the Australian Privacy Act of 1988 and Spam Act 2003.
- Our service providers assume the same obligations, where relevant, under the Privacy Act as apply to us.
- We will not use or disclose personal information to third parties for the purpose of our direct marketing to you unless you have consented to receive direct marketing. You may opt out of any marketing materials we send to you through the unsubscribe mechanism or by contacting us directly. If you have requested not to receive further direct marketing messages, we may continue to provide you with messages that are not regarded as "direct marketing" under the Privacy Act or Spam Act, including changes to our terms, system alerts, and other information related to your account.
- Our servers are located in the United States. In addition, we or our service providers may use cloud technology to store or process personal information, which may result in storage of data outside Australia.
- If you think the personal information we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading, we will take reasonable steps, consistent with our obligations under the Privacy Act, to correct that information upon your request. You can contact us at as provided below.
- If you are unsatisfied with our response to a privacy matter, then you may file a complaint with the Office of the Australian Information Commissioner (at https://www.oaic.gov.au/privacy/privacy-complaints/).
CALIFORNIA PRIVACY RIGHTS
California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to us using the contact information provided below.
If you are under 18 years of age, reside in California, and have provided your personal information to our Website, you have the right to request removal of unwanted data that you publicly post on the Website. To request removal of such data, please contact us using the contact information provided below, and include sufficient detail about the public post(s) and a statement that you reside in California. We will make sure the data is not publicly displayed on the Website, but please be aware that the data may not be completely or comprehensively removed from our systems, nor can we guarantee any cached or archived version of the Website will remove such data.
NEVADA PRIVACY RIGHTS
Nevada law (SB 220) requires website operators to provide a way for Nevada consumers to opt out of the sale of certain information that the website operator may collect about them. HMG does not sell your personal information to third parties as defined in Nevada law, and will not do so in the future without providing you with notice and an opportunity to opt-out of such sale as required by law.
CHOICES AND RIGHTS
Subject to applicable law, we will make reasonable efforts to ensure your collected personal information is accurate and complete and we will update or correct your information as needed when notified by you. In addition, you can manage your personal information through your account with us. If you would like to request access to your personal information, request to verify your personal information, identify any inaccuracy in your personal information, or change or delete your personal information, please contact us at email@example.com. Users in the United Kingdom or European Economic Area have the additional rights to request erasure of, restrict the processing of, or object to certain processing of their personal information, as well as to data portability, as described above. We strive to respond to these requests with 30 days or as required in accordance with applicable law.
Whenever you directly provide us with your personal information, please be sure it is accurate and complete. We cannot be responsible for any information you provide to us that is incomplete or incorrect.
We will not collect, use, or disclose your personal information in any ways or for any purposes that are materially different from those set forth herein. However, if we wish to do so in the future, we will obtain your consent first, and offer you the choice to opt-out of such proposed collection, use, or disclosure.
Promotional Messages – You can opt-out of our marketing or promotional communications by using the “Unsubscribe” feature at the bottom of each email or “STOP” in text messages from us or by requesting to opt out by emailing us at firstname.lastname@example.org and be placed on our do-not-contact list. Please note that you cannot opt out of receiving communications from us regarding transactional or administrative issues.
Interest-Based Advertising -- In some instances, you can opt-out of receiving interest-based ads from third party advertisers and ad networks. We do not control third parties' collection or use of your information to serve interest-based advertising. Advertisers and ad networks that are members of the Network Advertising Initiative (NAI) or who follow the Digital Advertising Alliance’s Self-Regulatory Principles for Online Behavioral Advertising provide opt-out choices at the following websites:
- NAI Website (US) (https://optout.networkadvertising.org/?c=1)
- DAA Website (US) (https://optout.aboutads.info/?c=2&lang=EN)
- EDAA Website (EEA) (https://www.youronlinechoices.com/)
Be advised that these opt-out tools are provided by third parties and may not be available with respect to all online advertising that is presented to you. We do not control or operate these tools or the choices that advertisers and others provide through these tools. Even if you opt out of receiving interest-based advertising, you may still receive generic ads.
Google Analytics - We use Google Analytics to help us manage and improve the Sites and Services. Google provides a Browser Add-On that allows you to opt-out by downloading and installing the add-on for your web browser. This is available here https://tools.google.com/dlpage/gaoptout.
Our Website may contain links to websites owned and controlled by others sites. We are not responsible for the privacy practices or the content of such Websites.
TERMS AND CONDITIONS
Please also visit our Terms and Conditions section establishing the use, disclaimers, and limitations of liability governing the use of our Website.
For users in the United States, the Website is not intended for children under 13 years old. You must be at least 13 years old to access and use the Website. We do not knowingly collect information from persons under 13 years of age. If you are under 13, you should not access our Website, create an account, or provide any information to us.
For users in the European Economic Area and United Kingdom, you must be at least 16 years old to access and use the Website. We do not knowingly collect information from persons under 16 years of age. If you are under 16, you should not access our Website, create an account, or provide any information to us.
If you believe that we might have collected any personal information from a child under 13 (in the US) or under 16 (in the EEA or UK), please email us at email@example.com.
From time to time, we may use consumer information for new, unanticipated uses not previously disclosed in our privacy notice. If our information practices materially change in the future, we will post notice of these changes on the Website homepage. The changes become effective 30 days thereafter. Your continued use of the Website constitutes your consent to these changes. We recommend you periodically check back to this page periodically.
Email us at firstname.lastname@example.org or write to us at: 40 Main St Suite 13-120, Biddeford, ME 04005