Last Updated: January 1, 2021
Thank you for visiting us at carolscookies.com!
First, you should know that this service (including all websites and other Sites) is operated by Carol’s Cookies, Inc. (“Carol’s Cookies” or “us”, “we” and related terms), an Illinois corporation, with its principal office at 3184 MacArthur Blvd., Northbrook, IL 60062. Our contact information is below.
You can reach us at:
Carol’s Cookies, Inc.
3184 MacArthur Blvd.
Northbrook, IL 60062
1. The Scope of this Policy
2. Third Party Features, Links and Privacy Policies
3. The Types of Information That We Collect and How We Collect It
To provide our products and services, we collect data which are not personally identifiable (“Anonymous Data”) and also data which either alone or in conjunction with other data could be used to identify an individual or household (referred to as “Personal Data”). Collectively, Anonymous Data and Personal Data are referred to herein as “Data.” Data may be collected in the following ways:
A. Account and Transaction Data: We collect Personal Data that is provided to us voluntarily either via direct communications (e.g., email) or through our Sites, such as when a User registers for the service. We use this data to provide our services to you; and we may also use this data to contact Customers and/or Users for limited marketing or product communication purposes (subject to the provisions herein). The data collected include common categories of contact information (e.g., name, email address, telephone number, username, password and zip code), and may also include certain account administration information (e.g., invoice and shipment information), your purchase history, information about items in your online shopping cart when you place an order with us online or place product in your online shopping cart.
B. Site Usage Data: We collect certain Site/service utilization data through the use of tracking technologies (including cookies, as detailed below) and the data collected can include both Anonymous Data (e.g., how a Site is used) and Personal Data. We refer to this data as “Site Usage Data.” We use these Site Usage Data to understand how our Sites and services are used, to improve our Sites and services, and to protect the integrity and security of our Sites and services. Site Usage Data include:
(1) Device data. Information about the computer or mobile device you use to access the Site(s). This may include technical information transmitted by your device such as the browser used, the device model and operating system, language preference, device location, unique device identifiers, and the Internet Protocol (IP) address through which you accessed the Site.
(2) Site Use Activity. Information regarding your activity on the Site(s) such as the time and frequency of access, a referrer page domain, pages viewed, and interactions between the User and the Site.
If your device settings allow us, we may also collect information about your location or geolocation information when you use our mobile application. For more information about how you can control the collection of local information and to set your preferences, please see “Your Choices” below.
C. Other Information you Choose to Provide: We collect information you choose to provide, such as your contact and marketing preferences, brand and merchandise interests, and communications and interactions (which may include email messages, chat sessions, text messages or phone calls with you) when you sign up for emails and marketing, participate in a survey, promotion or interactive area of a Site, or when you request technical or customer support or contact us.
D. Information we Collect from Social Media Platforms: We may obtain information about you from social media platforms that you use in connection with our Sites, or that share or allow you to share information with us, such as Facebook, Twitter, Pinterest, and Instagram. For example, if you post content to feeds on third-party social media sites or use social media platforms in connection with the Sites, if you use credentials (e.g., username and password ) from a third party site to create or log into your account on the Sites, or if you like us or follow us on social media platforms, we may collect the information that you share with us, or that those social media platforms share with us in accordance with their privacy policies and privacy settings. For more information about social media platform privacy practices, please review the privacy policies and settings of the social media platforms and networks that you use. You may update your privacy settings on each social media platform directly.
If we combine Personal Data with Anonymous Data, the combined information will be treated by us as Personal Data for as long as it remains combined.
4. Cookies and Other Automated Tracking Technologies
We may use the following types of cookies on the Sites:
A. “Convenience” cookies: These cookies can store ‘persistent’ information like registration information for use on later visits to the Sites. You may be able to configure your browser to block/delete these cookies; but if you do, you will have to (e.g.,) input the account-related information every session.
• You may have the option to opt out of convenience cookies (if applicable) when you visit our Sites.
B. “Analytics” Cookies: Cookies which help us to determine usage patterns of our web pages by collecting information about how visitors use our Site.
More specifically, we use a tool called Google Analytics for aggregated and anonymized website traffic analysis. In order to track your session usage, Google places a cookie with a randomly generated Client ID number in your browser. This ID number is anonymized and contains no identifiable information like email, phone number, name, etc. Google also has access to your IP address. In addition, Google may install additional cookies (e.g., Google fonts, Google tag manager). We use Google Analytics to track aggregated website behavior, such as what pages you looked at, for how long, and so on. This information is important to us for improving the user experience and determining site effectiveness.
C. “Necessary” Cookies: These cookies are essential for you to browse a website and use its features, such as accessing secure areas of the site. Cookies that allow web shops to hold your items in your cart while you are shopping online are an example of strictly necessary cookies.
D. “Third-party” Cookies: These cookies are set by other online services that run content on the page you view on your browser. For example, if you click on a Facebook “like” button, the underlying code may store a cookie on your computer that can later be accessed by Facebook and may be able to track other sites that you visit.
E. Web Beacons: We may also collect information using Web beacons, which are small images embedded into websites or emails that send information about your computer, mobile phone, or other device when you visit our Sites, use our mobile application, or open an email we send to you.
Please see “Your Choices” below to manage the use of these Cookies.
5. How We Use the Data that We Collect
A. Provide Products and Services to you: We use it to provide the services to you, facilitate account creation and one-click orders, provide memberships and subscriptions, provide maintenance and support (including by sending you confirmations, security alerts, support and administrative messages), and to improve our services and the Sites. We also use anonymized, de-identified and aggregated data generated by the services to provide insights to our customers.
B. Further our Business Purposes: We use it to operate, improve upon and expand our business and lawful business activities; to maintain our programs, accounts, and records; for research; to detect and prevent fraud or misuse of our services; and for any other business purpose that is permitted by law.
C. Customize and Enhance your Experiences with Us: We use it to remember and categorize your interests and preferences; customize the products and services we share with you through direct marketing; communicate with you about the Site(s), services, products, offers, promotions, surveys, events and other news and information we think may be of interest to you and contact you for feedback.
D. Respond to You: We use it to respond to you, such as when you place an order, call us, make a request or inquiry, complete a survey, participate in contests or share a comment or concern.
E. Engage with Service Partners: By necessity, we may share certain Data with third party service partners which are under contract with us and which perform Site-related functions on our behalf (“Service Partners”). Service Partners include certain cloud-based service providers (listed below) that provide aspects of the Sites’ functionality (e.g., application hosting, cloud-based storage) other technology service providers and third parties that furnish us with products and services and provide services such as shipping, fulfillment and payment processing.
Service Partners include the following:
• Google Analytics: See previous section.
All usage of the Sites will be subject to the privacy policies and terms of service maintained by the applicable Service Partner(s). If you object to the privacy practices of any Service Partner(s), please inform us, and please do not use the Sites or our Services.
F. For Legal Purposes: We also reserve the right to disclose Data or any information submitted via Sites if we have a good faith belief that disclosure of such information is reasonably necessary to: (i) comply with any applicable law, regulation, legal process or governmental request; (ii) enforce our policies, including investigations of potential violations thereof; (iii) investigate, detect, prevent, or take action regarding illegal activities or other wrongdoing, suspected fraud or security issues; (iv) establish or exercise our rights to defend against legal claims; (v) prevent harm to our rights, property or safety (or the same interests of our Users or any third party) or (vi) to notify you of any product recalls or other safety concerns.
G. For Other Purposes: We may share personal information with third parties for other purposes. For example, we share personal information with the Website, if you provide comments or reviews on our services or products on social media platforms.
H. No Sale or Sharing: Except Data that we share out of necessity with our service partners (see Section 5.E, above), Data that may be generated by certain cookies (see Section 4, above), and for the purposes listed in Section 5.G above, we do not rent, sell, or share Data with third parties for third-party marketing or advertising purposes.
We may use non-personally identifiable information such as demographic data to analyze and develop our marketing strategy and maintain and further improve the Sites and our services.
Please see the “Your Choices” section for information about the choices you have about the sharing of your information.
6. Your Choices
A. Google Analytics: If you would like to opt out of Google Analytics on a per browser basis, please see above.
B. Cookies: Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject browser cookies and web beacons. Managing cookie preferences is different on each browser so refer to your specific browser for further information. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of the Site(s). If you set your browser to refuse all cookies, please contact us directly if you have trouble placing your order. We will store your cookie preferences until you clear your browsing cache. You may change your preferences at any time.
C. Social Media: You should review your privacy settings and options directly with each of the social media platforms and networks that you access to determine your options and choices about sharing information from these sites with us.
D. Email and Phone Communications: You may choose during the account registration process on the Site(s), or otherwise, to provide us with your email address for the purpose of allowing us to send newsletters, surveys, offers, and other materials related to our products and services. You may opt out of receiving these promotional communications from us by following the instructions in those communications (such as by using an “unsubscribe” link in an email or texting “STOP” in response to a text message you receive) or by contacting us at the contact information provided above. Even if you opt out, we may still send you non-promotional communications, such as those about your account or our ongoing business relations.
E. Location Information: We may collect information about your actual location when you use our mobile applications. You may stop the collection of this information at any time by changing the settings on your mobile device but note that some features of our mobile applications may no longer function if you do so.
F. Account Information: You may update, correct or modify information about you at any time by logging into your online account or by contacting us at the contact information provided above. If you wish to deactivate your account, please email us at firstname.lastname@example.org, but note we may continue to store information about you as required by law or for legitimate business purposes.
7. Measures Adopted by Carol’s Cookies to Protect Privacy Interests
A. Data Inventory/Mapping: We have assessed our data practices and systems to assure that we understand the personal data that may be collected via our Sites and how it may flow through our services and technology platform. We prioritize privacy concerns in the design phase of all new features for our platform.
B. Data Retention: We only collect and process those data that we need to perform the Services or as otherwise described in this policy. We have adopted policies that require us to delete or anonymize all data that are no longer required for the performance of the Services
C. Security of Data and Processing: We have implemented measures that are designed to limit access to personal data to our authorized individuals and are designed to prevent the loss or corruption of data. We have implemented commercially reasonable data security technologies designed to preserve the security of all data collected and/or processed on our platform, including encryption for all such data in transit and at rest when applicable.
Please understand, however, that no security system is impenetrable or perfectly secure. We cannot guarantee the security of our databases, nor can we guarantee that the information you supply will not be intercepted while being transmitted to or from us over the Internet. As a result, you use the Sites at your own risk. When registering with us on the Sites, we encourage you to choose passwords of sufficient length and complexity, install the latest security updates and anti-virus software on your computer to help prevent malware and viruses, not share your password with others, and review your account information periodically. If there is any unexpected activity or inaccurate information or if you have reason to believe that your information is no longer secure, please contact us using the contact information provided above.
8. Other Terms
A. Transfer of Assets: If another entity acquires us or acquires all (or substantially all) of our assets, the Data in our platform will be transferred to and used by this acquiring entity. Also, if any bankruptcy or reorganization proceeding is brought by or against us, all such information may be sold or transferred to third parties.
B. Minors and Privacy: The Sites are not directed toward, or intended for use by, individuals under age 18. We do not knowingly collect information from anyone under age 18. If you are under the age of 18, please do not use the Sites and do not register with, order or purchase from, or provide any personal information to, us. If you are under the age of 18, you should use the Sites only with the involvement of a parent or legal guardian and should not submit any personal information to us.
C. Third Party Sites and Links: We are not responsible for the privacy practices and/or security practices employed by any third-party websites or service, including but not limited to any such sites or services that may be linked to or referred to in any way on the Sites.
If you are a user from a country outside the United States, and you choose to access the Sites, you are deemed to consent to the transfer of any personal information you disclose from the country from which you reside or from which you access the Sites to United States.
E. Do Not Track: Some web browsers may transmit “Do Not Track” signals to websites visited by the user. The Sites may not respond to web browser-based “do not track” signals.
F. Biometric ID Processing: Carol’s Cookies does not use any technologies (e.g., face recognition) that are designed to identify an individual based on data (e.g., photographs, videos) collected/processed by the system.
H. California Residents: If you are a California resident, California law may provide you with additional rights regarding our use of your personal information. California’s “Shine the Light” law permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information, if any we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal data in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to use using the contact information provided above. Please allow up to 45 days for a response.