SHELF INC.

Privacy Policy

This page describes the Privacy Policy of The Shelf, a data-driven Influencer Marketing Company.

Effective Date: August 2, 2019

 

Welcome to The Shelf! Shelf Inc. (“The Shelf,” “us,” or “we”) provides a platform for brands and influencers to work together (the “Shelf Platform”). This includes our subsidiary, The Shelfie Experience, LLC, which is a physical makerspace that ties our digital services to the actual physical production of content by creators for our brand partners. Outlined in this privacy policy are the details of how The Shelf and its subsidiaries use your data when you sign up to use the services on the Shelf Platform or in The Shelfie Experience makerspace (we’ll refer to both of these as “Services,” “the Platform,” or “The Shelf Platform”). We value the privacy of everyone who uses the Shelf Services and we are fully committed to protecting any information that you provide us. It is important that you read this privacy policy so you are fully aware of how and why we are using your data.

If you have any questions or comments concerning this policy, please feel free to contact us.

I. THE PERSONAL DATA WE COLLECT

Personal data means any information about an individual user from which that person can be identified. The Shelf will only collect personal data about you with your consent. The only information collected by us is what has been provided by you, collected by us, or provided to us lawfully by third parties including social media platforms such as LinkedIn, Facebook, Instagram and Google.

The personal data we collect fall into the following categories:

Account Information includes first name, last name, username, password, and location. If you interact with us through social media, this may include your social media username.

Contact Information includes billing address, delivery address, email address and telephone number.

Profile Information includes details your username, your business name, your social media handles, as well as any additional profile data which has been added by you or us.

Financial Information includes payment details.

Transaction Information includes details about payments to and from you, and other details of the products/services purchased.

Your Content includes any information, material or content obtained by The Shelf from publicly available sources or third-party content providers and made available through your profile on the Shelf Platform. This includes your social media posts and blog posts across the channels that you include in your Shelf Platform profile as well as the information that you choose to post directly to the Shelf Platform.

Communications includes any communications that you make with us (via email, phone or through the Shelf Platform, or otherwise) or communications you make with other users.

Technical Information includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access the Services.

Usage Information includes information about how you use the Services.

Tracking Information includes information we or other parties collect about you from cookies and similar tracking technologies, such as web beacons, pixels and other identifiers.

Aggregated Information such as statistical or demographic data for any purpose. Aggregate Information may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity.

Marketing Information, which includes your preferences in receiving marketing from us.

We do not collect Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic biometric data). Nor do we collect any information about criminal convictions or offenses.

II. HOW WE COLLECT PERSONAL DATA

There are different methods in which we collect personal data from you.

Information that you provide us. You may give us your Account, Profile, Contact and Financial Information when registering for the Services or if you have previously provided us with this information prior to this Privacy Policy coming into effect, either directly from you or via a third party.

Automated Technologies or Interactions. When you use the Services, we may automatically collect Technical and Transactional Information, Communications, and Your Content, that may, in certain circumstances, constitute personal data. We may also collect Tracking Information when you use our Services. Some of the ways in which we or the Shelf Platform may collect are as follows:

  1. Cookies and other technologies. We may place a “cookie” on the hard drive of the device that you use to access the Services. Cookies are text files that are saved on the hard drive of your device by means of your browser, enabling us to recognize your browser for purposes of automatically authenticating and logging you into the Services, saving your preferences and directing information to you.
  2. Web Beacon. A “Web beacon,” also sometimes called a pixel tag or transparent GIF, is an object that is embedded in a web page. It is usually invisible to you, but allows website operators to check whether you have viewed a particular web page or email communication. We may place web beacons on our website, and in the emails we send to you.
  3. Analytics Tools. By using cookies and web beacons, Google Analytics collects and stores data such as time of visit, pages visited, time spent on each page of the website, the Internet Protocol address, and the type of operating system used in the devices used access the Service. You can opt out of Google Analytics by using a browser plugin provided by Google (http://www.google.com/ads/preferences/plugin/).
  4. Clickstream Data. When you use the Services, a trail of electronic information is left at each website you visit. This information is referred to as “Clickstream Data”, and can be collected and stored by a website’s server. All clicks and pages that our users click are collected to determine how much time a visitor spends on each page on the Shelf Platform, how users navigate the Shelf Platform and how we can tailor the Shelf Platform to meet the needs of our users. This information can be used to improve the Shelf Platform and our Services. Any collection or use of Clickstream Data will be anonymously aggregated, and will not intentionally contain any personal data.
  5. Location Data. The Shelf Platform, when given permission, will estimate the latitude and longitude coordinates of your IP address. We use this information to help us improve the relevance of search results.

Third Parties or Publicly Available Sources. We may also receive personal data about you from various third parties, including:

  • Technical and/or Tracking Information from analytics providers, advertising networks and search information providers;
  • Contact, Financial and Transaction Information from providers of payment and fraud prevention services;
  • Account and Contact Information from data partners; and
  • Data from third parties who are permitted by law or have your permission to share your personal data with us, such as via social media or review sites. We will only use your personal data when the law allows us to.

III. HOW WE USE YOUR PERSONAL DATA

We will never sell your personal data to third parties for their use or marketing purposes. The Shelf uses the personal data that we collect for the following purposes:

  1. To provide you with our Services. To provide you with the Services, communicate with you about your use of the Services, respond to inquiries, provide troubleshooting, and for customer service purposes.
  2. To Personalize the Services. To provide you with personalized content through the Services, to suggest partnerships between you and a brand and/or influencer, to personalize help and instructions, and to otherwise personalize your experience on the Services.
  3. Marketing and Promotional Use. For marketing and promotional purposes, such as to send you news and newsletters, special offers, and promotions, or to otherwise contact you about information we think may interest you.
  4. Analytics. To gather metrics to better understand how users access and use the Services, to evaluate and improve the Services, and to develop new product features.
  5. To Prevent Misuse. Where we believe it is necessary to investigate, prevent or take action regarding illegal activities, suspected fraud, or situations involving threats of safety to any person or a violation of our Terms of Use or this privacy policy.
  6. For Contests, Giveaways and Promotions. In connection with contests, giveaways and other promotions that you may choose to participate in. Any information you submit in connection with promotions will be subject to the terms of the promotion, not this Privacy Policy. You will be given the option to consent to the use of your information at the time you sign up for the promotion. You will not be required to participate in any promotion, contest or giveaway.
  7. To Comply with Law. If required to do so by law, court order or other government or law enforcement authority or regulatory agency; or, if we believe in good faith that disclosing this information is necessary or advisable, including, for example, to protect the rights, property, or safety of The Shelf, you, users, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction.

IV. DISCLOSURE OF PERSONAL DATA

We may share your personal data with certain parties set out below for the purposes set forth in this Privacy Policy. We may also share your personal data if the law otherwise allows it.

We may share personal data with the following categories of third parties:

  1. Other users of the Services in accordance with this Privacy Policy (such as the availability of your Profile Information and Content to other users on the Shelf Platform);
  2. Service providers (such as technology service providers, hosting providers, payment processing, auditors, advisors, consultants, customer service and support providers, and fraud prevention providers);
  3. Subsidiaries and affiliates of The Shelf;
  4. Business Transfers (such as in the case of any merger, sale, and transfer of assets, acquisition or restructuring of all or part of our business, bankruptcy or similar events);
  5. Legally required (to public authorities, such as law enforcement, if we are legally required to or if we need to protect our rights or the rights of third parties);
  6. Protection of rights (where we believe it is necessary to respond to claims asserted against us, or comply with legal process, enforce or administer our agreements and terms, fraud prevention, risk assessment, investigation, and protect the rights, property and safety of our users).

We may also share data with third parties connected to advertising, retargeting and analytics (see Cookies Policy below for more information).

We may also share data with third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. We may also seek to acquire other businesses or merge with them. If a change happens to our business, the new owners may use your personal data in the same ways set forth in this privacy policy.

We require all third parties to respect the security of your personal data and to treat it in accordance with law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specific purposes in accordance with our instructions.

V. COOKIES POLICY

Cookies are small pieces of text used to store information on web browsers by a web server. The purpose of a cookie is to identify users and help create a customized experience for them. By using the Shelf Platform and the Services, you agree to the use of cookies for the purposes described in this Section V.

Cookies may be placed on your computer or device, which will allow us and other trusted partners (see below) to receive information stored in cookies when you visit the Shelf Platform and use the Services.

Different types of cookies are used when using the Services. These include:

  1. Authentication. When signing into the Services, cookies help us recognize you.
  2. Research, Analytics and Fraud Prevention. Cookies may be used to understand how our users use the Services so we can improve them.
  3. Feature and Services. Cookies can be used to personalize the features on the Services based on your preference and history.
  4. Advertising. We may share Tracking Information about you with third parties, including, but not limited to, advertising and remarketing providers, or other brand partners, for purposes of personalizing or otherwise understanding how you engage with ads or other content. These third parties may use cookies, pixel tags (also called web beacons or clear gifs), or other technologies to collect Tracking Information in furtherance of such purposes, including to tailor, target (i.e., behavioral, contextual, retargeting, and remarketing), analyze, report on, and/or manage advertising campaigns or other initiatives. For example, when a browser visits a site, pixel tags enable us and these third-parties to recognize certain cookies stored within the browser to learn which ads or other content bring a user to a given site.

We allow a few trusted partners to use cookies in our Services. Here is a list of the third parties using cookies on the Shelf Platform and through our Services:

  1. Google Analytics
  2. Stripe
  3. LinkedIn Ads
  4. Facebook Ads
  5. Intercom.io
  6. Doubleclick
  7. Quantcast
  8. Hubspot

In addition, you may opt-out of interest-based advertising by participating providers by visiting http://www.networkadvertising.org and http://www.aboutads.info/choices for details on how to do so.

You can remove or block certain cooking using the settings in your browser. If you choose to remove or block certain cookies, you may still use our Services however your access to some functionality and areas may be restricted.

VI. PAYMENT INFORMATION

The Shelf uses third party payment processor Stripe.com to process transactions made via the Services. All online payments will be conducted in accordance with Payment Card Industry (PCI) data security standards and your billing information is encrypted before being communicated to them. Subject to the below exceptions, your credit card details are communicated directly from your browser to these payment processors. The Shelf never sees your payment information. This means the payment form is either off-site or displayed in a frame on the payment page.

VII. INTERNATIONAL TRANSFER OF PERSONAL DATA

The Shelf is a worldwide service that is maintained in the United States. By using Services, you authorize us to transfer and store your information outside your home country to the United States, for the purposes described in this privacy policy. If you are situated in the EU, please see section Rights of European Union Data Subject below.

VIII. HOW WE STORE INFORMATION

The security of personal data is important to us. The Shelf will take reasonable steps to protect all personal data, and to keep this information accurate, up to date, complete and relevant.

Our standard procedures call for us to retain information submitted by users for an indefinite length of time. The Shelf understands your submissions as consent to store all your information in one place for this indefinite length of time, if we so wish. If required by law, as is the case to comply with the Children’s Online Privacy Protection Act (COPPA), we will nullify user information by erasing it from our database. We will also respond to written user requests to nullify account information.

Your profile is password-protected so that only you have access to your account information. If you have registered for a Shelf Platform account using the single-sign on or account synchronization applications of Facebook, Twitter, or other social network services, then your login and password shall be the same as your social network login and password. In order to maintain this protection, do not give your password to anyone. The Shelf staff will never proactively reach out to you and ask for any personal account information, including your password. For our web application, you should sign out of Your account and the browser window before someone else obtains access. You should never share devices. This will help protect your information entered on public terminals from disclosure to third parties.

Unfortunately, no data transmission can be guaranteed to be 100% secure. As a result, we cannot guarantee the security of any information you transmit, and you do so at your own risk. If You have any further questions on this issue, please refer our Terms of Use. The Shelf expressly disclaims any liability that may arise should any other individuals obtain the information you submit.

IX. CHOICES YOU HAVE

You may check your information to verify, update or correct it, and to have any obsolete information removed. If you created an account on the Shelf Platform, you can access and change your online account profile yourself. You can also review any of the information that we have retained, how we have used it, and to whom we have disclosed it at any time by contacting us as indicated in the Contact Us section below. Subject to certain exceptions prescribed by law, and provided we can authenticate your identity, you will be given reasonable access to your personal information, and will be entitled to challenge the accuracy and completeness of the information and to have it amended as appropriate. You may also ask us to change your preferences regarding how we use or disclose your information, or let us know that you do not wish to receive any further communication from us.

X. OUR POLICY ON CHILDREN’S INFORMATION

The collection of personal data is neither intended for, nor direct to, persons who are under the age of thirteen (13) years old. Personal data will not be collected by any person who is known by The Shelf to be under the age of thirteen (13) without the consent of a parent or legal guardian. Persons under age thirteen (13) may only use the Services with the involvement and consent of a parent or legal guardian.

XI. LINKS TO OTHER WEBSITES

The Shelf Platform may contain links to third party sites or online services. We are not responsible for the practices of such third parties, whose information practices are subject to their own policies and procedures.

XII. Your California Privacy Rights

This Section applies to California residents. Under California Law, California residents have the right to request in writing from a business where a business relationship exists:

  1. A list of categories of personally identifiable information, such as name, email address and mailing address and the type of service provided to the customer that a business has disclosed to third parties (including affiliates that are separate legal entities) during the preceding calendar year for the third parties’ direct marketing purposes; and
  2. The names and addresses of all such third parties.

To request the above information or opt out of the use of your personally identifiable information, please contact us.

XIII. CHANGES TO THIS POLICY

If at any point we change our privacy policy, we will post those changes to this page.. By accessing and/or using the Services after we make any such changes to this privacy policy, you are deemed to have accepted such changes. Please be aware that, to the extent permitted by applicable law, our use of your information is governed by the privacy policy in effect at the time we collect the information. We also encourage you to review this privacy policy periodically.

XIV. QUESTIONS OR CONCERNS

Whether you live in or outside the United States, you may contact The Shelf, Inc. at privacy_support@theshelf.com.

XV. GDPR Disclosures

Pursuant to the GDPR, The Shelf, Inc. generally acts as the data controller of the information you submit through the Shelf Platform. In limited cases, such as where a client may provide non-public personal data regarding an influencer, we act as a processor for such non-public personal data.

Legal Bases of Processing

Below are the lawful basis that we rely on to process your personal data:

  1. Performance of Contract. The Shelf also processes personal data in order to perform its obligations under its agreement with you under The Shelf Terms of Use, and where necessary, for the purposes of legitimate interests as set out in this Privacy Policy. To the extent that your personal data is provided to The Shelf, it is a contractual requirement.
  2. Legitimate Interest. The Shelf processes personal data in order to conduct and manage our business and to enable us to give you the best service/product with the best and most secure experience.
  3. Comply with Legal or Regulatory Obligations. The Shelf may process your personal data to comply with legal or regulatory obligations that we are subject to.

Purposes for processing of personal data

The Shelf will process personal data that we collect from third parties in accordance with this Privacy Policy. Personal data from your use of The Shelf Platform, including usage performance information, device information and other information in accordance with Section III.

Recipients or categories of recipients of personal data

The recipients of the personal data are The Shelf and the entities as set forth in Section IV.

Your rights under the GDPR

You have a number of rights under the GDPR. These include the right to:

  1. Request access to your personal data from us;
  2. Request that we correct or erase your personal data:
  3. Withdraw your consent for us to use your personal data;
  4. In some circumstances, to object to the use of your personal data by us and request that we restrict our use of your personal information;
  5. Receive your personal data held by us, in a commonly used electronic format, or to have us transfer such personal information to another service provider of your choosing;
  6. Lodge a complaint in relation to our processing of your personal information with a data protection supervisory authority under the GDPR; and
  7. Be informed generally about the collection and use of your personal information, including where we intend to further process your personal information for additional purposes other than as discussed above.
  8. You may also have the right to make a GDPR complaint to the relevant Supervisory Authority. A list of Supervisory Authorities is available here: https://edpb.europa.eu/about-edpb/board/members_en

Important Notice to All Non-US Residents

Our servers are located in the US. If you are located outside of the US, please be aware that any information provided to us, including personal information, will be transferred from your country of origin to the US. Except in the case of data transfers under the EU-US Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework, your decision to provide such data to us, or allow us to collect such data through our Websites, constitutes your consent to this data transfer.

E.U.-U.S. and Swiss-U.S. Privacy Shield Notice

If your personal information is transferred from the EEA, Switzerland, or the United Kingdom to the US pursuant to the Privacy Shield, then the rights, remedies and protections set forth in this section apply to you. We comply with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal data transferred from the European Union member countries (including Iceland, Liechtenstein, and Norway), Switzerland, and the United Kingdom, respectively, to the United States pursuant to the EU-US and Swiss-US Privacy Shield. The Shelf has certified that we adhere to the Privacy Shield Principles with respect to such data. If there is any conflict between the policies in this Privacy Policy and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/

With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, The Shelf is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

In compliance with the Privacy Shield Principles, The Shelf commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Economic Area, Swiss, and United Kingdom individuals with Privacy Shield inquiries or complaints should first contact us at privacy_support@theshelf.com with the subject line “Privacy Shield.”

The Shelf has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.

If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.

Onward Transfer to Third Parties under the Privacy Shield: Like many businesses, we hire other companies to perform certain business-related services. We may disclose personal information to certain types of third-party companies but only to the extent needed to enable them to provide such services. The types of companies that may receive personal information and their functions are: such as technology service providers, hosting providers, payment processing, auditors, advisors, consultants, customer service and support providers, and fraud prevention providers. Where these third parties function as our agents, they perform services at our instruction and on our behalf pursuant to contracts which require they provide at least the same level of privacy protection as is required by this Privacy Policy and implemented by The Shelf. We may also share your personal information with any of our parent companies, subsidiaries, affiliates, or other companies under common control with us for the purposes described in this Privacy Policy.

In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may also disclose personal data to other third parties when compelled to do so by government authorities or required by law or regulation including, but not limited to, in response to court orders and subpoenas.

Our accountability for personal data that we receive under the Privacy Shield and subsequently transfer to a third party is described in the Privacy Shield Principles. In particular, we remain responsible and liable under the Privacy Shield Principles if third-party agents that we engage to process the personal data on our behalf do so in a manner inconsistent with the Principles, unless we prove that we are not responsible for the event giving rise to the damage.

Opt-In and Opt-Out under the Privacy Shield: We provide an individual with the opportunity to opt-out before we share your personal data with third parties other than our agents, or before we use it for a purpose that is materially different from which it was originally collected or subsequently authorized. To request to limit the disclosure of such personal data, please submit a written request to privacy_support@theshelf.com, with the subject line, “Privacy Shield.”

We will not disclose your sensitive personal information to any third party without first obtaining your opt-in consent, and shall also obtain your opt-in consent before we use sensitive data for a purpose other than which it was originally collected or subsequently authorized, unless an exception applies pursuant to the “Sensitive Data” Privacy Shield Supplemental Principal. You may provide your consent by sending us an email at privacy_support@theshelf.com with the subject line “Privacy Shield.” In each instance, please allow us a reasonable time to process your response.

To the extent that we may serve as a Processor, The Shelf will need to consult and coordinate with its customers (which act as controller) to properly effectuate your opt-out/opt-in rights described herein.

Your Privacy Shield Rights: Upon request to privacy_support@theshelf.com with the subject line “Privacy Shield,” we will provide you with confirmation as to whether we are processing your personal data pursuant to the Privacy Shield, and will communicate such data to you within a reasonable time. You have the right to access your personal information processed pursuant to the Privacy Shield and the right to correct, amend, or delete your personal information processed pursuant to the Privacy Shield where it is inaccurate or has been processed in violation of the Privacy Shield Principles. We may require payment of a non-excessive fee to defray our expenses in this regard. Please allow us a reasonable time to respond to your inquiries and requests.

To the extent that we may serve as a Processor, The Shelf will need to consult and coordinate with its customers (which act as controller) to properly effectuate your rights described herein.

Retention of Personal Information under the Privacy Shield: We will retain the personal information processed pursuant to the Privacy Shield in a form that identifies you only for as long as it serves the purpose(s) for which it was initially collected as stated in this Privacy Policy, as subsequently authorized, or, where we serve as a processor, as dictated in our relationships with our customers (e.g., pursuant to GDPR Article 28(3)(g)). We may continue processing such personal information for longer periods, but only for the time and to the extent such processing reasonably serves the purposes of archiving in the public interest, journalism, literature and art, scientific or historical research and statistical analysis, and subject to the protection of our privacy disclosures. After such time periods have expired, we may either delete your personal information or retain it in a form such that it does not identify you personally.

How We Protect Your Personal Information under the Privacy Shield: The Shelf takes very seriously the security and privacy of the personal information that it collects pursuant to the Privacy Shield. Accordingly, we will implement reasonable and appropriate security measures to protect your personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the risks involved in processing and the nature of such data, and comply with applicable laws and regulations.