“Personal Data” means any information that relates to an identified or identifiable natural person. Such information may include, but is not limited to addresses, email addresses, telephone numbers, date of birth, payment history, as well as IP address and geolocation data if they can serve to identify a natural person. A business does not have Personal Data, although the individuals who work for the business do.
Information We Collect from You
Clean Impact Textiles collects information: (1) automatically when you browse our website, from (2) web forms that you may fill out, (3) email inquiries and responses, and (4) conversations that our representatives have with you via telephone, which information is stored in our Enterprise Resource Planning system, or “ERP”. The ERP consists of software that we use to manage day-to-day business activities such as order fulfillment, accounting, and supply operations. Apart from information collected automatically when you browse our website, the type of personal information we collect from you depends upon the nature of your interaction with Clean Impact Textiles.
Certain information about you may be recorded by the standard operation of the Internet servers on which our website is hosted, including but not limited to (i) IP address, (ii) domain server, (iii) type of device used to access the website and services offered, (iv) web browser used to access the website, (v) referring web pages or other sources through which you accessed the website and services offered, (vi) geolocation information, and (vii) other statistics and information associated with the interaction between your browser or device and our website or services. Such information may be used to improve the design and content of our website and/or our services, or to personalize your experience. Your IP address and geolocation information may (insofar as it pertains to you individually rather than your business) be considered Personal Data under the California Consumer Privacy Act (“CCPA”), which is discussed further below.
Who is Responsible for the Security of Your Personal Data
Clean Impact Textiles bears primary responsibility for the security of the Personal Data that you submit through our website (whether by signing up to be on our mailing list or by purchasing goods or services from us) and for Personal Data that may be collected when you browse our website. All such information is stored in our ERP system.
Clean Impact Textiles bears no responsibility for information you provide directly to third-party service providers.
Use of Information We Collect
Clean Impact Textiles may use the information we collect for one or more of the following lawful purposes:
- to provide a range of benefits to you, including fulfilling orders and providing customized content;
- to answer your inquiries and respond to your feedback;
- to further our commercial interests, including measuring the effectiveness of our advertising and outreach, improving the products we offer, and increasing our sales of goods and services.
In conformity with Canada’s anti-spam legislation, if you consent expressly or if you have a business relationship with Clean Impact Textiles within the legislated timelines (e.g., by signing a contract, purchasing a product, requesting information from us, registering on our website, or asking for a price quote), we may use your Personal Data to promote and market additional goods, services, and special offers from us, our affiliates, or our business associates, including by means of direct marketing. We may also disclose your name and mailing address to these affiliates and/or business associates so that they can send you promotional materials directly.
Except as expressly provided above, we will not provide, sell, license, trade, or rent your Personal Data to or with any third party without your prior consent.
Tools We Use to Collect Information
We use various tools, described below, to collect information from you:
We use Google Analytics to generate enhanced ecommerce reports regarding sales, shopping cart behavior (e.g., leaving a product behind rather than purchasing), the pages visited by you, how long you spend on the site, what you click on, whether or not you’re a return visitor to the website, and other metrics. This information is collected by Google Analytics tracking code on our website.
Google has a strict policy of not collecting Personal Data (interpreted by Google to mean email addresses, mailing addresses, telephone numbers, full names, and usernames, all of the foregoing for natural persons rather than businesses). While the standard version of Google Analytics temporarily collects the user’s IP address and geolocation information, Google Analytics does not provide such data to us. Rather, the information is anonymized so as to identify geographical regions rather than individuals who visit our website.
To understand how the tracking code works, visit https://developers.google.com/analytics/resources/concepts/gaConceptsTrackingOverview. You can find out more about Google’s position on privacy as regards its analytics service at https://support.google.com/analytics/answer/6004245?hl=en .
Social Media Cookies
In some cases, we may provide you with custom content based on information that you provide us either directly or indirectly by linking a social media account. Our website may use “social media buttons” (for example, links to Twitter, Facebook, etc.), which enable you to share specific web pages or access specific content on social media sites. By clicking on a social media button, our website will register your action and may use that information.
To implement social media buttons and connect them to the relevant social networks and external sites, we necessarily use scripts from social media domains. You should be aware that when you are logged in to Facebook, Instagram, Twitter, and Google, they are likely collecting information about your browsing habits — including when you’re on our website, even if you do not click on a social media button on our website. You can read the respective policies of each of these websites to see how they use your information and how, if you so wish, to opt-out or delete such information.
If you have an account with Facebook, Facebook tracks what you “like” and post on the platform. Via “pixels” embedded on websites such as ours, Facebook also knows what other sites you access. (You can see which websites have Facebook Pixels using the company’s Chrome extension.) Facebook pixels send anonymized data (i.e. data from which you cannot be identified) to Facebook, but that data allows us to direct advertising to you. Facebook Pixels help us advertise and sell our products, improve our online offers, make those offers more user-friendly, adapt those offers to display better, and create “lookalike” audiences for reach with our advertisements.
We may use web “beacons” (code embedded in a web page or email), which provide us with information such as what pages you visited, or, when embedded in email, whether the email we sent you was opened and read, and the IP address of the computer or proxy address used to read the email. Information collected by web beacons allows us to analyze how many people are opening our emails, and for what purpose, and it helps us to enhance our interest-based advertising.
Our web application firewall tracks IP addresses for security purposes (e.g., so that we can effectively respond to “distributed denial-of-service” (DDOS) attacks), but we do not associate a user’s IP address with any other information that would make the user at that IP address identifiable. A DDOS attack is a malicious attempt to disrupt the normal traffic of a targeted server, service, or network by overwhelming the target or its surrounding infrastructure with ah flood of Internet traffic.
We retain data that we collect via Google Analytics for a period of three (3) years. (You can stop Google Analytics from collecting your Personal Data by using Google’s Opt-out browser add-on.) Data that we collect through the other tools we use are retained for no more than three (3) years, but may be retained for shorter times.
Data (including Personal Data) that we collect related to purchases made on our website are retained indefinitely.
Your Personal Data may be used or stored by us or by our service providers located outside of Canada and the United States and it will be subject to the laws of the country in which it is used or stored.
California Consumer Protection Act (“CCPA”)
Your rights under the California Consumer Privacy Act (CCPA) are as follows:
- The right to access or delete the information we have on you. Whenever made possible, you can access or request deletion of your Personal Data directly within your account settings section. If you are unable to perform these actions yourself, please contact us as provided above in order to assist you;
- The right to know what personal information is collected, used, shared or sold as to the categories and specific pieces of personal information, the sources of that information, the types of information we collect, the intended purposes of that information, and the parties with whom we share it;
- We do not sell Personal Data to anyone. If we ever contemplate doing so, you will be given the ability to opt out either through your account settings or by contacting us as above;
- The right to non-discrimination in terms of price or service when you exercise a privacy right under CCPA. You will not be discriminated against for exercising any of these rights, but please note that exercising these rights may affect your right or ability to receive information about our products and services, your rights under our product warranties and the benefits of our services, especially if you request that we delete your contact information.
Note that if you want us to search and delete any information we have about you, you will need to verify your identity to us.
“Do Not Track” Signals
A “Do Not Track” signal under California Online Privacy Protection Act (CalOPPA) (“DNT”) is a preference you can theoretically set in your web browser to inform websites that you do not want to be tracked. However, there is currently no industry-standard way to handle DNT requests. Consequently, we do not support DNT browser settings, and our website does not behave differently when a DNT request is received.
When We Disclose Personal Data
We may choose to buy or sell business assets. In these types of transactions, customer information (which may include your Personal Data) is typically one of the business assets that is transferred. Also, if we (or substantially all of our assets) are acquired, or if we go out of business or enter bankruptcy, Personal Data would be one of the assets transferred to or acquired by a third party.
How We Protect Personal Data
Clean Impact Textiles takes commercially reasonable measures to ensure that Personal Data collected from you is protected against loss and unauthorized access. Access to your Personal Data is restricted to individuals who have a business need consistent with the reason the information was collected. In addition, Clean Impact Textiles employs firewalls and strict access control procedures.
The security of your Personal Data is important to us but remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we strive to use commercially reasonable means to protect your Personal Data, we cannot guarantee its absolute security.
Contacting Us, Correcting or Updating Personal Data
You may also close your account if you want to withdraw your consent from our further use of your Personal Data. We may, however, retain your Personal Data and information about your previous transactions to provide you with future services, for audit purposes, to ensure the integrity of our data, and to fulfill legal requirements.