Privacy Policy
Effective Date: [September 3, 2019]
For purposes of this Privacy Policy, “Company,” “we,” “our,” or “us” is defined as Marcus Samuelsson Group.
Please read the following Privacy Policy to understand how information about you will be treated if it is collected by Company through any website or online service location that posts a link to this Privacy Policy or any features, content, or other services that Company owns, controls, and makes available through such website or online service location (collectively, the “Site”). Except as explicitly provided herein, this Privacy Policy does not apply to the practices of companies that Company does not own or control, or to Company’s information collection activities outside of the Site.
By using the Site, you agree to our Terms of Service and consent to our collection, use and disclosure practices, and other activities as described in this Privacy Policy. If you do not agree and consent, discontinue use of the Service. Please note that the use of information that we gather is subject to the Privacy Policy in effect at the time of use. We reserve the right to revise and reissue this Privacy Policy at any time. Any changes will be effective immediately upon posting of the revised Privacy Policy. This Privacy Policy may change from time to time so please check back periodically. Your continued use of our Site indicates your consent to the Privacy Policy then posted. If the changes are material, we may provide you additional notice to your email address.
If you have any questions or wish to exercise your rights and choices, please contact us as set out in the “Contact Us” section below.
1. How and what information is collected from me?
Information your provide
We and our Service Providers (defined below) may collect information you provide directly via the Site. For example, we collect information when you access our content, conduct a search on this Site, place an order for merchandise, complete a questionnaire or an entry form for sweepstakes or contests, participate in forums, chat rooms or other community features, or communicate with us through the Site.
The information we collect may include personal information. "Personal information" is information that identifies you personally (whether alone or in combination). The types of personal information collected on the Site may include, but are not limited to, your name, email address, standard contact information including addresses and phone numbers, transactional information, financial information such as credit card or bank account numbers, and any content that you send us including that of your messages or correspondence with customer service. We may also ask you to voluntarily provide us with information regarding, for example, your personal or professional interests, demographics, experiences with the services we provide and contact preferences. You may choose to submit certain other information to us through the Site, including personal information, but you are solely responsible for your own personal information in instances where we have not requested that you submit such information to us. Wherever we collect personal information on the Site, we make an effort to include a link to this Privacy Policy on that Site page.
Personal information once “de-identified” is not subject to this privacy policy and we and our Service Providers may treat it as non-personal information and use it without obligation to you except as prohibited by applicable law.
Information collected automatically
Company and its Service Providers may automatically gather and store certain types of information whenever you use this Site (“usage information”). Usage information may include, without limitation, any of the following: (1) IP addresses (the Internet address of a device), (2) device identifier and connection information such as browser type and version, operating system, platform, your internet service provider, your device’s regional and language settings, and device identifiers such as IP address, MAC address, and Ad Id (e.g., IDFA or AAID), (3) the full Uniform Resource Locator (URL) clickstream to, through, and from this Site, including date and time, (4) cookie number, (5) web pages and/or products you viewed or searched for, and (6) location data including imprecise location data (such as location derived from an IP address or data that indicates a city or postal code level) and, with your consent, precise location data (such as latitude/longitude data). Company analyzes this data for, among other reasons, certain trends in statistics, such as which parts of this Site users visit and how long they spend there. To the extent that we combine usage information with your personal information, we will treat the combined information as personal information under this Privacy Policy.
The methods that may be used on the Site to collect usage information include various technologies (“Tracking Technologies”), including the following:
· Log Files, which are files that record log information which is data about your use of the Site, such as IP address, browser type, internet service provider, referring/exit pages, operating system, date/time stamps, and related data, which is stored in log files.
· Cookies
Internet cookies are small files that may be placed on your device for record-keeping purposes, and may be either session cookies or tracking cookies. Session cookies make it easier for you to navigate the Site and expire when you close your browser. Tracking cookies help in understanding how you use the Site, and remain longer. The Site may associate some or all of these types of cookies with your devices. Cookies may remain on your device for extended periods of time. Cookies are used, among other reasons, to (a) remind us of who you are in order to deliver you better service, (b) estimate our audience size by determining repeat usage of the website to help target advertisements based on user interests and behavior, (c) track your progress and entries in promotions, sweepstakes and contests, if any, and (d) measure certain traffic patterns for use as a research tool to understand how our users’ habits are similar or different from one another.
Web Beacons (“Tracking Pixels”)
Web beacons which are code embedded in a website, video, email, or advertisement that sends information about your use to a server. There are various types of web beacons including small graphic images and JavaScript pixels (which contains JavaScript code). Web beacons may be used in combination with cookies to track activity by a particular browser on a particular device and are used to count the number of visitors to the Site, to monitor how users navigate the Site, and to count content views.
Embedded Scripts
An embedded script is programming code designed to collect information about your interactions with the Site. It is temporarily downloaded onto your device from our web server or a third party with whom we work, is active only while you are connected to the Site, and deleted or deactivated thereafter. For example, during some visits to the Site, Company may use an embedded script such as JavaScript to measure and collect session information, including page response times, download errors, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
o Location-identifying Technologies
Location-aware technologies locate (sometimes precisely) you for purposes such as verifying your location and delivering or restricting relevant content based on your location.
o Device Fingerprinting.
Device fingerprinting is the process of analyzing and combining sets of information elements from your device’s browser, such as JavaScript objects and installed fonts, in order to create a “fingerprint” of your device and uniquely identify your device and applications.
Some information about your use of the Site and certain Third Party Services (defined below) may be collected using Tracking Technologies across time and services and used by us and third parties for purposes such as to associate different devices you use, and deliver relevant ads and/or other content to you on the Site and certain Third Party Services.
For further information on Tracking Technologies and your choices regarding them, please see Sections 5, 7, and 8.
Information from other sources
Company also may combine your information with information we collect or receive from other companies and sources, including Service Providers and Third Party Services. To the extent we combine such third party sourced information with personal information we have collected about you on the Site, we will treat the combined information as personal information under this Privacy Policy. We are not responsible for the accuracy of any information provided by third parties or third party policies or practices.
For further information on Third Party Services, see the “Third Parties” section below.
2. How is my information used?
In general, we may use the information we collect about you in accordance with the practices described in this Privacy Policy to:
Manage our Site and support your customer relationship with Company;
Perform services requested by you;
Respond to your comments, questions, and requests, and provide customer service;
Send you technical notices, updates, security alerts, information regarding changes to our policies, and support and administrative messages;
Prevent and address fraud, breach of policies or terms, and threats or harm;
Monitor and analyze trends, usage, and activities;
Conduct research, including focus groups and surveys;
Improve the Site or other Company websites, applications, marketing efforts, products and services;
· Serve advertising tailored to your interests on our Site and Third Party Services; and
Fulfill any other purpose disclosed to you or with your consent.
We also want to help you quickly find information regarding the Site and alert you to specific offers, updated information, rewards, events, and other new products and services that are available. Accordingly, we may send you direct mailings by email about our various products and services or third party products and services we feel may be of interest to you. For information about how to manage these communications and marketing efforts, please see Section 9.
Notwithstanding the above, we may use information that does not identify you (including information that has been aggregated or de-identified) for any purpose except as prohibited by applicable law.
3. How and with whom does Company share my information?
Company may share information about you with any party with your consent or, in any event, with Company’s parents, affiliates, and subsidiaries for internal business purposes.
Company also may share information about you with the following groups: (a) businesses which Company engages in joint and co-branded offerings and sponsorships for their own internal business purposes, (b) persons and entities that participate in Company’s events, such as chefs and restaurants, artists and performers, exhibitors and beneficiaries, and beverage experts for their own internal business purposes, (c) Company’s agents, vendors, consultants and other third party service providers (“Service Providers”) in order to facilitate the performance of only those functions which are assigned to them, such as Site operation and maintenance, order fulfillment, data analysis, marketing assistance, provision of search results and links, credit card payment processing, and customer service, and (d) entities with which Company may merge, consolidate, sell to, or acquire, or which may acquire all or substantially all of Company’s assets, as information about you likely will be one of the transferred assets. To the extent we share information with our Service Providers, those Service Providers are prohibited from using your personal information for any purpose other than to provide assistance, although we may permit them to use aggregate information which does not identify you or de-identified data for other purposes.
In addition, Company may share information about you in order to (x) investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, and violations of the Terms of Service, (y) comply with the law, or respond to subpoenas, court orders, or legal process, and (z) establish or exercise our legal rights, or defend against legal claims, and as otherwise required by law.
We may also share information about you with our affiliates, business partners, and other third parties for their own direct marketing purposes (California residents have certain rights set forth in “Your California Privacy Rights” below).
Notwithstanding the foregoing, Company does research on our users’ demographics, interests and behavior based on the information provided to us during your use of this Site. This research is compiled and analyzed on an aggregated basis. Company may share aggregated data which does not identify you or de-identified information with others for any purpose. Finally, we may share information to fulfill any other purpose disclosed to you or with your consent.
4. Sweepstakes, Contests, Promotions
We may offer sweepstakes, contests, surveys, and other promotions (each, a “Promotion”) jointly sponsored or offered by third parties that may require submitting personal information. If you voluntarily choose to enter a Promotion, your personal information may be disclosed to third parties for administrative purposes and as required by law (e.g., on a winners list). By entering, you agree to the official rules that govern that Promotion, and may, except where prohibited by applicable law, allow the sponsor and/or other parties to use your name, voice and/or likeness in advertising or marketing materials.
5. What should I know about third parties?
Our Site contains content from and hyperlinks to websites, locations, platforms, and services operated and owned by third parties (“Third Party Services”). For example, you may be able to purchase tickets to our events from a Third Party Service, such as Eventbrite. In addition, our Site contains features that allow you interact with, connect to, or access our Site through certain Third Party Services and third party devices (“Third Party Features”). For example, you use a Third Party Feature when you “like” or “share” content over social media through our Site. If you use a Third Party Feature, both we and the applicable third party may have access to and use information associated with your use of the Third Party Feature. Some examples of Third Party Features include the following:
• Liking, Sharing, and Logging-In. We may embed a pixel or SDK on our Site that allows you to “like” or “share” content on Third Party Services, including social networks such as Facebook and Twitter. If you choose to engage with such a Third Party Service through our Site, we may collect any information you have authorized the Third Party Service to share with us (such as your user ID, billing information, public profile information, email address, birthday, friends list, and other account and profile data). Likewise, if you choose to engage with such a Third Party Service through our Site or visit our Site while logged in to that Third Party Service on your device, the Third Party Service may receive information about your activities on our Site and be able to associate that information with information the Third Party Service already has about you.
• Brand Pages and Chatbots. We may offer our content on social networks such as a Facebook and Twitter. Any information you provide to us when you engage with our content (such as through our brand page or via our chatbot on Facebook Messenger) is treated in accordance with this Privacy Policy. Also, if you publicly reference our Site on a Third Party Service (e.g., by using a hashtag associated with Company in a tweet or post), we may use your reference on or in connection with our Site.
Please be aware that third parties may collect personal information about you on the Site through the use of Tracking Technologies such as cookies, JavaScript, web beacons, and other technologies. For example, analytics services, such as Google Analytics, may use Tracking Technologies on our Site to help us analyze your use of the Site, compile statistic reports on the Site’s activity, and provide other services relating to Site activity and Internet usage. Similarly, ad serving services, advertisers, and other third parties may use Tracking Technologies on our Site and Third Party Services to track your activities across time and services, and tailor ads to you based on your activities, which may include sending you an ad on a Third Party Service or third party device after you have left the Site (“Interest-based Advertising”).
We serve ads on and through Third Party Services, such as Facebook and Google, that are targeted to reach people (or people similar to people) who have visited our Site or are identified in one or more of our databases (“Matched Ads”). For example, we use Facebook Custom Audiences to serve Matched Ads. This is done by us uploading a customer list to the Third Party Service or incorporating a pixel from the Third Party Service on our Site, and the Third Party Service matching common factors between our data and their data. To opt-out of us using your data for Matched Ads, please contact us as set forth in section 17 and specify that you wish to opt-out of Matched Ads. We will request that the applicable Third Party Services not serve you Matched Ads based on information we provide to it. You may also contact the applicable Third Party Services to opt-out. We are not responsible for such Third Party Services’ failure to comply with our or your opt-out instructions.
Third Party Services have separate privacy and data collection practices, independent of us. Our Company does not have any control over or access to Tracking Technologies that may be used by third parties, and the information practices of those Third Party Services linked to this Site either through advertisements or other hyperlinks are not covered by this Privacy Policy. Our Company has no responsibility or liability for these independent policies or actions. Please be careful and responsible online. If you post personal information online that is accessible to the public, you may receive unsolicited messages from third parties in return and third parties may have access to your information. While we strive to protect your information, we cannot ensure or warrant the security of any information through the transmission process, and any transmission by you of information is done at your own risk.
For further information on Tracking Technologies and your choices regarding them, please see Sections 1, 7, and 8.
6. How do I access, update or delete my information?
You can request access to certain account information that you have voluntarily submitted to Company, correct factual inaccuracies in such information, and remove and/or update such information by contacting us at the address specified in Section 17. We may require additional information from you to allow us to confirm your identity. Please note that we will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. California residents and data subjects in Europe have additional rights as set out in Sections 11, 12, and 18 below.
7. How do I exercise choice with regard to tracking technologies in general?
Like many web sites, we use cookies, and we obtain certain types of information when you access this Site. You may be able to set your browser to notify you when you receive a cookie, giving you the chance to decide whether or not to accept it. Browsers offer different functionalities and options so you may need to set them separately. Further, third party companies may offer utilities that are designed to allow or help you reject cookies. Please note, however, that by disabling Tracking Technologies and not accepting cookies, some web pages of this Site may not display properly, Company may not be able to provide you with a personalized experience on this Site, and you may not be permitted to access certain information.
Your browser settings may allow you to automatically transmit a “Do Not Track” signal to online services you visit. Note, however, there is no industry consensus as to what site and app operators should do with regard to these signals. Accordingly, we do not monitor or take action with respect to “Do Not Track” signals or other mechanisms. For more information on “Do Not Track,” visit http://www.allaboutdnt.com.
You can reset your device Ad Id at any time through your device settings, which is designed to allow you to limit the use of information collected about you. You can stop all collection of precise location data through an app by uninstalling the app or withdrawing your consent through your device settings.
8. How do I exercise choice with regard to analytics and online advertising?
You may exercise choices regarding the use of cookies from Google Analytics by going to https://tools.google.com/dlpage/gaoptout or downloading the Google Analytics Opt-out Browser Add-on.
You may choose whether to receive Interest-based Advertising by submitting opt-outs. Some of the advertisers and Service Providers that perform advertising-related services for us and our partners may participate in the Digital Advertising Alliance ("DAA") Self-Regulatory Program for Online Behavioral Advertising. To learn more about how you can exercise certain choices regarding Interest-based Advertising, visit http://www.aboutads.info/choices. Some of these companies may also be members of the Network Advertising Initiative (“NAI”). To learn more about the NAI and your opt-out options for their members, see http://www.networkadvertising.org/choices/. Please be aware that, even if you are able to opt-out of certain kinds of Interest-based Advertising, you may continue to receive other types of ads. Opting-out only means that those selected members should no longer deliver certain Interest-based Advertising to you, but does not mean you will no longer receive any targeted content and/or ads (e.g., from other ad networks). Company is not responsible for effectiveness of, or compliance with, any third-parties’ opt-out options or programs or the accuracy of their statements regarding their programs. You may also limit our use of information collected from or about your mobile device for purposes of serving online behavioral advertising to you by going to your device settings and selecting “Limit Ad Tracking” (for iOS devices) or “Opt out of Interest-Based Ads” (for Android devices).
Third party websites and applications may display ads from Company that are targeted to reach people on those websites or applications who are also identified on one of more of Company’s databases. This is done by matching common factors between Company’s databases and the databases of these third parties. For instance, we may share your email address with Facebook as part of Facebook’s Matched Ads services. If we use Facebook’s Matched aAds services, you should be able to hover over the box in the right corner of such a Facebook ad and find out how to opt-out with us from such list. If you opt-out with us from Facebook Matched Ads services, we will remove the matching personal information from that Facebook list, however, this will not take effect immediately and if you have multiple emails or other accounts you may have to opt-out separately for each one. We are not responsible for such third parties’ failure to comply with your or our opt-out instructions.
9. How do I exercise choice with regard to your communications with me?
If you do not want to receive promotional emails from us, simply “opt-out” by following the instructions as provided in emails to click on the unsubscribe link or by contacting helpdesk@samuelssongroup.com with the word UNSUBSCRIBE in the subject field of the email. Please note that your opt-out is limited to the email address used and will not affect subsequent subscriptions or non-promotional communications, such as those about your account, transactions, servicing, or Company’s ongoing business relations.
10. What does “opt-out” mean?
To “opt-out” means that you have notified Company that we no longer have permission to use your information for a particular purpose. For more information about your opt-out options, please see Sections 7, 8 and 9 above.
11. Your California Privacy Rights
California’s “Shine the Light” law permits customers in California to request certain details about how certain types of their information are shared with third parties and, in some cases, affiliates, for those third parties’ and affiliates’ own direct marketing purposes. Under the law, a business should either provide California customers certain information upon request or permit California customers to opt-in to, or opt-out of, this type of sharing.
Company may share personal information as defined by California’s “Shine the Light” law with third parties and/or affiliates for such third parties’ and affiliates’ own direct marketing purposes. If you are a California resident and wish to obtain information about our compliance with this law, please email us at helpdesk@samuelssongroup.com or send a letter to the address specified in Section 17. Requests must include “California Privacy Rights Request” in the first line of the description and include your name, street address, city, state, and ZIP code. Please note that Company is not required to respond to requests made by means other than through the provided email address or mail address.
Any California residents under the age of eighteen (18) who have registered to use the Site and have posted content or information on the Site, can request that such information be removed from the Site by sending an e-mail to us at helpdesk@samuelssongroup.com. Requests must state that the user personally posted such content or information and detail where the content or information is posted. We will make reasonable good faith efforts to remove the post from prospective public view.
12. Your European Privacy Rights.
Data subjects in Europe have additional rights as set out in the “Additional Disclosures for Data Subjects in Europe” section 18 below.
13. Children
The Site is not intended for use by children under thirteen (13). We will not knowingly collect any personal information as defined by the U.S. Children’s Privacy Protection Act (“COPPA”) submitted by visitors to the Site who are under the age of 13 in a manner that is not permitted by COPPA. If you are a parent or guardian and believe Company has collected such information in a manner not permitted by COPPA, please email us at helpdesk@samuelssongroup.com or send a letter to the address specified in Section 16, and we will remove such data to the extent required by COPPA.
14. Data Security
Company uses reasonable measures to protect your personal information and, to that end, uses tools such as encryption, passwords, and physical security to protect your personal information against unauthorized access and disclosure. However, no website can be absolutely secure, and third parties may unlawfully intercept or access transmissions or private communications, and other users may abuse or misuse your personal information that they collect from this Site. Therefore, we do not promise, and you should not expect, that your personal information or private communications will always remain absolutely private.
15. Privacy Shield and International Transfer
We are based in the U.S. and the information we and our Service Providers collect is governed by U.S. law. If you are accessing the Site from outside of the U.S., please be aware that information collected through the Site may be transferred to, processed, stored and used in the U.S. Data protection laws in the U.S. may be different from those of your country of residence. Your use of the Site or provision of any information therefore constitutes your consent to the transfer to and from, processing, usage, sharing and storage of your information, including personal information, in the U.S. as set forth in this Privacy Policy. If your data is collected in Europe, we will transfer your personal data subject to appropriate safeguards, such as the Privacy Shield Framework discussed below and/or Standard Contractual Clauses.
Company will comply with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set out by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from the European Union and Switzerland to the U.S., respectively. Company will certify that it adheres to the Privacy Shield Principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, and recourse, enforcement and liability.
In accordance with our obligations under Privacy Shield, and subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission, we hereby affirm our commitment to subject to the Privacy Shield Principles all personal data transferred from the European Union and Switzerland in reliance on Privacy Shield. This means that, in addition to our other obligations under the Privacy Shield Principles, we shall be liable to you for any third party agent to which we transfer your personal data and that processes such personal data in a manner that violates the Privacy Shield Principles, unless we can demonstrate that we are not responsible for the resulting damages.
In the event that you have any inquiry, dispute, or claim arising out of or relating to our compliance with Privacy Shield, please contact us as set out in section 17 below. If we are unable to resolve your complaint directly, you may submit your complaint at no cost to you to JAMS at https://www.jamsadr.com/file-an-eu-us-privacy-shield-or-safe-harbor-claim. In the event there are residual complaints that have not been resolved by JAMS, or any other means, you may seek a non-monetary remedy through binding arbitration to be provided to you in accordance with the Privacy Shield Principles.
To learn more about the Privacy Shield Framework, and to view Company’s certification, please visit https://www.privacyshield.gov/.
16. Other legal notices.
Any dispute over privacy is subject to this Privacy Policy and our Terms of Service, including limitations on damages and application of New York state law.
17. Contact us
If you have any concern about your privacy in connection with this policy, please send a thorough description to helpdesk@samuelssongroup.com, and we will try to resolve it. You can also send a letter to the following address:
Marcus Samuelsson Group LLC
Marcus Samuelsson Group
273 Lenox Avenue
Ground Floor
New York, NY 10027
Fax: 1 (646) 514-0555
18. Additional Disclosures for Data Subjects in Europe.
A. Data Controller.
Data protection laws in Europe make a distinction between organizations that process personal data for their own purposes (known as “controllers”) and organizations that process personal data on behalf of other organizations (known as “processors”).
Company acts as a controller with respect to personal data collected as you interact with our websites, emails, and advertisements. However, in most instances, Company acts a processor on behalf of a customer, a separate legal entity, which is the controller. For example, when you log-in to restricted areas of the Site, the data collected through those areas is processed on behalf of our customers. For example, Company helps provide agency services to its customers and processes personal data on their behalf to help them target and understand the success of their advertising campaigns. Please visit the applicable customer’s privacy policy for information about their privacy practices. Any questions that you may have relating to the processing of personal data by Company on behalf of the customer and your rights under data protection law should be directed to the customer as the controller, not to Company.
B. Lawful Basis for Processing.
Data protection laws in Europe require a “lawful basis” for processing personal data. Our lawful bases include where: (a) you have given consent to the processing for one or more specific purposes, either to us or to our Service Providers, partners, or customers; (b) processing is necessary for the performance of a contract with you; (c) processing is necessary for compliance with a legal obligation; or (d) processing is necessary for the purposes of the legitimate interests pursued by us or a third party, and your interests and fundamental rights and freedoms do not override those interests.
C. Your European Privacy Rights.
If you are a data subject in Europe, you have the right to access, rectify, or erase any personal data we have collected about you. You also have the right to data portability and the right to restrict or object to our processing of personal data we have collected about you. In addition, you have the right to ask us not to process your personal data (or provide it to third parties to process) for marketing purposes or purposes materially different than for which it was originally collected or subsequently authorized by you. You may withdraw your consent at any time for any data processing we do based on consent you have provided to us.
You may exercise your rights by submitting a written request to us at the address set out in section 17 above. We will respond to your request within 30 days. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions.
If your personal data has been processed by us on behalf of a customer and you wish to exercise any rights you have with such personal data, please inquire with our customer directly. If you wish to make your request directly to us, please provide the name of our customer on whose behalf we processed your personal data. We will refer your request to that customer, and will support them to the extent required by applicable law in responding to your request.
D. Complaints.
If you have a complaint about our use of your personal data or response to your requests regarding your personal data, you may submit a complaint to the data protection regulator in your jurisdiction. We would, however, appreciate the opportunity to address your concerns before you approach a data protection regulator, and would welcome you directing an inquiry to us first as specified in the “Contact Us” section above.