Effective date: May 21, 2021
What Information does World 1 League Collect?
We collect Personal Data about you when you provide such information directly to us, when third parties such as our business partners (e.g. companies with whom we integrate our Service) and service providers (such as our advertising service providers) provide us with Personal Data about you, or when Personal Data about you is automatically collected in connection with your use of our Services.
Information You Provide to Us:
We receive and store any information you knowingly provide to us. For example, when you purchase products or merchandise through our online e-commerce platform and/or when you participate in our contests, we may collect Personal Information such as your name, email address, phone number, billing address, shipping address and Instagram handle. Certain information may be required to take advantage of some of our features. For example, if you use the checkout feature, Shopify will collect and store your payment details, shipping details and billing details in accordance with Shopify’s Terms of Service at https://www.shopify.com/legal/terms or Privacy Statement at https://www.shopify.com/legal/privacy.
We may communicate with you if you’ve provided us the means to do so. For example, if you’ve given us your email address, we may send you promotional email offers on behalf of other businesses, or email you about your use of the Services. Also, we may receive a confirmation when you open an email from us. This confirmation helps us make our communications with you more interesting and improve our services. If you do not want to receive communications from us, please indicate your preference by e-mailing us at email@example.com.
Information Collected Automatically
Whenever you interact with our Services, we automatically receive and record information on our server logs from your browser or device, which may include your geolocation data, device identification, the type of browser and/or device you’re using to access our Services, and the page or feature you requested.
“Cookies” are identifiers websites may transfer to your browser or device that allow the website to recognize your browser or device and tell the website how and when pages and features in our Services are visited and by how many people. You may be able to change the preferences on your browser or device to prevent or limit your device’s acceptance of cookies.
We may use this data to customize content for you that we think you might like, based on your usage patterns. We may also use it to improve the Services – for example, this data can tell us how often users use a particular feature of the Services, and we can use that knowledge to make the Services interesting to as many users as possible.
Do Not Track Policy
Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications and services (including behavioral advertising services) that you do not wish such operators to track certain of your online activities over time and across different websites. Our Services do not support Do Not Track requests at this time, which means that we collect information about your online activity both while you are using the Services and after you leave our Services.
How do we use your Personal Data?
We process Personal Data to operate, improve, understand and personalize our Services. For example, we use Personal Data to:
- Communicate with you about the Services, including in connection with Service announcements, updates or offers
- Provide support and assistance for the Services
- Personalize website content and communications based on your preferences
- Respond to user inquiries
- Fulfill user requests
- Comply with our legal or contractual obligations
- Resolve disputes
- Protect against or deter fraudulent, illegal or harmful actions
As noted above, we may communicate with you if you’ve provided us the means to do so. For example, if you’ve given us your email address, we may send you promotional email offers on behalf of other businesses, or email you about your use of the Services. Also, we may receive a confirmation when you open an email from us. This confirmation helps us make our communications with you more interesting and improve our services. If you do not want to receive communications from us, please indicate your preference by emailing us at firstname.lastname@example.org.
We will only process your Personal Data if we have a lawful basis for doing so. Lawful bases for processing include consent, contractual necessity, and our “legitimate business interests” or the legitimate interest of others, as further described below.
- Contact data (e.g., name, address, email, phone number, clothing size, shoe size)
- Profile data (e.g., age, birthday)
- Account data (e.g. phone number)
- Device data (e.g., device ID)
- IP address
- Location data
- Analytics data (e.g., IP address)
- Video metadata (e.g., location data)
Legitimate Business Interest:We process the following categories of Personal Data when we believe it furthers the legitimate business interest of us or third parties:
- Contact data (e.g., name, address, email, phone number, clothing size, shoe size, personal and/or company social media accounts)
- Profile data (e.g., school, clothing size)
- Account data (e.g. phone number)
- Age, birthday
- Analytics data (e.g., IP address)
Examples of these legitimate business interests include:
- Operation and improvement of our business, products, and services
- Marketing of our products and services
- Provision of customer support
- Protection from fraud or security threats
- Compliance with legal obligations
- Completion of corporate transactions
Consent:In some cases, we process Personal Data based on the consent you expressly grant to us at the time we collect such data. When we process Personal Data based on your consent, it will be expressly indicated to you at the point and time of collection.
Other Processing Grounds:From time to time we may also need to process Personal Data to comply with a legal obligation, if it is necessary to protect the vital interests of you or other data subjects, or if it is necessary for a task carried out in the public interest.
Will World 1 League Share Any of the Personal Information it Receives?
We may share your Personal Information with third parties as described in this section:
Information that’s been de-identified: We may de-identify your Personal Information so that you are not identified as an individual, and provide that information to our partners. We may also provide aggregate usage information to our partners (or allow partners to collect that information from you), who may use such information to understand how often and in what ways people use our Services, so that they, too, can provide you with an optimal online experience. However, we never disclose aggregate usage or de-identified information to a partner (or allow a partner to collect such information) in a manner that would identify you as an individual person.
Advertisers: We may allow advertisers and/or merchant partners (“Advertisers”) to choose the demographic information of users who will see their advertisements and/or promotional offers and you agree that we may provide any of the information we have collected from you in non-personally identifiable form to an Advertiser, in order for that Advertiser to select the appropriate audience for those advertisements and/or offers. For example, we might use the fact you are located in San Francisco to show you ads or offers for San Francisco businesses, but we will not tell such businesses who you are. Or, we might allow Advertisers to display their ads to users with similar usage patterns to yours, but we will not disclose usage information to Advertisers except in aggregate form, and not in a manner that would identify you personally. Note that if an advertiser asks us to show an ad to a certain audience or audience segment and you respond to that ad, the advertiser may conclude that you fit the description of the audience they were trying to reach.
We may deliver a file to you through the Services (known as a “web beacon”) from an ad network. Web beacons allow ad networks to provide anonymized, aggregated auditing, research and reporting for us and for advertisers. Web beacons also enable ad networks to serve targeted advertisements to you when you visit other websites. Because your web browser must request these advertisements and web beacons from the ad network’s servers, these companies can view, edit, or set their own cookies, just as if you had requested a web page from their site. You may be able to opt-out of web beacon tracking conducted by third parties through our Services by adjusting the Do Not Track settings on your browser; please note that we don’t control whether or how these third parties comply with Do Not Track requests.
Affiliated Businesses: In certain situations, businesses or third party websites we’re affiliated with may sell or provide products or services to you through or in connection with the Services (either alone or jointly with us). You can recognize when an affiliated business is associated with such a transaction or service, and we will share your Personal Information with that affiliated business only to the extent that it is related to such transaction or service. We have no control over the policies and practices of third party websites or businesses as to privacy or anything else, so if you choose to take part in any transaction or service relating to an affiliated website or business, please review all such business’ or websites’ policies.
Agents: We employ other companies and people to perform tasks on our behalf and need to share your information with them to provide products or services to you; for example, we use Shopify to host our store and to receive and process your credit card transactions for us and SuperPhone™ to collect and maintain contact information. A complete list of sub-processors with whom we share Personal Data to assist us in providing the Services is available here. Unless we tell you differently, our agents do not have any right to use the Personal Information we share with them beyond what is necessary to assist us. You hereby consent to our sharing of Personal Information with our agents.
Our online store is currently hosted by Shopify. Shopify provides us with the online e-commerce platform that allows us to sell certain products or merchandise to you. When you provide Personal Information in connection with a purchase on or through the Service, such Personal Information is stored through Shopify’s data storage, databases, and the general Shopify application. Shopify may transfer, process or store your data outside of the United States and such data may be subject to disclosure as required by applicable law.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (“PCI-DSS”). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers. For more information, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
Business Transfers: We may choose to buy or sell assets, and may share and/or transfer customer information in connection with the evaluation of and entry into such transactions. Also, if we (or our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Information could be one of the assets transferred to or acquired by a third party.
Is Personal Information about me secure?
We endeavor to protect the privacy of your Personal Information we hold in our records, but unfortunately, we cannot guarantee complete security. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information at any time.
How long do we retain your Personal Data?
We retain Personal Data about you for as long as necessary to provide you Services. In some cases we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation. Afterwards, we retain some information in a depersonalized or aggregated form but not in a way that would identify you personally.
What Personal Information can I access?
Through contacting us at email@example.com, you may access, and, in some cases, edit or delete the following information you’ve provided to us:
- email address
- phone number
- billing address
- shipping address
- Instagram handle
- Twitter handle
The information you can view, update, and delete may change as the Services change. If you have any questions about viewing or updating information we have on file about you, please contact us at firstname.lastname@example.org. Residents of the European Economic Area (EEA) may have other rights – please see below for additional information.
What choices do I have?
You can always opt not to disclose information to us, but keep in mind some information may be needed to take advantage of some of our features.
You may be able to add, update, or delete information as explained above. When you update information, however, we may maintain a copy of the unrevised information in our records. You may request deletion of your Personal Information by email@example.com. Some information may remain in our records after your deletion of such information. We may use any aggregated data derived from or incorporating your Personal Information after you update or delete it, but not in a manner that would identify you personally.
What if I live in the European Union?
If you are a resident of the European Union (“EU”), United Kingdom, Lichtenstein, Norway, or Iceland, you may have additional rights under the EU General Data Protection Regulation (the “GDPR”) with respect to your Personal Data, as outlined below.
World 1 League Corporation will be the controller of your Personal Data processed in connection with the Services.
What Rights Do You Have Regarding Your Personal Data?
You have certain rights with respect to your Personal Data, including those set forth below. For more information about these rights, or to submit a request, please email firstname.lastname@example.org. Please note that in some circumstances, we may not be able to fully comply with your request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, but in those circumstances, we will still respond to notify you of such a decision. In some cases, we may also need to you to provide us with additional information, which may include Personal Data, if necessary to verify your identity and the nature of your request.
- Access: You can request more information about the Personal Data we hold about you and request a copy of such Personal Data.
- Rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data.
- Erasure: You can request that we erase some or all of your Personal Data from our systems.
- Withdrawal of Consent: If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Services.
- Portability: You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible.
- Objection: You can contact us to let us know that you object to the further use or disclosure of your Personal Data for certain purposes, such as for direct marketing purposes.
- Restriction of Processing: You can ask us to restrict further processing of your Personal Data.
- Right to File Complaint: You have the right to lodge a complaint about World 1 League’s practices with respect to your Personal Data with the supervisory authority of your country or EU Member State. A list of Supervisory Authorities is available here: https://edpb.europa.eu/about-edpb/board/members_en.
Transfers of Personal Data
The Services are hosted and operated in the United States (“U.S.”) through World 1 League and its service providers, and if you do not reside in the U.S., laws in the U.S. may differ from the laws where you reside. By using the Services, you acknowledge that any Personal Data about you, regardless of whether provided by you or obtained from a third party, is being provided to World 1 League in the U.S. and will be hosted on U.S. servers, and you authorize World 1 League to transfer, store and process your information to and in the U.S., and possibly other countries. You hereby consent to the transfer of your data to the U.S. pursuant to EU-U.S. Privacy Shield Frameworks, respectively, the details of which are further set forth below.
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, World 1 League is subject to the regulatory and enforcement powers of the U.S. Federal Trade Commission.
Pursuant to the Privacy Shield Frameworks, EU individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to email@example.com. If requested to remove data, we will respond within a reasonable timeframe.
We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to firstname.lastname@example.org.
In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
World 1 League’s accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, World 1 League remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Principles, unless World 1 League proves that it is not responsible for the event giving rise to the damage.
In compliance with the Privacy Shield Principles, World 1 League commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. Please contact us at email@example.com with any questions, concerns or complaints relating to our Privacy Shield Certification.
World 1 League has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
What if I have questions about this policy?
If you have any questions or concerns regarding our privacy policies, please send us a detailed message to firstname.lastname@example.org, and we will try to resolve your concerns.
EU contact information: email@example.com