Chromatic Privacy Policy

This privacy policy has been compiled to better serve those who are concerned with how their ‘Personally Identifiable Information’ (PII) is being used online. PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website.


What personal information do we collect from the people that visit our blog, website or app?

When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, credit card information or other details to help you with your experience.


When do we collect information?

We collect information from you when you register on our site, place an order or enter information on our site.


How do we use your information?

We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:

  • To personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested.
  • To improve our website in order to better serve you.
  • To allow us to better service you in responding to your customer service requests.
  • To quickly process your transactions.
  • To send periodic emails regarding your order or other products and services.
  • To follow up with them after correspondence (live chat, email or phone inquiries)

How do we protect your information?

Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.

We use regular Malware Scanning.

Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.

We implement a variety of security measures when a user places an order enters, submits, or accesses their information to maintain the safety of your personal information.

All transactions are processed through a gateway provider and are not stored or processed on our servers.


Do we use ‘cookies’?

Yes. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the site’s or service provider’s systems to recognize your browser and capture and remember certain information. For instance, we use cookies to help us remember and process the items in your shopping cart. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

We use cookies to:

  • Understand and save user’s preferences for future visits.

You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.

If users disable cookies in their browser:

If you turn cookies off, Some of the features that make your site experience more efficient may not function properly.Some of the features that make your site experience more efficient and may not function properly.


Third-party disclosure

We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information.

We do not include or offer third-party products or services on our website.

Google

Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users. https://support.google.com/adwordspolicy/answer/1316548?hl=en

We have not enabled Google AdSense on our site but we may do so in the future.


California Online Privacy Protection Act

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting Personally Identifiable Information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared. - See more at: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf

According to CalOPPA, we agree to the following:

Users can visit our site anonymously. Once this privacy policy is created, we will add a link to it on our home page or as a minimum, on the first significant page after entering our website. Our Privacy Policy link includes the word ‘Privacy’ and can easily be found on the page specified above.

You will be notified of any Privacy Policy changes:

  • On our Privacy Policy Page

You can change your personal information:

  • By emailing us
  • By logging in to your account

California Consumer Privacy Act (CCPA)

The CCPA gives consumers more control over the personal information that businesses collect about them. It provides certain data privacy rights to California residents, seeks to protect those rights by imposing new obligations on companies doing business in California, and grants the California Attorney General broad authority to implement related regulations.

Rights Afforded to California Residents

The CCPA secures the following rights for California consumers:

  1. The right to know what consumer personal information is collected by businesses and how businesses use such information.
  2. The right to know whether the personal information is sold or disclosed, and to whom such information is sold or disclosed.
  3. The right to say no to the sale of their personal information.
  4. The right to access their personal information.
  5. The right to equal service and price, even if they exercise their privacy rights under the CCPA.

Information We Collect

When a user orders or registers on our website, as appropriate, they will be asked to provide various information including name, email address, and credit card information. Additionally, information is also sourced from third-party vendors with which an individual user may have affiliations (ex. GitHub). In particular, Chromatic has collected the following categories of personal information from consumers within the last twelve (12) months.

  • A. Identifiers: A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.
  • B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)): A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
  • D. Commercial information: Products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
  • F. Internet or other similar network activity: Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.
  • G. Geolocation data: Physical location or movements.
  • I. Professional or employment-related information: Current or past job history or performance evaluations.

Use of Information Collected

We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features for the following business and commercial purposes:

  • To personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested.
  • To improve our website in order to better serve you.
  • To allow us to better service you in responding to your customer service requests.
  • To quickly process your transactions.
  • To send periodic emails regarding your order or other products and services.
  • To follow up with them after correspondence (live chat, email or phone inquiries)
  • To audit user interactions.
  • To maintain the quality and safety of our services.
  • To detect security incidents and protect against malicious, deceptive, fraudulent, or illegal activity.
  • For internal research and product improvement.
  • For debugging to identify and repair errors that impair our services.

Third Party Disclosure

We do not sell or trade your Personally Identifiable Information. We do not include or offer third-party products or services on our website.

For business purpose or commercial purpose, as defined in the CCPA, we might disclose your Personally Identifiable Information to the following categories:

  • Service providers
  • Government regulators
  • Our legal advisors and parties involved in a legal process
  • Third parties to whom you or your agents authorize us to disclose your Personal Information in regards to products or services we provide you

We may employ third parties to help us provide and/or improve the services. These third parties may have limited access to your Personally Identifiable Information solely for the purpose of helping us to provide and/or improve the services and they will be subject to contractual restrictions prohibiting them from using the information about our users for any other purpose.

We may disclose your Personal Identifiable Information to third parties without your consent if we have reason to believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be causing injury to or interference with (either intentionally or unintentionally) our rights or property, other users of the services, or anyone else (including the rights or property of anyone else) that could be harmed by such activities.

We may disclose Personal Identifiable Information when we believe in good faith that such disclosure is required by and in accordance with the law.

We may also disclose your Personal Identifiable Information in connection with a corporate re-organization, a merger with another entity, or a sale of all or a substantial portion of our assets or stock, provided that the information disclosed continues to be used for the purposes permitted by this Privacy Policy by the entity acquiring the information.

Access and Erasure Requests

To access the information that has been collected on you or to have your personal information erased, please email support@chromatic.com or complete this form.

Verification

In order to protect your personal information from unauthorized access or deletion, we may require you to verify your login credentials before you can submit a request to know or delete personal information. If you do not have an account with us, or if we suspect fraudulent or malicious activity, we may ask you to provide additional personal information for verification. If we cannot verify your identity, we will not provide or delete your personal information.

Authorized Agents

You may submit a request to know or a request to delete your personal information through an authorized agent. If you do so, the agent must present signed written permission to act on your behalf and you may also be required to independently verify your identity with us.

How does our site handle Do Not Track signals?

We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.


Does our site allow third-party behavioral tracking?

It’s also important to note that we do not allow third-party behavioral tracking


COPPA (Children Online Privacy Protection Act)

When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.

We do not specifically market to children under the age of 13 years old. Do we let third-parties, including ad networks or plug-ins collect PII from children under 13?


Fair Information Practices

The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:

  • We will notify you via email within 1 business day
  • We will notify the users via in-site notification within 1 business day

We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.


CAN SPAM Act

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

We collect your email address in order to:

  • Send information, respond to inquiries, and/or other requests or questions
  • Process orders and to send information and updates pertaining to orders.
  • Send you additional information related to your product and/or service

To be in accordance with CANSPAM, we agree to the following:

  • Not use false or misleading subjects or email addresses.
  • Identify the message as an advertisement in some reasonable way.
  • Include the physical address of our business or site headquarters.
  • Monitor third-party email marketing services for compliance, if one is used.
  • Honor opt-out/unsubscribe requests quickly.
  • Allow users to unsubscribe by using the link at the bottom of each email.

If at any time you would like to unsubscribe from receiving future emails, you can email us at support@chromatic.com or follow the instructions at the bottom of each email and we will promptly remove you from ALL correspondence.


Contacting Us

If there are any questions regarding this privacy policy, you may contact us using the information below.

548 Market St #26384 San Francisco CA 94104 United States support@chromatic.com

Last Edited on 2020-04-25