Please note: This Policy does not apply to information collected by third parties, for example, when you visit a third party website or use a third-party service, even if you access it through our Sites. Please take a moment to review the privacy policies of third-party sites before you disclose information to them, as we cannot be held responsible for their actions with regard to your information.
What types of information we collect, when we collect it, and the purposes for which it is collected
We may collect personal and other information about you when you use the Sites, as described below. “Personal Information” is information which can be used to distinguish or trace an individual’s identity, whether used alone or when combined with other personal or identifying information which is linked or linkable to a specific individual. Some of the Personal Information that we collect from you might include: your name, shipping address, billing address, email address, telephone number, and payment information, such as your encrypted credit card information. We typically collect Personal Information and other data from you, and use that information in the ways described in this Policy or otherwise communicated to you from time to time (subject to your consent when required by applicable laws), including the following:
When You Make a Purchase on Our Sites. Some purchases on our Sites are handled directly by HOIST and others are managed and processed by third party service providers (such as Authorize.net, PayPal, and Apple Pay). These parties may or may not be affiliated with HOIST and in these cases, the terms, conditions, and privacy policies of the third party will govern the data processed by the third party in the transaction. We encourage our users to be aware of how their information may be used and processed and to read the privacy statements of every third party site that collects Personal Information.
HOIST or our third party service providers may collect Personal Information from you, which may include contact information (such as your name, email, phone number, billing address, or shipping information) and financial information (such as credit card number, security code, and expiration date) when you make a purchase or register on our Sites in order to receive emails or refer a friend. An online credit card transaction is required if you wish to make a purchase on our Sites. We and our third party service providers use reasonable security measures when processing your Personal Information to facilitate a purchase.
When You Join Our Loyalty Program. In order to join and receive rewards and points through our loyalty program, you must sign up for a member account that will include a valid username and password, among other account information requested. Any information you provide while participating in this program will be used to track points and to offer you rewards. The information from your account may also be compiled with other Personal Information relating to you in order to create a user profile and to provide you with relevant offers and other information.
When You Post Content on Our Sites. Our Sites may enable users to post Content online, including via social media (this includes reference to the HOIST Instagram, Facebook, Twitter, and blog accounts and any future accounts HOIST may create). If you post a comment or any other Content to social media that references our official accounts or you otherwise use your social media accounts in conjunction with your visit to our Sites, your comment or Content may appear on our Sites. We may receive certain Personal Information or other information to the extent provided to us by the social media platform; typically your name, list of social media connections, and other material provided to us by the social media service. Please refer to the privacy policies of those third party providers for more information and to adjust your settings regarding how your Personal Information is shared with us.
Contests and Sweepstakes. We may operate contests, sweepstakes, or other promotions (each, a “Promotion”) through our Sites, which may require registration on our Sites or through our social media channels in order to enter. Your Personal Information may be used by us to contact you for winner notification, prize delivery confirmation, or other promotional purposes. Your entry may also result in your being added to our marketing lists. If you win a Promotion, your acceptance of a prize may require you (unless prohibited by law) to allow us to post publicly some of your Personal Information on our Sites or elsewhere, such as on a winner’s page.
SMS Messaging. We may use your telephone number for the purpose of sending you SMS messaging related to marketing messages, order and shipping confirmations, and other order updates if you have opted in to receive such messaging. You may opt-out from receiving SMS messaging from us, at any time, by responding STOP to any of our messages. Messaging will be sent by an automated system initiated by our third party messaging provider. We do not share your telephone number with third parties for the purposes of receiving third party marketing messages. We also will not send messages to you promoting the goods or services of third parties.
We abide by Facebook’s Data Use Restrictions. Any ad data collected, received or derived from our Facebook ad (“Facebook advertising data”) is only shared with someone acting on our behalf, such as our service provider. We are responsible for ensuring that our service providers protect any Facebook advertising data or any other information obtained from us, limit our use of all of that information, and keep it confidential and secure.
We do not use Facebook advertising data for any purpose (including retargeting, commingling data across multiple advertisers’ campaigns, or allowing piggybacking or redirecting with tags), except on an aggregate and anonymous basis (unless authorized by Facebook) and only to assess the performance and effectiveness of our Facebook advertising campaigns. We do not use Facebook advertising data, including the targeting criteria for a Facebook ad, to build, append to, edit, influence, or augment user profiles, including profiles associated with any mobile device identifier or other unique identifier that identifies any particular user, browser, computer or device. We do not transfer any Facebook advertising data (including anonymous, aggregate, or derived data) to any ad network, ad exchange, data broker or other advertising or monetization related service.
We may log click-stream or similar data for purposes of system administration, to improve our Sites and marketing, to report aggregate information to our advertisers, and other uses related to the Sites. Click-stream data is information collected when you request pages from our Sites, and may include information such as the page served, the time, the source and type of browser making the request, the most recent page view, what you clicked on in order to arrive at our Sites, and other non-Personal Information. This data helps us analyze how visitors arrive at our Sites, what type of content is most popular, what type of visitors are interested in particular kinds of events, content, advertising, and the like. Where permitted, we may associate click-stream, shopping cart, and other similar data with other information we hold about you so that we can personalize or improve the relevance and quality of the services or information provided.
Other Sources of Personal Information or Data. If we receive Personal Information or data from you through our Sites other than as described in this Policy, it will still be used and managed in accordance with this Policy, unless otherwise stated at the time you provide the information.
How we use your Personal Information
The above Personal Information may be used for the following purposes:
- To operate, improve, or promote our products and services
- To provide customer service or support
- To process payments
- To contact you
- When you have opted in to receive email messaging
- When you have opted in to receive newsletters
- When you have opted in to receive special offers
- To respond to your email inquiries. Specifically, when customers and Site users send email inquiries to us, the return email address is used to answer the email inquiry we receive. We may also place you on our marketing list for information related to your inquiry or which we otherwise believe would be of interest to you, and we may otherwise use your information as described in this Policy.
- To monitor and analyze trends such as:
- Purchase history
- Sales reports
- Behavior on the Site
- Email clicks and opens
- To market our products and services through:
- Email marketing
- Advertising, including retargeting via Google and Facebook
- Perform accounting, administrative and legal tasks
Who has access to your Personal Information within our organization
Within our organization, access to your data is limited to those persons who require access in order to provide you with the products and services you purchase from us, to contact you, and to respond to your inquiries, including requests for refund. Employees only have access to data on a “need to know” basis.
Who we share your data with outside of our organization, and why
Unaffiliated Third Parties.
We may use service providers in connection with operating and improving the Site, to assist with certain functions, such as payment processing, email transmission, data hosting, managing our ads, fulfilling product sales, and some aspects of our technical and customer support. We will take measures to ensure that these service providers access, process, and store information about you only for the purposes we authorize, subject to confidentiality obligations, including through the execution of GDPR and CCPA-compliant Data Privacy Agreements or Addenda, as applicable.
We may use your information for re-marketing on social media platforms as well. We may also share select information for data analytics use or as part of a data sharing arrangement. You may be able to opt-out of having your information shared with third parties or used for marketing communications in accordance with the terms of this Policy.
If you register with our Sites, your information (including information related to purchases you make on our Sites or profiles you create for our loyalty program) will be aggregated and maintained as part of your profile. We may access or use such information, and we may share such information with our current or future affiliated companies, or carefully selected third parties, to provide you with information or marketing communications in which we think you may be interested.
Businesses Interested in Acquiring Our Business.
In addition, in the event that we go through an existing or potential business transition, such as a merger, acquisition, liquidation, or sale of all or a portion of our assets, certain customer information will, in most instances, be part of the assets transferred.
Legal or Governmental Authorities.
What choices do I have about collecting, using, and disclosing my information?
At any time, you may opt-out of having your information provided to third parties for marketing or other commercial purposes, and opt-out of other promotional communications from us. Specifically, you can unsubscribe from email newsletters or similar communications by clicking on the unsubscribe link in every email. You may be able to opt-out of all promotional communications and information sharing for marketing purposes by contacting us at the email address indicated below.
If you wish to take steps to opt-out of tracking by certain online advertisers, you can visit the Digital Advertising Alliance’s opt-out page at http://www.aboutads.info/choices or the Network Advertising Initiative at www.networkadvertising.org/optout_nonppii.asp. Please note, most modern browsers include a “do not track” feature that may help protect your privacy. However, because there is not yet a defined response to do-not-track requests, our Sites do not respond to your browser’s do-not-track request.
Accessing, correcting or deleting Personal Information
You may be able to access, modify, and delete (where appropriate) your Personal Information by contacting us at the email address below. We will respond to reasonable requests for access or revision and will provide access to the extent required and not prohibited by law. Where a request is made, any correspondence or application may be kept and added to your Personal Information.
We may decide not to grant access or make revisions where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in any given case, or when the rights of others would be violated by granting the access.
For residents of California (as required by California law), to obtain any Personal Information HOIST has disclosed about you to third parties for direct marketing purposes during the preceding calendar year, please message us at the email address below. To the extent required by the applicable law of your jurisdiction, HOIST will allow you to access, delete, modify, or otherwise interact with Personal Information obtained through our Sites. Please refer to the California Residents section below for additional information.
Security precautions in place to protect your information
We have implemented reasonable security measures to safeguard the Personal Information you provide us. However, please keep in mind that “perfect security” does not exist on the Internet, and accordingly we cannot provide any guarantee that your information will remain secure.
Limitation of liability
By providing us with any Personal Information, you expressly and unconditionally release and hold harmless HOIST, its parents, related companies, and their respective shareholders, owners, members, directors, officers, employees, and agents (collectively, the “Releasees”) from any and all liability for any injuries, loss, or damage of any kind arising from or in connection with the use and/or misuse of your collected Personal Information. In addition, while we take reasonable steps to prevent third party companies from making unauthorized use of your Personal Information, we cannot be held liable for any injuries, loss, or damage of any kind arising from or in connection with the use and/or misuse of your collected Personal Information by those third parties.
Children's Privacy Statement
This children's privacy statement explains our practices with respect to the online collection and use of personal information from children under the age of thirteen, and provides important information regarding their rights under federal law with respect to such information.
This Site is not directed to children under the age of thirteen and we do NOT knowingly collect personally identifiable information from children under the age of thirteen as part of the Site. If we become aware that we have inadvertently received personally identifiable information from a user under the age of thirteen as part of the Site, we will delete such information from our records. If we change our practices in the future, we will obtain prior, verifiable parental consent before collecting any personally identifiable information from children under the age of thirteen as part of the Site.
Because we do not collect any personally identifiable information from children under the age of thirteen as part of the Site, we also do NOT knowingly distribute such information to third parties. We do NOT knowingly allow children under the age of thirteen to publicly post or otherwise distribute personally identifiable contact information through the Site. Because we do not collect any personally identifiable information from children under the age of thirteen as part of the Site, we do NOT condition the participation of a child under thirteen in the Site's online activities on providing personally identifiable information.
If you are accessing these Sites from outside of the United States, your information will be transferred to us in the United States. Regardless of where your information is collected or transferred, the information will be treated in accordance with this Policy.
The European Union’s General Data Privacy Regulation (GDPR), which took effect on May 25, 2018, is intended to protect the data of European Union (EU) citizens. As a company that markets its site, content, products and/or services online, we do not specifically target our marketing to the EU or conduct business in or to the EU in any meaningful way. If the data that you provide to us in the course of your use of our site, content, products and/or services is governed by GDPR, we will abide by the relevant portions of the Regulation.
If you are a resident of the European Economic Area (EEA), or are accessing this site from within the EEA, you may have the right to request: access to, correction of, deletion of; portability of; and restriction or objection to processing, of your personal data, from us. This includes the “right to be forgotten.” To make any of these requests, please contact us at email@example.com.
The California Consumer Privacy Act (CCPA) takes effect on January 1, 2020, and is intended to protect the data of California residents.
If you are a resident of California, you have certain rights with respect to your data. We respond to all requests that we receive from individuals who wish to exercise their data protection rights in accordance with applicable data protection laws. You can contact us by sending an email to firstname.lastname@example.org.
Rights that you may have, include:
- Requesting deletion of your information.
- If you request that your account be deleted, you will lose access to all of our programs in which you are actively registered.
- Opting out from the sale of your information to third parties.
- Requesting disclosure of the personal information we have collected about you and the types of third parties with whom it has been shared.
- Requesting the portability of your information.
- Opting out from receiving marketing communications that we send you at any time. You can exercise this right by selecting the “unsubscribe” or “opt-out” link in the marketing emails we send you. Additionally, you may update your email preferences by changing the settings in your account.
- Requesting that we not sell your information, by clicking on the corresponding link on our website.
Every effort will be made to respond to a verified request within a reasonable time, or the time-frame required by law.
To whom do I direct questions or concerns regarding this Policy?
Contact us with any questions, concerns, or comments by emailing us at email@example.com.
This policy may be changed at any time at our discretion. If we should update this policy, we will post the updates to this page on our Site.