Types of Personal Data We Collect
AVSecure collects Personal Data about you when you provide it directly to us, when third parties (such as merchants who integrate one of our services or age validators) provide it to us, or when Personal Data is automatically collected in connection with your use of our Website. We collect the following Personal Data from you:
We collect Personal Data when a user (i) creates an account (a “User Account”); (ii) logs into the Website; (iii) interacts with the Website; (iv) communicates with us; and (v) responds to a communication or interaction from us.
Some of the methods and tools we use to collect Personal Data are:
Unique Identifiers: We use unique identifiers such as cookies, e-mail or your pseudonymized customer ID to track individual usage behavior on our Website.
Cookies: Like many websites we collect certain information through the use of “cookies,” which are small text files that are saved by your browser when you access our Website. Session cookies are temporary cookies that are stored on your device while you are visiting our Website. For more information on cookies, including how to control your cookie settings and preferences, visit ec.europa.eu/ipg/basics/legal/cookies/index_en.htm, ico.org.uk/for-the-public/online/cookies and allaboutcookies.org.
Use of Personal Data
AVSecure uses Personal Data to: (i) provide, administer, and improve our Website; (ii) better understand your needs and interests; (iii) fulfill requests you make; (iv) provide announcements; (v) provide you with information and offers from AVSecure and our business partners; (vi) protect, investigate, and deter against fraudulent, harmful, unauthorized, or illegal activity and (vii) comply with legal obligations.
For example, we use Personal Data to:
We will only use your Personal Data if we have a lawful basis for doing so. Lawful bases for processing include consent, contractual necessity, our legitimate interests or the legitimate interest of others, as further described below.
Consent: In some cases, we process Personal Data based on the consent you expressly grant to us at the time we collect such data. When we process Personal Data based on your consent, it will be expressly indicated to you at the point and time of collection.
Contractual Necessity: We process the following categories of Personal Data because we need to process the data to perform under an agreement with you, for example, agreements that enable us to provide access to beta testing products and services. When we process data due to contractual necessity, failure to provide such Personal Data will result in your inability to use some or all portions of the services or products that require such data, such as Contact Information, User Account Information, and/or Transaction Information.
Sharing Personal Data You Provide us via our Website or Communications:
We share Personal Data with third party service providers and agents who work on our behalf and provide us with services related to the Website and/or products and services. These parties include:
We also share Personal Data when we believe it is necessary to:
We also share information with third parties when you have given us consent to do so.
You can opt-out of certain activities by doing one or more of the following. Please note that you will need to opt-out of each browser and device for which you desire to apply these opt-out features.
Web Browser Controls: You can prevent the use of certain tracking tools such as cookies, on a device-by-device basis using the controls in your web browser. These controls can be found in the Tools > Internet Options (or similar) menu for your browser, or as otherwise directed by your browser’s support feature. Through your web browser, you may be able to:
Emails: We will give you the ability to opt-out of marketing-related emails by clicking on a link at the bottom of each such email. You cannot opt-out of receiving certain non-marketing emails regarding the services or products.
We believe the security of your information is a serious issue and we are committed to protecting the information we receive from you. We use commercially reasonable security measures to protect against the loss, misuse, and alteration of your information under our control based on the type of Personal Data and applicable processing activity, such as data encryption in transit, data encryption at rest, pseudonymization, and need-to-know principles.
We retain Personal Data about you for as long as necessary to provide you with our services and products, and thereafter as set forth in our agreement with you (typically 30 days after termination, or sooner upon request (except as required by law)). In some cases we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations. Upon disposal, we will destroy or render unreadable any such Personal Data. Afterwards, we retain some information in a depersonalized or aggregated form but not in a way that would identify you personally.
Accessing, Correcting, and Deleting Your Personal Data and Other Data Subject Rights
You have certain rights with respect to your Personal Data, and we want to help you review and update your information to ensure it is accurate and up-to-date. We may limit or reject your request in certain cases, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, if it is not required by law, or if the burden or expense of providing access would be disproportionate to the risks to your privacy in the case in question. In some cases, we may also need you to provide us with additional information, which may include Personal Data, to verify your identity and the nature of your request. We will take reasonable steps to respond to all requests within 30 days (or less!).
You can also contact us directly at the contact form provided at https://avsecure.com/about
with any requests or questions about the following:
You also have the right to lodge a complaint about AVSecure’s practices with respect to your Personal Data with the supervisory authority of your country or EU Member State.
Transfers of Personal Data
The Website is hosted and operated in the United States (“U.S.”), with development, support and maintenance operations in other countries (and some hosting in the European Union (“EU”)), through AVSecure and its service providers. If you do not reside in the U.S., laws in the U.S. (and other countries) may differ from the laws where you reside. By using the Website, you acknowledge that any Personal Data about you is being provided to AVSecure in the U.S. and will be hosted on U.S. servers, and you authorize AVSecure to transfer, store, host and process your information to and in the U.S., and possibly other countries. You hereby consent to transfer of your data to the U.S. pursuant to either, at AVSecure’s discretion, the EU-U.S. Privacy Shield Framework.
EU Personal Data
If you are located in the EU, United Kingdom, Lichtenstein, Norway, or Iceland, you may have additional rights under the EU General Data Protection Regulation (the “GDPR”) related to your Personal Data, as further described below. AVSecure will be the controller of your Personal Data processed in connection with the Website.
EU-U.S. Privacy Shield Participation
As further set forth in the Privacy Shield Principles, we remain potentially liable if a third party processing Personal Data received from the EU on our behalf processes that Personal Data in a manner that is inconsistent with the Privacy Shield Principles (unless we can prove that we are not responsible for the event giving rise to the damage). AVSecure is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) with respect to any failure to comply with the Privacy Shield Principles. In compliance with the Privacy Shield Principles, AVSecure commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding U.S. privacy practices should contact us directly at the contact form provided at https://avsecure.com/about
AVSecure has committed to refer unresolved Privacy Shield complaints to the International Centre for Dispute Resolution, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit go.adr.org/privacyshield.html. The services of International Centre for Dispute Resolution are provided at no cost to you.
Additionally, under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
California Privacy Rights
Pursuant to Section 1798.83 of the California Civil Code, residents of California can obtain certain information about the types of Personal Data that companies with whom they have an established business relationship have shared with third parties for direct marketing purposes during the proceeding calendar year. In particular, the law provides that companies must inform consumers about the categories of Personal Data that have been shared with third parties, the names and addresses of those third parties, and examples of the types of services or products marketed by those third parties. To request a copy of the information disclosure provided by AVSecure pursuant to Section 1798.83 of the California Civil Code, please contact as set forth above.
Special Note for Parents
Our services and products are intended for adults. Children under the age of eighteen are not permitted to register for or use our services or products. We do not knowingly collect information from children under eighteen.
Updated 11 June 2018