EFFECTIVE: JUNE 01, 2020
AGE OF CONSENT
By accessing RIO’s Services, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use the Services.
INFORMATION WE COLLECT
Information That You Provide: We collect information that you provide directly to us. For example, we collect information when you use our website, shop in our stores, call us on the phone, create an online account, sign up to receive our emails, participate in a giveaway sweepstakes, contest, promotion or survey, communicate with us via third-party social media sites such as Facebook or Instagram, request customer support, otherwise communicate with us. Providing your Personal Information to us is voluntary, however, if you do not provide some or all of the information we request, we may not be able to provide you with certain products, services or information. The types of information you may provide directly to us include, but are not limited to your name, shipping address, billing address, zip or postal code, telephone number, email address, birth date, credit card or payment information, product and communication preferences, family members, demographic information, or any other information that could be used to contact you or any other information that you may choose to disclose to RIO. In some cases, we may also collect information you provide about others, such as when you schedule an RIO yoga class, purchase a gift card for someone and request that we deliver it electronically, create and share a "wish list" or decide to purchase and ship products to someone. We will use this information to fulfill your requests and will not send marketing communications to your contacts unless they separately opt in to receive communications from us.
Information We Collect Automatically: In order to improve the overall quality of your online experience, RIO, its partners, and/or vendors automatically collect certain information about you when you access or use our website or Offer Sites, interact with our emails or online advertisements, or when you transact business with us. Information we automatically collect includes:
Log File Information: We collect information about your use of our website, such as the type of browser you use, access date/times, pages viewed, your Internet Protocol (“IP”) address and the referring link through which you accessed our websites. An IP address is a number that automatically identifies the computer or device you use to access the Internet. The IP address enables our server to send you the web pages that you want to visit, and it may disclose the server owned by your Internet Service Provider. We track and aggregate certain information about the visits to our website to analyze trends and statistics such as general traffic flow and feature usage related to RIO’s website. We compile traffic-based statistics that show the numbers and frequency of visitors to our website and its individual pages. These are an aggregated statistical report that we use internally to better understand our website traffic, manage our website, and help diagnose any problems. RIO may also aggregate such information and make it available to others as part of its business; however, we will not identify you when providing such information or make it possible to identify you by others in providing this information.
Transaction Information: When you purchase or return a product, we collect information about the transaction, such as product details and the date and location of the purchase/return.
Mobile Information: When you access our website from a mobile or smartphone device, we may receive information about your location and your mobile device, such as unique device identifiers.
Information from Third Party Sources: We also receive information about you from other sources, including service providers such as Shopify, PayPal, Amazon Pay and Google, and through your interactions with us on social media websites, and we add it to the information we associate with your account.
INFORMATION WE DO NOT INTEND TO COLLECT
When you create an account on our website, you may provide us information such as your first and last name, e-mail address, password, birthdate and other info you provide. RIO does not intend to collect and retain records of any sensitive personal information, data regarding minority status, or data received from third parties that is not expressly contemplated by this agreement or contractually authorized. We do not knowingly contact or collect information from persons under the age of majority in your state or province of residence. The Services are not intended to solicit information of any kind from persons under the age of majority in your state or province of residence.
TEXT MESSAGE/SMS CONSENT AND OPT-OUT
SECURITY OF TRANSMISSION OF PERSONAL INFORMATION
Unfortunately, the transmission of information via the Internet or e-mail is not completely secure. Although we will do our best to protect Personal Information that you submit to us, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use commercially reasonable procedures and security features to try to prevent unauthorized access.
HOW WE USE YOUR INFORMATION
We may use your Personal Information to provide products and services and to support our business functions. For example, we may use this information for the following purposes:
Provide, Improve, and Develop the RIO Website.
- Provide the Services to you
- Process and fulfill your order, including by shipping products to you, or others you designate, and sending emails to you, or others you designate, to confirm your order status and shipment and to process merchandise returns
- Provide customer service
- Operate, protect, improve, and optimize the RIO Website and the user experience, such as by performing analytics and conducting research
- Communicate with you and to send you information by email, postal mail, telephone, text message, or other means about our products, services, contests, support messages, updates, security alerts, and account notifications
- Communicate with other persons using contact information you provide, such as when you designate another person as the recipient of a gift purchase
- Make your shopping experience easier, more personalized, more enjoyable and more efficient
- Address problems with and improve our products, brands, services and technologies, as well as to develop new products and services
- Allow you to use our in-store and online technologies
- Provide consistent, personalized services, including to personalize our advertising, marketing communications, shopping experiences and promotional offers
- Organize local community events, promotions and in-store experiences
- Facilitate your ability to share information to social media
- Administer and fulfill our contests and other promotions
- Help us learn more about your shopping preferences or product preferences
- Fulfill a contract we have with you
- Operate, protect, improve, and optimize the RIO Website and experience, and personalize and customize your experience (such as making automatically entering your saved shipping information), we conduct profiling based on your interactions with the RIO Website, your search and booking history, your profile information and preferences, and other content you submit to the RIO Website.
- We process this information given our legitimate interest in improving the RIO Website and our users’ experience with it, and where it is necessary for the adequate performance of the contract with you.
Create and Maintain a Trusted and Safer Environment.
- Prevent, detect, mitigate and investigate fraud, security breaches and activities that are or potentially may be prohibited or illegal
- Conduct security investigations and risk assessments
- Verify or authenticate information
- As we believe to be required or appropriate to protect the rights, property, safety and security of RIO and our employees, customers and others
- As we believe to be required or appropriate under applicable law, to respond to requests from government authorities and to comply with legal process, investigations, regulatory or governmental enquiries or for other legal or regulatory purposes
- Comply with our legal obligations
- Resolve any disputes with any of our users or shoppers and enforce our agreements with third parties
Provide, Personalize, Measure, and Improve our Advertising and Marketing.
Send you promotional messages we believe may be of interest to you, marketing, advertising, and other information that may be of interest to you based on your preferences (including information about RIO or partner campaigns and services) and social media advertising through social media platforms such as Facebook or Google).
Personalize, measure, and improve our advertising.
Administer referral programs, rewards, surveys, sweepstakes, contests, or other promotional activities or events sponsored or managed by RIO or its third-party partners.
Conduct profiling on your characteristics and preferences (based on the information you provide to us, your interactions with the RIO Website, information obtained from third parties, and your search and booking history) to send you promotional messages, marketing, advertising and other information that we think may be of interest to you.
We will process your Personal Information for the purposes listed in this section given our legitimate interest in undertaking marketing activities to offer you products or services that may be of your interest. You can opt-out of receiving marketing communications from us by following the unsubscribe instructions included in our marketing communications or changing your notification settings within your RIO Account.
- When you consent to it
- When it is necessary to protect your vital interests or that of another person
- When it is necessary for the performance of a task carried out in the public interest
- When it is in our legitimate interests. Legitimate interests are our business or commercial reasons for using your data, such as (i) keeping our records up to date (ii) providing the Services to you; (iii) maintaining or administering the Services (iv) performing business analyses or for other internal purposes to improve the quality of our business and the Services we offer; (v) prevention of fraud and financial crime to protect the public; (vi) communicating with you concerning programs or services consistent with our obligations to provide those services or otherwise; and (vii) participating in litigation, investigations, regulatory or governmental enquiries or for other legal or regulatory purposes involving our customers who use or have used our Services or other third parties. We will not unfairly place our legitimate interests above what is best for you.
HOW WE SHARE YOUR INFORMATION
We share your Personal Information under confidentiality agreements with, or obtain data from, third parties in the following ways:
By You. You may disclose Personal Information when you post digital content to our website, third-party websites, or other public forums, such as RIO’s social media pages, blogs, and online product reviews. Any information that you disclose through these services will become public.
Third Parties. We may share your information when we team up with another company to offer or provide products, services, contests, or promotions to our customers.
Legal Requirements. We may share information about you if necessary or appropriate to comply with laws or regulations or in response to a valid subpoena, court order, legal processes, or government request, or to protect the operations, privacy, safety, property or rights, when we believe it is necessary to share such information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, or as otherwise required by law or to protect the public.
Other Disclosures. We may share your Personal Information with our legal, regulatory, audit, and other professional advisors. Those companies may use your Personal Information to assist us in our operations consistent with our legitimate business interests. We also may share information about you as described at the point of collection or otherwise pursuant to your consent or where RIO has a legitimate interest in doing so. These third parties do not have any independent right to share your Personal Information. We will exercise reasonable measures to have the third parties to whom we disclose your Personal Information respect your Personal Information and comply with applicable data protection laws.
HOW WE KEEP YOUR INFORMATION
We will store your Personal Information for as long as is necessary to achieve the purposes for which it was collected, whether that is to provide services to you, for our own legitimate interests (described above), or so that we can comply with the law. We reserve the right to retain it to the full extent not prohibited by law. We may delete Personal Information in our discretion, so you should retain your own records, and not rely upon our storage of any Personal Information, content, or other data.
We will review the information we hold and when there no longer is a user, legal, or business need for us to hold it, we will either delete it securely or in some cases irreversibly anonymize it. When we delete any information, it will be deleted from our active databases but may remain in our archives.
HOW WE PROTECT YOUR PERSONAL INFORMATION
To prevent unauthorized access, maintain data accuracy, and facilitate the correct use of Personal Information obtained through our website, we have put in place appropriate physical, technical, and operational measures to safeguard and secure the Personal Information we collect online against unauthorized access, unlawful use, accidental loss, corruption, or destruction. We also use operational measures to protect your Personal Information, for example by limiting the number of people who have access to your membership information. Access to Personal Information is restricted to RIO staff members and third-party service providers who require the access for specific purposes, such as helping us provide the Services to you. We use technical measures such as password protection to protect your data and the systems where they are stored. However, messages you send to us through the Internet or otherwise electronically may not be secure. We recommend that you do not send any confidential information to us by email. If you choose to send confidential information to us, you accept the risk that a third party may intercept this information. We make reasonable efforts to keep your information safe and secure while shopping. We protect your online order and Personal Information by using Secure Sockets Layer (SSL) technology. All the data that travels between your computer and our servers is SSL encrypted, and then stored on a computer that is not connected to the Web. To make sure you are accessing a secure server, look at the lower left- or right-hand corner of your browser window after accessing the server. An un-broken key or closed lock (depending on your browser) indicates that SSL is active in your window. Some versions of browsers and firewalls don't permit communication through secure servers. In that case, you'll be unable to connect to the server, so you won't have to worry about mistakenly placing an order through an unsecured connection.
LOCATION OF YOUR PERSONAL INFORMATION / YOUR PARTICULAR CONSENT
- Transfer the data to a non-EEA country that has privacy laws at least as protective as those within the EEA, or
- Put in place a contract with the recipient of the data, which means the recipient must protect the data to the same standards as required within the EEA, or
- Transfer it to organizations that are part of the Privacy Shield. The Privacy Shield is a framework that sets out the standards for data to be sent between the United States and European countries. The Privacy Shield ensures that data are protected to the same standards as used within the EEA.
Consent to Electronic Notice If There is a Security Breach: We will take reasonable measures to safeguard your Personal Information and prevent such information from unauthorized access, disclosure, or use. However, there can never be a guarantee of data security. If we or a Recipient is required to provide notice of unauthorized access to or other invasion of certain security systems, you agree that we (or they) may do so when required (or voluntarily) by posting notice on our website or sending notice to any email address we have for you, in our (or their) good faith discretion. You agree that notice to you will count as notice to others for whom you are acting and agree to pass the notice on to them.
YOUR OPT-OUT CHOICES
If you do not want RIO to send you email or postal mail regarding RIO or its Services, you can choose not to provide your Personal Information to RIO, even though it might be necessary to make a purchase or to take advantage of certain features on our Services. You may also manage, update and correct the information you provide as part of your online account by logging into your user account and clicking on the “Settings” hyperlink. If you choose not to give us certain Personal Information, you can still use many aspects of our website. However, you will not be able to access website areas that require account registration.
If you have previously opted-in to receiving marketing emails from us, you can update your preferences to tell us specifically what you are interested in hearing about by clicking on the preferences link included in the marketing e-mails. You can update your preferences at any time. If you would prefer not to receive marketing emails sent by RIO, simply click on the “unsubscribe” link included at the bottom of any of those emails. If you opt out of receiving marketing emails, we may still send you other types of messages, such as purchase receipts, information about shipments, or emails about your user account.
YOUR RIGHTS OVER YOUR PERSONAL INFORMATION
EU Privacy Rights
If you are a European Union resident, in accordance with RIO’s policies and procedures you have the right to review, verify, correct, and request erasure of the Personal Information that we hold about you under certain circumstances. You also have the right to limit, restrict, or object to the processing of your Personal Information under certain circumstances. You may also have the right to request that we transfer your Personal Information to another party to the extent provided for under applicable data privacy laws. For more information on your rights, please see https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens_en .
If you want to review, verify, correct, or request erasure of your Personal Information; limit, restrict, or object to the processing of your Personal Information; or request a transfer of your Personal Information to another party, please contact us at firstname.lastname@example.org or write to us at RIO YOGA COPR, ATTN: Data Protection, 8600 Commodity Circle, Suite 104, Orlando, Florida, 32819. To protect your privacy and security, we also will take reasonable steps to verify your identity before granting access, making corrections, or following such a request to correct or delete your data. When you contact us, we will respond as soon as possible and where possible within one month. If your request is more complicated, it may take longer to respond to you, but we will respond within three months of your request. There is no charge for most requests, but if you ask us to provide a significant amount of data, for example, we may ask you to pay a reasonable administrative fee. We also may ask you to verify your identity before we provide any information to you.
Your California Privacy Rights
The following section pertains to the rights of individuals or households in California (“California consumers”).
Civil Code Section 1798.83: Under certain circumstances, California Civil Code Section 1798.83 states that, upon receipt of a request by a California consumer, a business may be required to provide detailed information regarding how that business has shared that customer’s Personal Information with third parties for direct marking purposes. However, the foregoing does not apply to businesses like ours that do not disclose Personal Information to third parties for direct marketing purposes without prior approval or give customers a free mechanism to opt out of having their Personal Information disclosed to third parties for their direct marketing purposes. Rights under the CCPA: After January 1, 2020, the CCPA (California Civil Code Section 1798.100 et seq.) will provide California consumers with additional rights regarding Personal Information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly with a particular consumer or household. The categories of Personal Information we collect are generally described above but differ for individual consumers depending on the Services used by such consumers. Under the CCPA, qualifying California consumers may have the following rights:
Right to Know and Right to Delete.
A California consumer has the right to request that we disclose what Personal Information we collect, use, disclose and sell. A California consumer also has the right to submit requests to delete Personal Information. When we receive a request to know or delete from a California consumer, we will confirm receipt of the request within 10 days and provide information about how we will process the request, including our verification process. We will respond to such requests within 45 days.
Right for Disclosure of Information.
A California consumer may also submit requests that we disclose specific types or categories of Personal Information that we collect. Under certain circumstances, we will not provide such information, including where the disclosure creates a substantial, articulable and unreasonable risk to the security of that Personal Information, customers’ account with us, or the security of our systems or networks. We also will not disclose California consumers’ social security numbers, driver’s license numbers or other government-issued identification numbers, financial account numbers, any health insurance or medical identification numbers, or account passwords and security questions and answers. Submitting Requests: If you are a California consumer and would like to make any requests under the CCPA, please write to us at the following address: 8600 Commodity Circle, Suite 164, Office 104 Orlando, Florida, 32819.
Verifying Requests: If we receive any request, we will use a two-step process for online requests where the California consumer must first, clearly submit the request and then second, separately confirm the request. We will use other appropriate measures to verify requests received by mail or telephone.
In submitting a request, a California consumer must provide sufficient information to identify the consumer, such as name, e-mail address, home or work address, or other such information that is on record with us so that we can match such information to the Personal Information that we maintain. Do not provide social security numbers, driver’s license numbers, account numbers, credit or debit card numbers, medical information or health information with requests. If requests are unclear or submitted through means other than outline above, we will provide the California consumer with specific directions on how to submit the request or remedy any deficiencies. If we cannot verify the identity of the requestor, we may deny the request.
California Do Not Track Disclosure: Do Not Track is a privacy preference that users can set in their web browsers. When a user turns on the Do Not Track signal, the browser sends a message to websites requesting them not to track the user. For information about Do Not Track, please visit www.allaboutdnt.org . At this time, we do not respond to Do Not Track browser settings or signals. For information about Do Not Track, please visit: www.allaboutdnt.org .
If you have any complaints concerning RIO’s processing of your Personal Information, please email us at email@example.com or write to us at 8600 Commodity Circle, Suite 104, Orlando, Florida, 32819.
Please note that if you are an EU Resident, you may have the right to lodge a complaint with a European Union supervisory authority that is responsible for the protection of Personal Information in the country where you live or work, or in which you think a breach of data protection laws might have taken place. You can learn more about these rights at https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens_en. Customers in the United Kingdom can contact the Information Commissioner’s Office by telephone on 0303 123 1113, or by using the live chat service that is available through the Information Commissioner’s website www.ico.org.uk.
If you'd like more information about our privacy practices or want us to delete your Personal Information, feel free to contact us at firstname.lastname@example.org.