We provide this privacy statement explaining our online information practices, so that you can decide whether and how to interact with the Site and the Services.
We may release your information when we deem it appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property, or safety.
Contact Data and Other Identifiable Information
This site collects certain user information, which may include a username and password, contact information, or any other data that you type in to the site. It may also identify your IP address to help identify you on future visits to the site. At our discretion, the Site may use this data to:
- Personalize the user experience and/or customer service
- Improve the site
- To process transactions
- Administer a contest, promotion, survey or other site feature or function
- Send email to users
Analytics: Navigation and Behavior Analytics
What personal information do we collect from the people that visit our blog, website or app?
When navigating and viewing products on our site, as appropriate, we collect anonymous Navigation and Behavior Analytics and other related details to help optimize our site navigation and structure based on your experience, using Google Analytics and Search Console to aggregate data securely and anonymously.
When do we collect information?
We collect information from you when you when Navigating the Website (Tracking Links Clicked Most, etc.), when you arrive from Search Engines like Google (Search Queries Used, Landing Pages from Search, etc.) or enter search information on our site to find items.
How do we use your information?
We may use the information we collect from you when you sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
• To improve our website in order to better serve you.
• To allow us to better service you in responding to your customer service requests.
How does our site handle do not track signals?
We honor do not track signals and do not track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
⇒ Google Analytics
We have implemented the following analytics collections:
• Google Display Network Impression Reporting
• Demographics and Interests Reporting
We, along with third-party vendors (such as Google) use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together.
We use them to compile data regarding user interactions with the basic structure of the website, time spent on specific products, and tracking the number of clicks it takes to find the correct product; to improve the overall user experience and by collecting usage data that allows us to continuously optimize the website, making information accessible as fast and smoothly as possible.
⇒ Google Analytics: Opting Out
Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising initiative opt out page or permanently using the Google Analytics Opt Out Browser add on.
Mobile Device Privacy
The following applies to our site, when viewed on a mobile device:
When accessed with a mobile device, our site may collect information automatically, such as the type of mobile device you have, device identifiers, and information about your use of the site. Regardless of the device you use to access the site, it will also collect information you provide, as well as information about your interaction with the site and its content.
If location services are activated on your mobile device, our site may collect information about the location of your device. Your mobile network service providers may collect device-specific information, such as a device identifier, when you use our website or one of our mobile applications. This information collected by your mobile network service will not be associated with your user account with us, or with your personally identifiable information.
Protection of User Information
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
- Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.
- We use regular Malware Scanning on a Server Level with our Hosting Provider.
- We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information.
- Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential.
- If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption.
- All transactions are processed through a gateway provider and are not stored or processed on our servers.
Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
E-commerce and Store Privacy
SECTION 1 – WHAT DO WE DO WITH YOUR INFORMATION?
When you purchase something from our store, as part of the buying and selling process, or place a reservation for a product, we collect the personal information you give us such as your name, address and email address.
When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
SECTION 2 – CONSENT
- How do you get my consent?
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
- How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at firstname.lastname@example.org or mailing us at: Pasco Rentals, Inc. 2604 W Court St., Pasco, WA, 99301, United States
SECTION 3 – DISCLOSURE
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
SECTION 4 – PAYMENT PROCESSING
Our store payment system is provided and hosted by Stripe. They provide us with the online e-commerce payment platform that allows us to sell our products and services to you.
If you choose a direct payment gateway to complete your purchase, then Stripe stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
More information on Stripe’s secure payment system below:
Stripe has been audited by a PCI-certified auditor, and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available.
SSL and HSTS:
Stripe forces HTTPS for all services, including our public website. We regularly audit the details of our implementation: the certificates we serve, the certificate authorities we use, and the ciphers we support. We use HSTS to ensure browsers interact with Stripe only over HTTPS. Stripe is also on the HSTS preloaded lists for both Chrome and Firefox.
All card numbers are encrypted on disk with AES-256. Decryption keys are stored on separate machines. None of Stripe’s internal servers and daemons are able to obtain plaintext card numbers; instead, they can just request that cards be sent to a service provider on a static whitelist. Stripe’s infrastructure for storing, decrypting, and transmitting card numbers runs in separate hosting infrastructure, and doesn’t share any credentials with Stripe’s primary services (API, website, etc.).
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
LINKS: When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under 13, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation’s consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not market to children under 13.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
• We will notify the users via in site notification within 7 business days.
• We will notify the users via email within 1 business day.
We also agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
• Send information, respond to inquiries, and/or other requests or questions.
• Process orders and to send information and updates pertaining to orders.
• We may also send you additional information related to your product and/or service.
• Market to our mailing list or continue to send emails to our clients after the original transaction has occurred
To be in accordance with CANSPAM we agree to the following:
• NOT use false, or misleading subjects or email addresses
• Identify the message as an advertisement in some reasonable way
• Include the physical address of our business or site headquarters
• Monitor third party email marketing services for compliance, if one is used.
• Honor opt-out/unsubscribe requests quickly
• Allow users to unsubscribe by using the link at the bottom of each email.
If at any time you would like to unsubscribe from receiving future emails, you can email us at: email@example.com — Or follow the instructions at the bottom of each email and we will promptly remove you from ALL correspondence.
We are based in Pasco, WA 99301, U.S.A., and you are contracting to use our Site. This Policy and all matters arising from your use of the Site are governed by and will be construed according to the laws of Pasco, WA 99301, U.S.A., without regard to any choice of laws rules of any jurisdiction. The federal courts and state courts that have geographical jurisdiction over disputes arising at our office location in Pasco, WA 99301, U.S.A., will be the only permissible venues for any and all disputes arising out of or in connection with this Policy or the Site and Service.
Notwithstanding anything that may be contrary within the “Disputes” provisions above, all matters, and all claims within a multi-claim matter, that are arbitrable, including all claims for monetary damages, shall be decided by a single arbitrator to be selected by us, who shall hold hearings in or near Pasco, WA 99301, U.S.A., under the rules of the American Arbitration Association.
If you have any questions about these Terms, please address them to firstname.lastname@example.org.
These terms were last updated on June 12, 2016