Last Updated: July 1, 2023
NOTICE AT COLLECTION & QUICK LINKS
If you have a request regarding your information and would like to exercise your rights under applicable law, please contact us through the methods provided in the “Contact Us” section below. To exercise your right to ask that we not sell, share, or use your personal information for targeted advertising or to limit the use of your sensitive personal information, please click the “Your Privacy Choices”. We also recognize the Global Privacy Control opt-out preference signal in a frictionless manner. The Global Privacy Control is available here. The Global Privacy Control applies to devices and specific browsers, so additional devices and browsers may need to have the Global Privacy Control activated. As the options provided may be browser based, note that clearing cookies may reset settings within your browser.
- Who We Are
- What Do We Do with Your Personal Information
- How We Use Your Information
- How We Share Your Information
- Deidentified Information
- Website Interactions
- Your Privacy Rights
- Nevada Residents’ Privacy Rights
- Third Party Links
- Public Posting Areas
- How We Keep Your Personal Information Secure
- Retention of Your Personal Information
- International Users
- Children’s Information
- Contact Us
1. WHO WE ARE
Winston Brands, Inc. is a national direct mail and online retailer offering a wide range of affordably-priced, hard-to-find and exclusive products including items for home and garden, health and beauty as well as apparel and accessories.
2. WHAT DO WE DO WITH YOUR PERSONAL INFORMATION?
The types of information we collect when you use the Site depend on the features you use on the Site. “Personal information” is information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual.
- Identifiers, which may include name, account name and/or social media handle, phone number, email address, mailing address, and contact address, and account name (account log-in information is used for purposes of your account log-in). These are sourced directly from you (e.g., when you create an account with us, communicate with us, use the services, or post in a community forum) or indirectly from you (e.g., from observing your actions on the Site and from third parties). They are used to fulfil or meet the reason you provided the information, to contact you in relation to our Site, to respond to an inquiry, or to screen for potential risk or fraud. We process identifiers for commercial purposes related to research, advertising, and marketing, and we share and sell identifiers for commercial purposes with advertising networks, data analytics providers, operating systems and platforms, and social networks. We disclose this information for business purposes for auditing related to counting ad impressions, helping ensure security and integrity, debugging and repairing errors, short-term transient use, performing services on behalf of Winston Brands, providing advertising and marketing services, internal research, and to verify or maintain the quality or safety of our Site. We disclose this information to service providers, affiliates, and contractors.
- Commercial information and categories contained in customer records, which may include records of products purchased, obtained, considered, or other purchasing or consuming histories or tendencies, as well as financial information. These are sourced directly from you or indirectly from you. They are used to fulfil or meet the reason you provided the information, to respond to an inquiry, or to screen for potential risk or fraud. We process commercial information for commercial purposes related to research, advertising, and marketing, and we share commercial information for commercial purposes with advertising networks, data analytics providers, operating systems and platforms, and social networks. We disclose this information for business purposes for auditing related to helping ensure security and integrity, providing advertising and marketing services, internal research, and to verify or maintain the quality or safety of our Site. We disclose this information to service providers, affiliates, and contractors.
- Internet, technical or other similar network activity, which may include usage and browsing history; device information, including device properties; search history; and information on your interaction with our Site. We get this indirectly from you (e.g., from observing your actions on our Sites, from your interactions on social media platforms) or from third parties like data analytics providers. We use these to provide you with personalized content, information, and to send you brochures, coupons, samples, offers and other information on our Site; and/or to deliver relevant advertising. We process internet or other similar network activity information for business and commercial purposes related to security, auditing, repairs of our Site, research, advertising, and marketing. They are shared for business purposes with service providers, affiliates, and contractors. They are also sold or shared to third party analytics providers. For more information on cookies and similar tracking technology, how they are used, and how you can opt out of such use please refer to our Cookie Notice.
- Inferences drawn from other personal information, which may include a profile reflecting a person’s preferences, interests, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. We receive these inferences indirectly from you (e.g., from observing your actions on our Site) or from third parties, such as a data analytics provider. We use these to provide and improve the products you request; to provide you with personalized content, information, and to send you brochures, coupons, samples, offers and other information on our products; and/or to deliver relevant advertising. We process this information for business and commercial purposes related to security, auditing, hiring, research, marketing, and advertising. They are shared for business purposes with service providers, affiliates, and contractors.
3. HOW WE USE YOUR INFORMATION
We use the information we collect or receive (alone or in combination):
- to respond to your inquiries and fulfill your requests, such as to provide you access to the Services or products you have ordered, to respond to any inquiry, job application, feedback, or information and materials regarding our products and services.
- to administer surveys, sweepstakes or other promotions.
- to send administrative information to you, for example, invoices, renewal notices, information regarding our Services or Sites, and changes to our terms, conditions, and policies.
- to send you marketing communications, including via phone, postal mail, email and SMS in compliance with applicable laws and in accordance with your preferences, that we believe may be of interest to you.
- to personalize your experience on our Sites by presenting content and offers tailored to you and your interests, including by creating custom audiences on social media sites.
- for our business purposes, such as data analysis, audits, fraud monitoring and prevention, developing new products, enhancing, improving or modifying our Sites and products and Services, identifying usage trends, determining the effectiveness of our promotional campaigns and operating and expanding our business activities.
- as we believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities; (d) to enforce our Terms of Service; (e) to protect our operations or those of our marketing partners; (f) to protect our rights, or the privacy, safety or property of you or others; and (g) to allow us to pursue available legal remedies or limit the damages that we may sustain.
- for other reasons that we describe to you at the time of collection.
4. HOW WE SHARE YOUR INFORMATION
As discussed above, we may disclose your personal information to the following categories of recipients and for the following reasons:
- Service providers. In order to provide our Services to you, it is necessary for us to disclose your information to service providers who perform certain functions of our Services on our behalf. Examples include cloud hosting providers (to provide data storage and processing services); communications providers (to process new queries and to manage our emails); and fulfillment providers (to send you products or provide access to our Services).
- Payment Processors. When you make a purchase with us, your billing information is shared or collected directly by our payment processors, Paymentech or PayPal. We are committed to complying with the Payment Card Industry Data Security Standard (PCI-DSS) and using industry standard security.
- Marketing Partners. We may selectively share our postal and email mailing lists with marketing partners so they can provide you with information about product or service offerings which may be of interest to you. See Section 7 for how to opt out of our sharing of such information for these purposes.
- Our Commercial Partners. We share information we collect with commercial partners that assist us with providing our Services to you and finding relevant leads.
- Targeted Advertising. We will share your information collected about your visits over time and across our Services and multiple devices and other websites with our advertising partners in order to serve targeted advertising to you. For more information on targeted advertising and how to manage your preferences please refer to our Cookie Notice.
- Compliance with laws. We may disclose information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or other legal process (including in response to public authorities to meet national security or law enforcement requirements).
- Consent. We may share your information with any other person with your consent to the disclosure.
5. DEIDENTIFIED INFORMATION
We maintain and use all deidentified information in deidentified form. We do not attempt to reidentify it except to ensure our deidentification processes are in compliance with applicable data protection laws.
6. WEBSITE INTERACTIONS
We may use technology to monitor how you interact with our Site. This may include without limitation which links you click on, information that you type into our online forms, and about your device or browser. Further, we utilize session replay spyware to monitor and record mouse clicks and movements, keystrokes, and pages and content viewed by you. Please discontinue use of the Site if you do not consent to our collection of such information.
7. YOUR PRIVACY RIGHTS
Depending on your state of residence, the rights available to you may differ in some respects. Winston Brands responds to any rights requests in accordance with legal obligations. The rights provided by California, Colorado, Connecticut, and Virginia law are listed below. Additionally, all users may exercise their rights to opt-out of marketing communications by following the directions provided below.
California, Colorado, Connecticut, and Virginia Privacy Rights
- Right to Know or Access: You may have the right to get confirmation about whether or not your personal information is being processed. If so, you may have the right to access the personal information and other information, such as the purposes, the categories of personal information, the recipients (or categories of recipients) to whom the personal information have been or will be disclosed, the predicted period that the personal information will be stored, or, if not possible, the criteria used to determine that period, your rights, etc. To action this right, please click “Your Privacy Choices” in our website footer and select “Info Request”.
- Right to Delete: You may have the right to the deletion or erasure of your personal information in certain circumstances. To action this right, please click “Your Privacy Choices” in our website footer and select “Delete”.
- Right to Correct: You may have the right to correct your personal information if inaccurate. To action this right, please submit your updates by emailing email@example.com, calling customer service at (800) 582-5700, or writing to us at: Winston Brands, Inc., PO Box 7985, Elk Grove Village IL 60009-7985.
- Right to Opt-out of Sale, Sharing, and Targeted Advertising of your Personal Information: You may have the right to opt-out of the sale or sharing of your personal information to third parties. Additionally, you may opt out of the use of your personal information for targeted advertising. To exercise this right, you may submit a request using the link provided above and in the “Notice at Collection” section. You may also exercise your rights related to targeted advertising through our Cookie Notice. We do not collect or sell the personal information of consumers who are under 16 years old.
- Right to Nondiscrimination: You have the right to non-discrimination, to receive equal service and pricing from a business, even after exercising your rights.
- Right to Data Portability: You may have the right to receive the personal information that you have given us, in a structured, commonly used and machine-readable format. You have the right to send that personal information to another controller if the processing is based on consent pursuant or on a contract and is carried out by automated means. To action this right, please click “Your Privacy Choices” in our website footer and select “Info Request”.
- Right to Opt-out of Profiling: You may have the right not to be subject to a decision based solely on profiling, except under certain exceptions under local law.
Rights Provided to All Users
- Access to Information. You can access, correct, update, delete, and deactivate personal information you have provided to us by logging into your account, emailing us at firstname.lastname@example.org, calling customer service at (800) 582-5700, or writing to us at: Winston Brands, Inc., PO Box 7985, Elk Grove Village IL 60009-7985.
- Opting Out of Email Marketing Communications From Us. You can opt out of receiving marketing emails from us by clicking the “unsubscribe” link or adjust your email preferences by clicking the “email preferences” link in the email, emailing us at email@example.com (with "Unsubscribe from Email" in the subject line), or writing to us at Unsubscribe from Email c/o Winston Brands, Inc., PO Box 7985, Elk Grove Village IL 60009-7985. Please be sure to provide us with the email address you wish to opt-out.
- Opting Out of Postal Direct Mail Marketing Communications From Us. You can opt out of receiving marketing communications from us via postal mail emailing us at firstname.lastname@example.org (with "Unsubscribe from Mailings" in the subject line), or writing to us at Unsubscribe from Mailings, c/o Winston Brands, Inc., PO Box 7985, Elk Grove Village IL 60009-7985. Please be sure to provide us the postal address you wish to opt out so we can identify you correctly.
- Opting Out of 3rd Party Postal Direct Mail Marketing. You can opt out of receiving paper marketing communications from 3rd parties via postal mail by emailing us at email@example.com (with “Unsubscribe from 3rd Party Mailings” in the subject line), or writing to us at Unsubscribe from 3rd Party Mailings, c/o Winston Brands, Inc., PO Box 7985, Elk Grove Village IL 60009-7985. Please be sure to provide us the postal address you wish to opt out so we can identify you correctly.
- Opting Out of Sharing Personal Information. You can opt-out of sharing personal information with Third Party Marketing Partners by emailing us at firstname.lastname@example.org. United States-based individuals may opt out of certain other uses of their data through the DAA opt-out program currently available at https://www.aboutads.info/choices/. EU/EEA-based individuals may opt out of certain other uses of their data through the EDAA opt-out program, currently available at https://www.youronlinechoices.eu/. For individuals based in any other global region, you may opt-out of certain uses of your data by Oracle through the opt-out mechanisms found at https://www.oracle.com/legal/privacy/privacy-policy.html.
- Phone Marketing Messages. You can opt out of receiving marketing communications from us via phone by emailing us at email@example.com (with “Unsubscribe from Phone” in the subject line), or writing to us at Unsubscribe from Phone, c/o Winston Brands, Inc., PO Box 7985, Elk Grove Village IL 60009-7985. Please be sure to provide us the phone numbers you wish to opt out so we can identify you correctly.
IF YOU CHOOSE TO NO LONGER RECEIVE MARKETING COMMUNICATIONS FROM US, WE MAY STILL COMMUNICATE WITH YOU REGARDING SUCH THINGS AS SECURITY UPDATES, PRODUCT FUNCTIONALITY, RESPONSES TO SERVICE REQUESTS, TRANSACTION INFORMATION, OR OTHER TRANSACTIONAL, NON-MARKETING PURPOSES.
- Turning Off Tracking Technologies. You can choose to have your computer warn you each time a persistent or session cookie is being sent, or you can choose to turn off such cookies through your browser settings. Each browser is a little different, so look at your browser’s Help menu to learn the correct way to modify your cookies. It is important to remember that many of our Services may not function properly if your cookies are disabled. Please refer to our Cookie Notice for more information or you may update or review your cookies by clicking the Manage Cookies button.
- Browser “Do Not Track” Signals and Opt-Out Preference Signals. Some third-party browsers provide “do not track” machine readable signals for websites, which are automatically applied by default. These features are not all uniform. We recognize opt-out preference signals, such as the Global Privacy Control, as a request to opt-out of the sale or sharing of your personal information or as a request to limit the use or disclosure of your sensitive personal information, in a frictionless manner. The Global Privacy Control is available here. The Global Privacy Control applies to devices or web browsers, so additional devices or web browsers may need to have the Global Privacy Control activated. If you block cookies, certain features on our Site or Services may not work. If you block or reject cookies, not all of the tracking described here will stop. If you clear your cookies, you may also impact your settings.
- Interest Based Ads. Please refer to our Cookie Notice for opt out information.
- Control Tools on Your Mobile Devices. There may be controls on your mobile devices such as the ability to turn off GPS locator and other privacy settings. To do this on an iPhone, (1) go to Settings > Privacy > Location Services > and choose an app; (2) Select the app > tap on "location;" (3) Scroll down and slide the "Precise Location" toggle to Off. To do this on an Android, (1) go to Location Services > Google Location Accuracy; and (2) Toggle Improve Location Accuracy to Off.
- Consent. If we have collected and processed your personal information with your consent, then depending on the jurisdiction where you reside and applicable law you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
Shine the Light
Under the California “Shine The Light” law, California residents may opt-out of Winston Brands disclosure of personal information to third parties for their direct marketing purposes. Any California resident may choose to opt-out of the sharing of such personal information with third parties for marketing purposes at any time by directing such request to ShineTheLightPrivacyRequest@winstonbrands.com.
Financial Incentives and Bone Fide Loyalty Programs
We may offer various financial incentives from time to time, primarily requesting identifiers and contact information as part of an offer, though we may also request certain personal information such as your e-mail address or other information from your customer records. The terms of the financial incentive, including the personal information requested in connection with the offer will be provided at the time you sign up for the financial incentive. In calculating these offers, we consider the expenses related to the offer and the value of your personal information. If you no longer wish to see an offer, you may click the “X” provided in the offer box. Additionally, you may withdraw from any of the financial incentives at any-time by following the instructions provided. For offers involving your e-mail, you may unsubscribe. For offers involving text messaging, you may text STOP. For all other offers, you may follow the instructions provided with the offer.
How to Submit a Request. You may submit a request to exercise your rights by filling out a Consumer Data Request Form available at the Your Privacy Choices link in the footer of our webpage or by calling us at (800) 582-5700.
If you, or an authorized agent acting on your behalf, wish to: (1) make a request related to any of the rights set forth below; or (2) appeal our refusal to act within a reasonable time, please reach out to us using the contact information provided.
We may need to verify your request before completing it. For example, we may ask you to confirm data points we already have about you. We will only use personal information provided in a request to verify the requestor’s identity or authority. Note that we may deny a request from an authorized agent that does not submit sufficient proof that they have been authorized to act on behalf of another individual.
8. NEVADA RESIDENTS’ PRIVACY RIGHTS
A Notice to Nevada Residents: Under Nevada law, if you are a resident of Nevada, you may apply limits to the sale of certain personal information to third parties for resale or licensing purposes. You are entitled to register your preference for limits on such sales in the future by sending an email to NevadaPrivacyRequest@winstonbrands.com, with the subject line, “Nevada Do Not Sell Request” along with your first and last name, email address, postal address and zip code so that we can match your information to your account.
9. THIRD-PARTY LINKS
10. PUBLIC POSTING AREAS
Please note that any information you include in a message you post to any public posting area, such as any of our social media platforms, is available to anyone with internet access. If you don’t want people to know your email address, for example, don’t include it in any message you post publicly. PLEASE BE EXTREMELY CAREFUL WHEN DISCLOSING ANY INFORMATION IN PUBLIC POSTING AREAS. WE ARE NOT RESPONSIBLE FOR THE USE BY OTHERS OF THE INFORMATION THAT YOU DISCLOSE IN PUBLIC POSTING AREAS.
11. HOW WE KEEP YOUR PERSONAL INFORMATION SECURE
We have implemented appropriate physical, technical and administrative safeguards against unauthorized access, use, modification and disclosure of personal information in our custody and control. However, no data transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so you should take care in deciding what information you send us in this way. If we learn of a security systems breach, we may attempt to notify you electronically so that you can take appropriate protective steps. By using the Sites or Services or providing personal information to us, you agree that we can communicate with you electronically regarding security, privacy and administrative issues relating to your use of the Services. We may post a notice on our Sites if a security breach occurs. We may also send an email to you at the email address you have provided to us in these circumstances. Depending on where you live, you may have a legal right to receive notice of a security breach in writing.
12. RETENTION OF YOUR PERSONAL INFORMATION
We retain your personal information as long as necessary to comply with applicable legal, tax or accounting requirements, to maintain records of fraud, to enforce our agreements, or comply with our legal obligations, or in accordance with our standard business practices.
13. INTERNATIONAL USERS
The Sites and Services are provided and hosted in the United States. If you are using the Sites or Services from outside the United States, please be aware that your information may be transferred to, stored, and processed by us in our facilities and by other entities with whom we share your personal information, in the United States and other locations. These countries may have data protection laws that are different to the laws of your country. By using the Sites or Services, you consent to the collection, international transfer, storage, and processing of your personal information where permitted by law. We primarily use European Union Commission Standard Contractual Clauses for data transfers from the European Union, the EEA, the UK and Switzerland to countries outside the EEA (including the UK). For transfers between other jurisdictions, we may rely on other legal mechanisms for international transfer, as appropriate under the relevant law.
14. CHILDREN'S INFORMATION
The Sites and Services are intended for a general audience and are not directed or intended for anyone under 18 years of age. You must be 18 years of age to use the Sites or Services. We do not knowingly collect personal information from children under the age of 18. If we obtain actual knowledge that any information we collect has been provided by an individual under the age of 18, we will promptly delete that information.
16. CONTACT US
When contacting us, please include your full name, address, phone number, and email address, and indicate the specific nature of your request or inquiry.