It also describes the choices available to you regarding our use of your personal information and how you can access and update this information.
We will update this policy from time to time as our practices change regarding how we handle information. We will publish these updates on our website and using our email subscription lists.
Overview of this Policy
This policy sets out:
1. How we collect your information;
2. How we use your information;
3. How we share your information;
4. How we secure your information;
5. Your rights to access and correct your information.
1. How We Collect Your Information
In order to provide our services, we collect personal information from you. We do so in two main ways:
a. Information you provide to us directly.
b. Information we collect from you automatically.
we collect the following personal information from you directly:
· Contact Information such as name, email address, mailing address, phone number
· Billing Information such as credit card number, and billing address
· Unique Identifiers such as user name, account number, password
· Preferences Information such as product wish lists, order history, marketing preferences
· Some of the information we collect from you may be in the nature of sensitive personal information. This may include details about you, such as your age, gender, personal interests, associations, memberships and opinions.
Cookies and Tracking Technology
2. How We Use Your Information
We use the information we have collected in order to:
· Fulfill your order
· Send you an order confirmation
· Assess the needs of your business to determine suitable products
· Send you requested product or service information
· Send product updates or warranty information
· Respond to customer service requests
· Send you a newsletter
· Send you marketing communications
· Respond to your questions and concerns
· Improve our Web site and marketing efforts
· Perform work incidental to any of these tasks, in order to provide our services
· We do not sell your personal information to any other third party, or use it for extraneous commercial gain outside the services we provide.
You may choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in these emails or you can contact us at https://www.facebook.com/EnglishTESOL/ or using the details at the end of this policy.
3. How We Share Your Information
In certain circumstances, we share your personal information with third parties as set out in this policy or as required by law. We do not sell your personal information to third parties.
Compliance with Other Laws and Legal Processes
We may also disclose your personal information
· as required by law such as to comply with a subpoena, or similar legal process
· when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud;
· if AESOP is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our web site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information at that time.
Links to Other Web Sites
Our Site includes links to other Web sites whose privacy practices may differ from those of AESOP/TESOL. If you submit personal information to any of those sites, your information is governed by their privacy statements. We encourage you to carefully read the privacy statement of any Web site you visit.
4. How We Secure Your Information
Storage and Security of Personal Information
When we collect personal information directly from you, we take steps to keep that information secure and safe from the risk of external or internal unauthorized access or disclosure.
The measures we employ are divided into 3 classes:
1. protection from internal risks;
2. protection from external risks; and
3. protection from cyber risks.
Internal Risk Management
To guard against the risk of unauthorized access, loss or disclosure of information from internal sources, we:
1. permit access to information to only those staff who require such access in order to perform their duties;
2. train staff in the use of information-technology, systems and software;
3. keep records of the equipment and storage devices maintained by us to prevent unauthorized removal;
4. Implement policies and procedures with respect to the use of information, including procedures as to how work is performed to ensure consistency with privacy principles.
To guard against the risk of unauthorized access, loss or disclosure of information from external sources, we:
1. maintain security at our premises;
2. ensure information-technology is password protected so that access to our premises does not permit access to your information;
3. prohibit third-party personnel from accessing areas of our premises in which information is stored; and
4. Do not permit the reproduction of information for removal from our premises.
To guard against the risk of unauthorized access, loss or disclosure of information from cyber-attack or intervention, we:
1. maintain updated information-technology platforms;
2. regularly change passwords;
3. protect our systems, communications and servers using proprietary encryption software, which is updated (or replaced) regularly;
4. maintain firewalls and scanning tools to detect attempts by outside sources to access our systems, network or information-technology;
5. prohibit access using our information-technology to harmful websites; and
6. do not permit the installation of third-party platform software capable of displacing control of our systems.
In addition, we destroy any information held which is no longer required by us.
No method of transmission over the Internet, or method of electronic storage, is 100% secure and we cannot guarantee absolute security. If you have any questions about security on our website, you can contact us at firstname.lastname@example.org or using the details set out at the end of this policy.
Use of Shopping Cart Providers
In order to make a purchase from us, you must use our shopping cart provider to finalize and pay for your order. Its privacy statement and security practices will also apply to your information. We encourage you to read that privacy statement before providing your information.
We will retain your information for as long as your account is active or as needed to provide you services. If you wish to cancel your account or request that we no longer use your information to provide you services contact us at email@example.com or using the details set out at the end of this policy.
Your Rights to Access, Correct and Contact
Correcting and Updating Your Personal Information
Under the Data Privacy Act 2012, you have the right to ask us for access to the personal information we hold about you. You may also ask us to correct that information.
Where you request us to access your personal information or to correct it, we must respond to that request within 30 days. If you have requested a correction, we must take reasonable steps to do so if we agree that it requires correction, subject to any legal obligations preventing us from doing so.
To review and update your personal information to ensure it is accurate, contact us at firstname.lastname@example.org or using the information contained at the end of this policy
Notification of Privacy Statement Changes
We may update this privacy statement to reflect changes to our information practices, the law or industry standards.
If we make any material change which may affect how we deal with your information, we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on this Site prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
Making a Complaint
If you are concerned about our use of your information, or your privacy, you can contact us so that we can address those concerns. You may use the contact information contained at the end of this policy to contact us.
Additional Policy Information
You can log in to our site using sign-in services such as Facebook Connect or an Open ID provider. These services will authenticate your identity and provide you the option to share certain personal information with us such as your name and email address to pre-populate our sign up form. Services like Facebook Connect give you the option to post information about your activities on this Web site to your profile page to share with others within your network.
Our Web site offers publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them.