To meet Consumer Privacy Laws and General Data Protection Regulation (GDPR) disclosure and transparency requirements. Everything Promotions, Inc. dba Imprint Engine needs to gather and use certain information and individuals. These can include customers, suppliers, business contracts, employees, and other people the organization has a relationship with or may need to contact.
Responsibility and Authority
The Information Technology Director, acting as the Information Security Officer, is responsible for developing, updating, and communicating this policy, and for managing the Information Technology processes which support the policy. All employees are responsible for compliance with the policy. Managers are responsible for enforcing the policy within their area of responsibility.
Imprint Engine is taking steps to provide individuals with more visibility into and better control over how their personal data is used and secured. Imprint Engine shall adopt and follow well-defined and time-tested plans and procedures, to ensure the physical security of all information assets and human assets.
Please note that certain locations where we operate have laws that require us to share specific privacy information and practices with individuals in those locations. To that end, this Privacy Statement is comprised of two sections – a generally applicable statement and a European Economic Area (“EEA”) specific addendum. If you are a resident of the EEA, please review the European Economic Area (“EEA”) specific addendum
Personal identification information
We may collect personal identification information from Users in a variety of ways, including, but not limited to, when Users visit our site, register on the site, place an order, subscribe to the newsletter, respond to a survey, fill out a form, and in connection with other activities, services, features or resources we make available on our Site. Users may be asked for, as appropriate, name, email address, mailing address, and phone number. Users may, however, visit our Site anonymously. We will collect personal identification information from Users only if they voluntarily submit such information to us. Users can always refuse to supply personal identification information, except that it may prevent them from engaging in certain Site related activities.
In no event will we ever request sensitive personal data (e.g. health information, religious preferences, etc.) from customers, and we expressly request that you not provide any such sensitive personal data to us.
Non-personal identification information
We may collect non-personal identification information about Users whenever they interact with our Site. Non-personal identification information may include the browser name, the type of computer and technical information about Users’ means of connection to our Site, such as the operating system and the Internet service providers utilized and other similar information.
Web browser cookies
Web server logs
As is true of most websites, we gather certain information automatically through your use of the Site. This information may include Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring or exit pages, the files viewed on the Site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and clickstream data to analyze trends in the aggregate and administer the site. We use analytical software to help us understand this information. This software sends information to its licensor. Other sites and companies may also use this software. As a result, the licensor may collect information that, when aggregated by them, allows them to identify you individually. We have no responsibility for this collection and use.
Information collected by our customers
Our customers may collect personal data in connection with the Services we provide to them. Our customers control the personal data they collect, and we will not use or disclose that personal data except as authorized or directed by the customer in the course of our provision of the Services and as governed by our agreement with that customer. If your personal data is controlled by one of our customers, and you have concerns about the way that data is managed or wish to exercise your rights with respect to such data (including your rights of access, amendment, or deletion), please contact that customer directly.
How we use collected information
Everything Promotions, Inc. may collect and use Users personal information for the following purposes:
To improve customer service
Information you provide helps us respond to your customer service requests and support needs more efficiently.
To improve our Site
We may use feedback you provide to improve our products and services.
To process payments
We may use the information Users provide about themselves when placing an order only to provide service to that order. We do not share this information with outside parties except to the extent necessary to provide the service.
To share your information with third parties
We may share or sell information with third parties for marketing or other purposes.
To run a promotion, contest, survey or other Site feature
To send Users information they agreed to receive about topics we think will be of interest to them.
To send periodic emails
We may use the email address to send User information and updates pertaining to their order. It may also be used to respond to their inquiries, questions, and/or other requests. If User decides to opt-in to our mailing list, they will receive emails that may include company news, updates, related product or service information, etc. If at any time the User would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email or User may contact us via our Site.
How we protect your information
We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Site.
Sensitive and private data exchange between the Site and its Users happens over an SSL secured communication channel and is encrypted and protected with digital signatures. Our Site is also in compliance with PCI vulnerability standards in order to create as secure of an environment as possible for Users.
Sharing your personal information
We may use third party service providers to help us operate our business and the Site or administer activities on our behalf, such as sending out newsletters or surveys. We may share your information with these third parties for those limited purposes provided that you have given us your permission.
Otherwise, we will not disclose your personal data to third parties except as follows:
- When we believe disclosure is reasonably required to comply with any law or legal request;
- To enforce our legal and contractual rights, or to protect the rights and safety of others; or
- As part of a sale of our assets or a merger of our company.
Third Party Websites
Users may find advertising or other content on our Site that link to the sites and services of our partners, suppliers, advertisers, sponsors, licensors and other third parties. We do not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our Site. In addition, these sites or services, including their content and links, may be constantly changing. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to our Site, is subject to that website’s own terms and policies.
Your rights over personal data that we control
We will retain your Personal Identifiable Information for as long as needed or permitted considering the purpose(s) for which it was obtained with applicable law. The criteria used to determine our retention periods include:
- The length of time we have an onboarding relationship with you and provide services to you;
- Whether there is a legal obligation to which we are subject; or
- Whether retention is necessary to protect or defend our legal rights.
Where applicable law allows for such a right, if you want to request access, correct, object to the use, or delete Personal Identifiable Information that you have previously provided us, you may submit a request through our website by filling out the Data Request Form. We will respond to your request consistent with applicable law.
For your protection, we may only implement requests with respect to the Personal Information associated with the email address that you use to send us your request, and we will need to verify your identity before implementing your request. We will verify the requestor’s identity via email using a unique identifier code.
We will encrypt any data sent to the data subject requestor to protect their personal identifiable information. We will send all user data in Excel format.
Your acceptance of these terms
European Economic Area
The “data controller” within the meaning of the GDPR is the legal person responsible for the processing and which decides alone or in cooperation with others which personal information (which includes Personal Data as defined under the GDPR and set out below) is being collected as well as the purposes and the technical and organizational means with regard to the processing of that personal information.
Imprint Engine Limited
Unit 5 Keypoint Business Park
Rosemount Industrial Estate
Where personal data has been provided to us by a customer, we remain a processor on behalf of our customer and we will not be the data controller in respect of such processing.
Information that the Company collects
When we refer to personal data we are referring to any information that relates to an identified or identifiable living individual such as name, ID number, location data, any online identifier, or any factor specific to the physical, physiological, genetic, mental, economic or social identity of that person. It does not include data where any potential identifiers have been removed (anonymous data) or data held in an unstructured file.
When you visit our website and when you communicate with us, the Company will collect certain personal data about you, such as your name, address, and email address as well as any other personal data that you may provide – for example, through submission of a query.
In addition, the Company will also collect the following information about your visit(s) to our website:
- the IP address and domain name used (the IP address is a numerical identifier assigned either to your Internet service provider or directly to your computer);
- the type of browser and operating system you use; and
- the date, time and duration for which you visit our website, the number of times you have visited our website, and where you come from.
How we use personal data we collect
We will only use your personal data for the purposes and legal bases set out in the table below:
|Purpose/Activity||Type of Personal Data||Lawful basis of Pocessing|
To provide our services, and manage our relationship with you as our customer, including:
Name, contact information, financial
Marketing about our services and events, including:
Name, contact information
To operate our website:
Our strictly necessary cookies collect:
To support our legitimate Interests in operating our website
To maintain and improve our website, in particular the information we provide about our services and to increase the number of people finding our website:
Other optional cookies process the following personal data:
Consent (which you can withdraw at any time without affecting the lawfulness of any processing based on consent before its withdrawal)
Transferring information to third parties, including to our own service providers
Name, contact information
To support our legitimate interests in managing and improving our business and services and providing services to our clients provided such interests are not overridden by the rights and interests of the data subjects concerned
|To process payments in relation to an order placed||Financial data||To fulfil our obligations to you under our contract with you|
If you do not provide us with personal data we request, we may not be able to provide you with our services or respond to any questions or requests you submit to us via our website, by telephone, email or in writing. We will tell you when we ask for personal data whether it is a contractual requirement or needed to comply with our legal obligations.
We will only use and process your personal information in accordance with the GDPR, any local implementing legislation and any replacement legislation governing the processing of personal information.
The Company May Share Your Information in Limited Circumstances
The Company will share information with its employees who need to know such information for purposes of performing their jobs, including to respond to requests or questions that you may have.
When we disclose your personal data to third parties, we only disclose to them any personal data that is necessary for them to provide their service and where we are sure that they have adequate policies/procedures in place in relation to data security. We have contracts in place with these third parties in receipt of your personal data requiring them to keep your personal data secure and not to use it other than in accordance with our specific instructions.
If you are located in the EEA, you have certain rights under data protection legislation as summarised below:
- Right of access: You have the right to obtain from us confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, to request access to the personal data, as well as certain information on how we are processing such data.
- Right to rectification: You have the right to obtain from us the rectification of inaccurate personal data concerning you. Considering the purpose of the processing, you may also, in some cases, be entitled to supplemental information regarding incomplete personal data.
- Right to erasure (right to be forgotten): You may, in certain circumstances, have your personal data deleted, for example if your personal data is no longer necessary in relation to the purpose for which it was collected, if you have objected to the processing of personal data and we do not have a legitimate interest which outweighs your interest, if the personal data has been processed unlawfully, or if the personal data must be deleted to comply with a legal obligation.
- Right to restriction of processing: You may require that we restrict the processing of your personal data in certain cases, for example where we no longer need your personal data but you need it to determine, enforce or defend legal claims or you have objected to processing based on our legitimate interest in order to enable us to check if our interest overrides your interest.
- Right to data portability: In some circumstances, you may be entitled to receive the personal data concerning you which you have provided to us in a structured, commonly used and machine-readable format and you have the right to transmit those personal data to another controller.
- Right to object: You have the right to object to the processing of your personal data in certain circumstances, for example where the processing is based on our legitimate interest. If so, in order to continue processing, we must be able to show compelling legitimate grounds that override your interests, rights and freedoms.
You have the right to lodge a complaint with the Data Protection Commission, or the supervisory authority in the Member State of your residence, place of work or place of an alleged infringement, if you consider that the processing of your personal data infringes the GDPR. In Ireland, this is the Data Protection Commission.
In any case where the Company is relying on consent to process your personal data, you have the right to change your mind and withdraw consent by contacting us using the information contained in the “Contact Us” section above.
Your rights will in each case be subject to the restrictions set out in applicable data protection laws. Further information on these rights, and the circumstances in which they may arise in connection with our processing of your personal data, can be obtained by contacting us using the details in the “Contact Us” section above. If you want to review, verify, correct or request erasure of your personal data, object to the processing of your personal data, or request that we transfer a copy of your personal data to another party, please contact us using the details in the “Contact Us” section above. We will respond to your request within one month. That period may be extended by two further months where necessary, taking into account the complexity and number of requests. We will inform you of any such extension within one month of receipt of your request. We may require proof of identification to verify your request. We have the right to refuse your request where there is a basis to do so in law, or if it is manifestly unfounded or excessive.
Our website is meant for adults. The Company does not knowingly collect personally identifiable information from children under 16 without permission from a parent or guardian. If you are a parent or legal guardian and think your child under 16 has given information to the Company, please contact the address above.
To the extent that it is necessary to transfer personal data outside of the EEA, we will ensure appropriate safeguards are in place to protect the privacy and integrity of such personal data, including standard contractual clauses under Article 46(2) of the GDPR or an adequacy decision under Article 45 for the GDPR. Please contact us if you wish to obtain information concerning such safeguards or obtain a copy of the standard contractual clauses.