Loading

Effective Date: June 25, 2020

This Privacy Policy was previously modified on May 4, 2016 and was first published and made effective on May 23, 2011.

This Privacy Policy applies to the Ossa website (www.ossa2020.wpengine.com), applications, Services (as defined below), tools, and electronic communications with you (including, to the extent you permit, email, chat, text messaging, and online messaging) and is and forms part of our Terms of Service, as explained below and in our User Agreement (which is separately available from the Ossa website or on request), and wherever this Privacy Policy is referenced and can be accessed, regardless of how you access or use the foregoing, including through personal computers, tablets, or mobile device applications (“apps”).

We may amend this Privacy Policy at any time, including an effective date for the amended version, by providing notice (as more fully defined below) of an amended version on the Ossa website, or by providing you with notice of the amended Privacy Policy and making a copy available to you electronically. We also will announce any material changes to this Privacy Policy by providing you with notice.

Ossa is an unincorporated division of Heart of Gold US LLC d/b/a Ossa (“Ossa”), 24 Railroad Avenue, PMB 125, Tenafly, NJ 07670 (“Ossa,” “we,” “our,” or “us”), and controls and operates the Ossa website and electronic communications with you and other users of our Services, and is committed to bringing you services and communications appropriate for your needs given our commercial purposes while respecting your privacy.. This Privacy Policy describes how we collect, use, and disclose information through our electronic communications with you, website, mobile applications, and other online services and products that link to, post or otherwise reference this Privacy Policy and how you can control the collection, correction and/or deletion of information we collect.

For purposes of the User Agreement and this Privacy Policy, the term “Services” means and includes your communications with us and/or other users, your interactions with and access to the Ossa website and its contents, and any software or information downloads you make from us, including but not limited to the communications and interactions discussed in this Privacy Policy or our User Agreement, and for networking to create a community of podcast hosts and producers and providing business development services.

Please read the entire Privacy Policy and our User Agreement and other policies forming our Terms of Service, separately available to you, which governs your use of the Services, and includes, among other things, grants of rights from you, limits on our liability and your remedies, mandatory arbitration, and waiver of class actions, before using our Services. By using our Services, you agree to our Terms of Service and consent to our collection, use and sharing of your information and data, and other activities, as described in this Privacy Policy and in our User Agreement.
To the extent that we provide you with notice via our Services of different or additional privacy policies or practices (e.g., as our Services may evolve, expand or contract, or our information collection requirements change), those different or additional terms shall govern such data collection and use.

We will not use or share your information with anyone except as described in this Privacy Policy.  This Privacy Policy does not apply to information we collect by other means (including offline) or from other sources.  Capitalized terms that are not defined in this Privacy Policy have the meaning given them in our Terms of Use

Our Services are not directed to persons under the age of 13, such persons being prohibited from using our Services under our User Agreement and Terms of Service, and thus are not directed to children and therefore this Privacy Policy does not address issues related to such children’s information.

  1. Personal Information We Collect
  2. Personal Information You Provide.
    We may collect information you provide directly via use of the Services (including through mobile devices), including certain Personal Information (defined below). We may ask you for some or all of the following types of information when you communicate with us and if and to the extent you register with our Services, particularly at registration, by use of forms that ask you to provide information about you and your business and create an account associated with you containing your Personal Information and other information we may request (an “Account”), and a Profile (as defined below) for using our Services, and in connection with updating of your provided Account information and Profile, when you participate in any community chats, fill out forms that may appear in various places and manners to, for example, register for newsletters, webinars, training sessions, information, community spotlights, promotions, events, contests or sweepstakes, when you submit or post comments and other content, or directly contact us with questions or feedback, and when you communicate, consider, and possibly complete business transactions with other users via our Services:
  • Contact information, such as name, e-mail address, postal address, and telephone number;
  • Username, display name, and password, answers to security questions;
  • Demographic information, such as age, gender, zip code, country, company name, type of business, subject matter focus and areas of interest of your business activities;
  • Financial information, such as an account with PayPal Holdings LLC (a “PayPal account”), bank or other financial institution account information, or credit card number and expiration date and security code, in connection with a financial transaction involving you;
  • Tax identification numbers or other identification numbers;
  • Communications preferences;
  • Search queries;
  • Stories, comments, photos, and other information posted in any interactive online feature of our Services;
  • Correspondence, content, links, and other information that you send to us;
  • Correspondence and information exchanged between you and our other users in the course of using our Services to transact business, including without limitation Booking Requests, Booking Fees, Booking Orders, Campaigns (as explained in our User Agreement) and communications regarding the same; and
  • Additional information as otherwise requested of you or described to you at the point of collection or pursuant to your consent, e.g., in connection with updating your previously provided information and existing Profile.

The information you provide may include Personal Information. “Personal Information” is information that can be used to identify you (whether alone or in combination). Personal Information once “de-identified” or “anonymized” or aggregated with other information so that it cannot be linked back to you is not subject to this Privacy Policy and we may treat it as non-Personal Information and use it without obligation to you except as prohibited by applicable law.

To the extent that we combine Demographic or other information with your Personal Information we collected directly from you via our Services, we will treat the combined data as Personal Information under this Privacy Policy. Some of the Personal Information we collect, such as a way to identify you, is necessary to enter into our User Agreement. The provision of all other Personal Information is voluntary, but may be necessary in order to use our Services. If you do not voluntarily provide all the information we request, including Personal Information, it may be a basis on which we deny you access to some or all of our Services.

As used herein a “Profile” means and refers to either a Podcaster Profile or a Brand Profile, which you may or may not create depending on what type of user of our Services you are and in the context of its use as explained more fully in our User Agreement. As used herein a “Podcaster Profile” is a compilation of data including Personal Information and non-Personal Information for and about each Podcaster user that will be accessible to, searchable on, and used to enable, permitted users to search for and identify Podcasters of interest. As used herein a “Brand Profile” is a compilation of data including Personal Information and non-Personal Information for each Brand user that will be accessible to, searchable on, and used to enable, other permitted users search for and identify Brands of interest. You grant us the right to use your name and likeness in connection with our advertising, marketing, publicity and promotional activities for our Services, and, upon your consent, likewise to use your Profile.

  1. Information Automatically Collected.

We, directly or through our third-party service providers, also may collect certain information automatically when you use the Services (“Usage Information”), including:

  • Your browser type and operating system;
  • Your Internet Protocol (IP) address, which is the number automatically assigned to your computer whenever you access the Internet and that can sometimes be used to derive your general geographic area;
  • Geolocation information;
  • Other unique identifiers, including mobile device identification numbers;
  • Sites you visited before and after visiting the Services;
  • Pages you view and links you click on within the Services;
  • Information collected through cookies, web beacons, and other technologies;
  • Information about your interactions with e-mail messages, such as the links clicked on and whether the messages were opened or forwarded; and
  • Standard Server Log Information.

Except to the extent required by applicable law, Ossa does not consider Usage Information to be Personal Information. However, Usage Information may be combined with your Personal Information that we collect. To the extent that we combine Usage Information with your Personal Information, we will treat the combined information as Personal Information under this Privacy Policy.

These technologies may be downloaded to your personal computer, browser, laptop, tablet, mobile phone or other device (“Devices”) whenever you visit or interact with our Services. We or our third-party service providers may use cookies, pixel tags, Local Shared Objects (sometimes referred to as “Flash Cookies”), and other technologies to automatically collect Usage Information as described below. Some of these technologies may set, change, alter or modify settings or configurations on your Device(s).

Cookies, Pixel Tags, and Local Shared Objects

Cookies are small bits of information that are stored by your computer’s web browser. You can decide if and how your computer will accept a cookie by configuring your preferences or options in your browser. However, if you choose to reject cookies, you may not be able to use certain online products, services or features on the Services.

Pixel tags are very small images or small pieces of data embedded in images, also known as “web beacons” or “clear GIFs,” that can recognize cookies, the time and date a page is viewed, a description of the page where the pixel tag is placed, and similar information from your Device.

Local Shared Objects (sometimes referred to as “Flash Cookies”) are similar to standard cookies except that they can be larger and are downloaded to a computer or mobile device by the Adobe Flash media player.  Please note that you may need to take additional steps beyond changing your browser settings to refuse or disable Local Shared Objects and similar technologies.  For example, Local Shared Objects can be controlled through the instructions on Adobe’s Setting Manager page.  If you choose to refuse, disable, or delete these technologies, some of the functionality of the Services may no longer be available to you.

Embedded Scripts

An embedded script is programming code designed to collect information about your interactions with the Services. It is temporarily downloaded onto your Device from our web server or a third party with whom we work, is active only while you are connected to the Services, and deleted or deactivated thereafter.

Location-identifying Technologies

GPS (global positioning systems) software, geo-filtering, and other location-aware technologies locate (sometimes precisely) you for purposes such as verifying your location and delivering or restricting relevant content based on your location.

Device Fingerprinting

Device fingerprinting is the process of analyzing and combining sets of information elements from your Device’s browser, such as JavaScript objects and installed fonts, in order to create a “fingerprint” of your Device and uniquely identify your device and applications.

In-App Tracking Methods

There are a variety of tracking technologies that may be included in mobile applications, and these are not browser-based like cookies and cannot be controlled by browser settings. Some use device identifier, or other identifiers such as “Ad IDs” to associate app user activity to a particular app and to track user activity across apps. You can stop all collection of information via our mobile applications by uninstalling them. Also, you may be able to exercise specific privacy choices, such as enabling or disabling certain location-based services, by adjusting the permissions in your mobile device.

For further information on tracking technologies and your choices regarding them, please see Section 7 below.

We are providing you with detailed notice of the various tracking technologies and your limited choices regarding them so that your consent to our use of them is meaningfully informed.

  1. Information from Other Sources.

We may obtain information about you from other sources, including other users with whom you may or do transact business using our Services or by going outside of our Services, service providers and third-party services, and combine such information with information we have collected about you. We also may collect information about you from public sources as allowed by applicable law. We may do this to enhance our ability to serve you and offer you opportunities that may be of interest to you.

If you give us personal information about someone else, you must do so only with that person’s authorization. You should inform them how we collect, use, disclose, and retain their personal information according to our Privacy Policy.

To the extent we combine any such third party sourced information with Personal Information we have collected about you on the Services, we will treat the combined information as Personal Information under this Privacy Policy. We are not responsible for the accuracy of any information provided by third parties or third-party policies or practices and our statements under the Privacy Policy do not apply to information we receive about you from third parties.

  1. Purposes of Processing – How We Use Your Personal Information

We use your Personal Information in a variety of ways to provide and improve our Services, provide you with business opportunities, provide you with a personalized experience on our website, contact you about your Account and our Services, provide you customer service, provide you with newsletters and other Ossa marketing and community information, and to detect, prevent, mitigate and investigate fraudulent or illegal activities.

Our use of the Personal Information we collect from you has different legal bases and business purposes, as follows:

We use your personal information to fulfill a contract with you and provide you with our Services, to comply with our legal obligation, protect your vital interest, or as may be required for the public good. This includes:

  • To permit certain users of our Services to search our database containing individual Podcaster Profiles to locate, evaluate and identify a selected Podcaster as of interest in connection with submitting a Booking Request for placement of advertising or sponsorship of a Podcaster show, and possibly executing a Campaign, as explained in our User Agreement.
  • To permit certain users of our Services to search our database containing individual Brand Profiles to locate, evaluate and identify a selected Brand as of interest, as explained in our User Agreement.
  • To provide payment processing and Account management, operate, measure and improve our Services, keep our Services safe, secure and operational, and customize website content that includes items and Services that you may like in response to actions that you take.
  • To contact you regarding your Account, to update information in your Account or your Profile, to troubleshoot problems with your Account, to resolve a dispute, to pay or collect fees or monies owed or as otherwise necessary to provide you customer service.
  • When communicating with you for the purposes described herein, we may contact you via physical (paper document by postal mail or other delivery services), electronic (email, SMS/text messages, chat) or telephone (cellular, landline, internet phone) communication technologies as described in our User Agreement, to the extent that you consent to such communication channels by providing contact information enabling us to use such communication channels, and as authorized by applicable law. Message and data rates may apply.
  • To provide other services requested by you as described when we collect the information or pursuant to your consent.
  • We may use general location information to provide you with location based Services (such as location-based Booking Offers, search results, and other personalized content and communications).
  • Contact you with surveys, legal notices, and other information that may be relevant to your use of the Services and to respond to your correspondence.
  • To prevent, detect, mitigate, and investigate fraud, security breaches or other potentially prohibited or illegal activities.
  • To enforce our User Agreement, this Privacy Policy, or other policies, and to monitor restrictions on going outside of Ossa and non-solicitation and non-competition for violations of our Terms of Service or applicable laws.

We use your personal information to pursue our legitimate interests where your rights and freedoms do not outweigh these interests. We have implemented controls to balance our interests with your rights. This includes to:

  • Improve our Services, for example by reviewing information associated with stalled or crashed pages experienced by users allowing us to identify and fix problems, improve the Services, create new Services offerings, and give you a better experience.
  • Communicate with you in order to offer you special promotions, special offers, poll your opinions through surveys or questionnaires and inform you about our Services, as authorized by applicable law.
  • Measure users’ performance (e.g. by monitoring Booking Requests, Booking Offers, Campaign, and associated Booking Fee payments).
  • Monitor and improve the information security of our website and mobile applications.

With your consent, we may use your Personal Information to:

  • Provide you with business opportunities including Booking Request via the aforementioned communication channels.
  • Provide you with communications and marketing from Ossa.
  • Use your sensitive Personal Information to facilitate transactions.

You have the right to withdraw your consent to or to opt out of all or any of the foregoing at any time.

Ossa reserves the right, but has no obligation, to monitor the User Content you post on the Service.  We reserve the right to remove any such information or material for any reason or no reason, including without limitation if in our sole opinion such information or material violates, or may violate, any applicable law or our Terms of Use Agreement, or to protect or defend our rights or property or those of any third party.  Ossa also reserves the right to remove information upon the request of any third party.

We may use technologies considered automated decision making or profiling or artificial intelligence. We will not make automated-decisions about you that would significantly affect you, unless such a decision is necessary as part of a contract we have with you, we have your consent, or we are required by law to use such technology.

  1. Sharing of Information

We want you to understand when and with whom we may share the information we collect, including Personal Information. We may share information that we collect through the Services with third parties as follows:

  • Other Users. We may share your information, including Personal Information, with other users of our Services, but only in connection with your and their use of our Services, as authorized by you or your use of our Services, including for example so that you may explore doing and do business together.
  • If you are Podcaster user, your information, including your Profile, will be shared with Brand users so that they can use our Services to search for and identify you as a Podcaster of interest for purposes of entering into potential business transactions including but not limited to Booking Requests, Booking Orders and Campaigns, and possibly with other Podcaster users to use our Services to search for and identify you as of interest in forming a community of Podcasters sharing common or similar interests for networking, collaboration, support, and pay-it-forward opportunities.
  • If you are a Brand user, we may share your information with other users, but only in connection with your and their use of our Services, including Podcasters determined by you to be of interest for purposes of entering into potential business transactions including but not limited to Booking Requests, Booking Orders and Campaigns.
  • With other users who in the course of using our Services may request us to provide information about you necessary to request a transaction, respond to a requested transaction, and/or complete the requested transaction, such as your Profile, or you name, account ID, email address, contact details, or other information from you needed to consider and possibly complete a transaction.
  • If a transaction or Campaign fails, is put on hold, or is later cancelled in whole or in part, we may also provide the other user with details of the unsuccessful transaction or Campaign.
  • To help protect your privacy, we may initially allow only limited access to whichever of your information is necessary to facilitate beginning a transaction and then as the transaction progresses we may allow access to more of your information as may be needed to complete the transaction and associated fund transfers.
  • Third-Party Service Providers.  We may share your information, including Personal Information, with our contractors, agents and third-party service providers that perform certain functions or services on our behalf, such as to host the Services, host or manage databases, perform analyses, or send communications for us.
  • Select Business Partners.  We may share your information, including Personal Information, with select business partners so that they can provide you with services, including financial transaction services, special offers, promotional materials, business opportunities, newsletters you subscribe to, and other materials that may be of interest to you, but only in connection with your use of our Services. However, Ossa is not responsible for the privacy practices of these business partners, which may use your information for their own purposes.
  • We may disclose your Personal Information to PayPal Holdings, Inc. and its corporate family:
  • To prevent, detect, mitigate, and investigate potentially illegal acts, fraud and/or security breaches, and to assess and manage risk, including to alert you if fraudulent activities have been detected on your Account or your PayPal accounts.
  • To provide customer services, including to help service your Account or resolve disputes (e.g., payment, billing or transactional disputes).
  • To facilitate the processing of payment cards when you are paid or you need to pay within our Services with a payment card and we use PayPal to process your payment.
  • To facilitate any related services for transactions you made using PayPal.
  • Other Parties When Required by Law or as Necessary to Protect the Services.  We may disclose your information to third parties in order to protect the legal rights, safety, and security of Ossa and the users of our Services; enforce our Privacy Policy, User Agreement or Terms of Service; prevent fraud (or for risk management purposes); and comply with or respond to law enforcement or legal process or a request for cooperation by a government or other entity, whether or not legally required.
  • In Connection with a Transfer of Assets. If we sell all or part of our business, or make a sale or transfer of assets, or are otherwise involved in a restructuring of assets, a consolidation, merger or business transfer, or in the event of bankruptcy, we may transfer your Personal Information to one or more third parties as part of that transaction.

Other Parties with Your Consent. We may share information about you with third parties when you consent to such sharing, including when you provide information in response to our requests for your Account or for use in your user Profile or any public area of the Services we may establish, such as a chat room, forum, blog, newsletter or other community tool.  

  • If you choose to use our invitation service to invite a friend to the Service, we will ask you for that person’s email address and automatically send an email invitation.  Ossa stores this information to send this email, to register your friend if your invitation is accepted, and to track the success of our invitation service.  Your friend may contact us to request that we remove this information from our database at [email protected].
  • Aggregate Information. We may disclose to third parties information that does not describe or identify individual users, such as aggregate website usage data, transactions, or demographic reports.

If we intend to handle your Personal Information for any purposes not covered in this Privacy Policy, you will receive prior notice of the processing of your Personal Information for the new purpose(s). Except as expressly provided in this Privacy Policy and our User Agreement and Terms of Service, we do not sell, rent, swap, authorize disclosure of or otherwise disclose your Personal Information to third parties for their marketing, advertising or other commercial purposes without your consent. Any other user receiving your information should only use it for purposes related to the involved transaction. Unless you have consented to receive marketing from them, they should not contact you for marketing purposes.

Any personal information or content that you voluntarily disclose for posting to the Service, such as User Content, becomes available to the public, as controlled by any applicable privacy settings.  To change your privacy settings on the Service, please contact us at [email protected].  If you remove information that you posted to the Service, copies may remain viewable in cached and archived pages of the Service, or if other Users have copied or saved that information.

From time to time, we may run contests, special offers, or other events or activities (“Events”) on the Service together with a third party partner.  If you provide information to such third parties, you give them permission to use it for the purpose of that Event and any other use that you approve. We cannot control third parties’ use of your information. If you do not want your information to be collected by or shared with a third party, you can choose not to participate in these Events.

When you transact business using our Services with another user who is a natural person, we may enable you to obtain or we may provide you with Personal Information of such user (such as their name, email address, contact details, and type of business) to enable you to consider and possibly complete a transaction. Independent from us, you are a controller of such natural person user’s data and we encourage you to inform such users about your privacy practices and policies and respect their privacy. In all cases, you must comply with the applicable privacy laws, and must give such natural person user(s) a chance to remove his or her Personal Information from your database and provide him or her with a chance to review what information you have collected about him or her.

Using Personal Information of others that you have access to for any purpose other than that provided for in our Terms of Service constitutes a violation of our Terms of Service.

  1. Social Networking Services

Ossa may in the future work with certain third-party social media providers to offer you their social networking services through our Services. For example, you may be able use third-party social networking services, including but not limited to Facebook, and others to share information about your experience on our Services with your friends and followers on those social networking services. These social networking services may be able to collect information about you, including your activity on our Services. These third-party social networking services also may notify your friends on the social networking services themselves, that you are a user of our Services or about your use of our Services, in accordance with applicable law and their own privacy policies.  If you choose to access or make use of third-party social networking services, we may receive information about you that you have made available to those social networking services, including information about your contacts on those social networking services.

  1. Links to Third Party Sites and Services

The Services may contain links to other websites or online services that are operated and maintained by third parties and that are neither under the control of nor maintained by Ossa.  In addition, when you are on our Services you may be directed to other services that are operated and controlled by third parties, some of whom may be users of our Services, that we do not control. For example, if you “click” on a link, the “click” may take you off the Services onto a different website. Such links do not constitute an endorsement by Ossa of those other websites, the content displayed therein, or the persons or entities associated therewith. This Privacy Policy does not apply to such linked third-party websites, communications and content.  Such third party operators may collect information from you including your Personal Information, and may employ tracking technology and advertising technologies, particularly when content is served to you, and may share your information with others and/or us or our other users. We encourage you to note whenever you leave the Ossa website and to review the privacy policies of these third-party websites or services and exercise caution in connection with them and before submitting any Personal Information to them.

We may share non-personally identifiable information (such as anonymous usage data, referring/exit pages and URLs, platform types, number of clicks, etc.) with interested third parties to help them understand the usage patterns for certain Ossa services.

Ossa may allow third-party ad servers or ad networks to serve advertisements on some of our Services. These third-party ad servers or ad networks use technology to send, directly to your browser, the advertisements and links that appear on Ossa. They automatically receive your IP address when this happens. They may also use other technologies (such as cookies, JavaScript, or web beacons) to measure the effectiveness of their advertisements and to personalize the advertising content, e.g., Google Display Network Ads, Google Analytics for Display Advertising.  Ossa does not provide any personally identifiable information to these third-party ad servers or ad networks without your consent. However, please note that if an advertiser asks Ossa to show an advertisement to a certain audience and you respond to that advertisement, the advertiser or ad server may conclude that you fit the description of the audience they are trying to reach.  The Ossa Privacy Policy does not apply to, and we cannot control the activities of, third-party advertisers.  Please consult the respective privacy policies of such advertisers for more information.

  1. Analytics and Tracking Technologies

We may allow third parties to place and read their own cookies, web beacons, Local Shared Objects, and other technologies to collect information through the Services.  For example, our third-party service providers may use these technologies to collect information (i) that helps us with traffic measurement, research, and analytics, and (ii) that is used to propose business transactions using our Services and across the Internet tailored to your apparent requests and interests.  To the extent we combine information from third party services with Personal Information we collect directly from you on the Services, we will treat the combined information as Personal Information under this Privacy Policy. Otherwise, the information collected and stored by third parties remains subject to their policies and practices, including whether they continue to share information with us, the types of information shared, and your choices on what is visible to others on third party services. We may not control those third-party tracking technologies, we are not responsible for them, and we make no representations about them. However, you consent to potentially encountering such third-party tracking technologies in connection with the use of our Services.
You may exercise choices regarding the use of cookies from Google Analytics by going to http://tools.google.com/dlpage/gaoptout or downloading the Google Analytics Opt-out Browser Add-on.

  1. Communications Preferences

You may choose to receive communications (including emails and text messages) in connection with potential or actual business opportunities relating to ad placement on or sponsorship of Podcaster shows, new business opportunities, and similar communications from us when you provide information for your Account. You may opt out of receiving any certain promotional and/or marketing communications from us at any time by (i) for promotional/marketing emails, clicking on the opt-out or “unsubscribe” link included in the commercial emails you receive or emailing us at [email protected] referencing “Unsubscribe” in the subject matter line with your unsubscribe instructions; and (ii) for text messages, following the instructions provided in text messages from us to text the word “STOP”.  Please note that your opt-out is limited to the email address or phone number used and will not affect any subsequent subscriptions. Opt-out requests for e-mail may take up to 10 business days to be effective.  Your opt-out request will not apply to messages that you request or emails that are not commercial in nature.

  1. Do Not Track

Some web browsers may transmit “do-not-track” signals to the websites with which the user communicates.  Because of differences in how web browsers incorporate and activate this feature, it is not always clear whether users intend for these signals to be transmitted, or whether they even are aware of them.  Because there currently is no industry standard concerning what, if anything, websites should do when they receive such signals, Ossa and our third-party service providers currently do not take action in response to these signals. For more information on “do-not-track,” visit http://www.allaboutdnt.com.

  1. Your California Privacy Rights

Pursuant to California’s “Shine The Light” law, California Civil Code Section 1798.83, California residents are entitled once a year, free of charge, to request and obtain certain information regarding our disclosure, if any, of certain categories of Personal Information to third parties for their own direct marketing purposes in the preceding calendar year. You may request this disclosure information a [email protected] referencing “California Shine The Light Request” in the subject matter line so that we can process your request. Please include your mailing address, state of residence and email address with your request. You also may opt-out of any future sharing of such Personal Information with third parties for their direct marketing purposes by contacting us by email as above or by mail at our mailing address: ATTENTION: California Shine The Light Request, Ossa ℅ Heart of Gold US LLC, 24 Railroad Avenue, PMB 125, Tenafly, NJ 07670.

  1. Data Security

We implement reasonable technical and organizational measures designed to protect your Personal Information against accidental or intentional destruction or loss, and unauthorized disclosure or access. However, no data transmission over the Internet, mobile networks, wireless transmission or electronic storage of information can be guaranteed to be 100% secure. Please note that we cannot ensure the security of any information you transmit to us, and you use our Services, and provide us with your information, at your own risk.

You are responsible for maintaining your privacy settings and the confidentiality of your account password, answers to any security questions we may employ, and for any access to or use of the Services using your password, whether or not authorized by you.  Please notify us immediately of any unauthorized use of your password or account or any other breach of security.

  1. Data Storage and Retention

Your Personal Information is stored on our servers and on the servers of third-party database management service provider Amazon Web Services (AWS), and possibly others that we engage with which are located in the United States. We protect your Personal Information using technical and administrative security measures to reduce the risks of loss, misuse, unauthorized access, disclosure and alteration. Some of the safeguards we use are firewalls and data encryption, physical access controls to our contractor’s data centers, and information access authorization controls.

We retain your Personal Information for as long as necessary to provide the Services you have requested, or for other essential purposes such as complying with our legal obligations, resolving disputes, and enforcing our Privacy Policy, User Agreement, and other policies of our Terms of Service.

How long we retain personal information can vary significantly based on the context of the Services we provide and on our legal obligations. The following factors typically influence retention periods:

  • How long the Personal Information is needed to provide our Services. This includes such things as maintaining and improving the performance of our Services, keeping our systems secure, and maintaining appropriate business and financial records. As a baseline, we retain your data including Personal Information as long as you have an active Account and for twenty-four months following your termination of use of our Services, and data regarding financial transactions for six (6) years following the transaction completion date in accordance with applicable tax regulations.
  • If you indicate to us that certain Personal Information is sensitive, we may apply a shortened retention time in the absence of any business or legal need to retain it for a longer term.
  • If you have provided consent for a longer retention period, then we will retain your data in accordance with your consent.
  • Subject to Section 14 below, we may retain and continue to use indefinitely all information (including User Content) contained in your communications to other users or posted to public or semi-public areas of the Service after termination or deactivation of your Account.
  • If we are subject to a legal, contractual, or similar obligation to retain your Personal Information, for example, in the circumstances of mandatory data retention laws in the applicable jurisdiction, government orders to preserve data relevant to an investigation, or Personal Information required to be retained in connection with potential or ongoing litigation, then we will retain such data until this legal, contractual or other obligation is no longer in place.

After it is no longer necessary for us to retain your Personal Information, we will dispose of it in a secure manner in accordance with standard industry practices then in effect.

  1. Accuracy of Personal Information

While we take various steps to ensure the accuracy and completeness of your Personal Information, we rely upon you to provide accurate and complete information, including Personal Information and your Profile, when interacting with us, and to periodically review the information you have provided and update that information whenever appropriate.

  1. Your Rights in Connection with Your Personal Information

Under certain circumstances, and as required by applicable law you have the right to:

  • Request access to your Personal Information. This enables you to receive a copy of the Personal Information we hold about you.
  • Request correction of any incomplete or inaccurate Personal Information that we hold about you.
  • Request erasure of your Personal Information when there is no need for us continuing to process it or you have exercised your right to object to processing (see below).
  • Object to processing of your Personal Information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.
  • Request the restriction of processing of your Personal Information to suspend the processing, for example if you want us to verify its accuracy or the reason for processing it.
  • Request the transfer of your Personal Information to another party.

In accordance with our User Agreement, you have the option to designate certain of your provided information, including Personal Information, as “confidential” such that we will only share that confidential information with third parties if they agree to be bound to the confidentiality obligations controlling the use and disclosure of such confidential information in accordance with the User Agreement. In the absence of agreement by the third party however we will not share your designated confidential information, and that may result in your inability to use or benefit from some or all of our Services.

If you want to exercise any of these rights, please contact us using the information in the “Contact Us” section of this Privacy Policy. Valid requests will be honored within 30 calendar days of request. This 30-day period may be extended for another 2 months, as permitted by law, for complex requests with notification of the reasons for the extension to you.

You will not have to pay a fee to access your Personal Information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances. In addition, there may be requests that we are unable to process because of other legal requirements. If a request is denied, we will notify you of the reason.

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that Personal Information is not disclosed to any person who has no right to receive it.

Where you have a statutory right to request access or request the modification or erasure of your personal information, we can still withhold that access or decline to modify or erase your personal information in some cases in accordance with applicable national laws.

If you request that we stop processing some or all of your personal information or you withdraw (where applicable) your consent for our use or disclosure of your Personal Information for purposes set out in this Privacy Policy, we might not be able to provide you all of the Services and customer support offered to our users and authorized under this Privacy Policy and our User Agreement and Terms of Use.

Our Services will include a mechanism allowing you to delete, correct and update the Personal Information you have provided. We will make good faith efforts to make requested changes in our then-active databases as soon as practicable, but it is not always possible to completely change, remove or delete all of your information or any public postings from our databases and residual and/or cached data may remain archived thereafter. Upon your request, we also will close your Account and remove your Personal Information from view as soon as reasonably possible, based on your Account activity. Further, we reserve the right to retain data (i) as permitted or required by applicable law; and (ii) for so long as reasonably necessary to fulfill the purposes for which the data is retained as permitted by applicable law (e.g., business records).

If you are located in the European Union (EU), you have the right to lodge a complaint with an EU Supervisory Authority. However, if you have a complaint regarding the processing of your Personal Information we request that you first contact us and we will reply on a timely basis.

If you have a rights request, please contact us using the information in the “Contact Us” section of this Privacy Policy referencing “Rights Request” in the subject matter line..

  1. International Transfers of Personal Information

Our Services are operating in the United States and located in the United States. Please be aware that the Personal Information we collect may be transferred to and maintained on servers or databases located outside your state, province, country, or other jurisdiction, where the privacy laws may not be as protective as those in your location. If you are located outside of the United States, please be advised that we process and store personal data in the United States. By using our Services, you consent to the transfer to and processing, usage, sharing, and storage of your information, including your Personal Information, in the United States as set forth in this Privacy Policy.

  1. Data Controller

As it pertains to users of our Services located in the EU, the controller of your Personal Information is Ossa ℅ Heart of Gold US LLC, 24 Railroad Avenue, PMB 125, Tenafly, NJ 07670, USA.

  1. Privacy Policy Updates and Notice

We may modify this Privacy Policy at any time in our absolute and sole discretion by providing you with notice of any revisions to the Privacy Policy.  Your continued use of the Services or after any modification to the Privacy Policy will constitute your consent to and acknowledgement of the new terms and conditions. However, we will not use your previously collected Personal Information, to the extent it is not collected under the new Privacy Policy, in a manner materially different than represented at the time it was collected without your consent. If any changes are made to the Privacy Policy that would affect information collected from or about children in a way that would require parental consent under applicable laws, e.g., the Children’s Online Privacy Protection Act, we will obtain such consent from a parent or legal guardian.

We may use either a physical or an electronic communication channel, as discussed above, to comply with our obligation to provide you with any “notice” as may be required according to the terms of this Privacy Policy and any modification to this Privacy Policy, and such notice satisfies any legal requirement that such communications of “notice” be in writing. This is consistent with the terms of the User Agreement Section 12.

  1. Contact Us

If you have any questions about this Privacy Policy, you may contact us at the following email address, phone number or mailing address:

EMAIL: [email protected]. Unless otherwise instructed in this Privacy Policy, reference “Privacy Policy Question” in the subject matter line.
PHONE: (201) 266-4542

MAIL ADDRESS:

ATTENTION: PRIVACY POLICY
Ossa ℅ Heart of Gold US LLC
24 Railroad Avenue,
PMB 125,
Tenafly, NJ 07670
USA

Back To Top