Last modified: 8/30/2021
For the purposes of the General Data Protection Regulation (known as the “GDPR”), Bryan A Anthonys Design LLC, located at 11212 Metric Blvd Suite 100 Austin, TX 78758, is a “Data Controller.” This means that we direct the flow of collected personal information, as opposed to being a “Data Processor,” which is a person or company that does things with and to the information.
Information We Collect About You
We use this section to explain our data collection practices to you. We combine the data we have about you together. For example, we might combine information about how long you were on our website for with your username. Any information we combine will be treated as if it is all equally sensitive information. We only collect information from you that allows us to make the site run smoothly and provide you with our services.
Personally Identifiable Information
Personally identifiable information is information that can identify you as a person — simple, right? Well personally identifiable information can also be a combination of information that reveals who you are.
For example, if I know your birthday is on July 4, 1976, I can’t necessarily figure out who you are. However, if I know your birthday, where you went to college, whether you’re married or not, and maybe your zip code, then I probably know enough to figure out who you are if I really wanted to. So personally identifiable information can be either something very specific about you, like your full name, or it can be a combination of general details that let me narrow down the possibilities until I figure out that it can only be you.
We purposefully seek the following personally identifiable information from you in a variety of circumstances: your full name, home address, email address, IP address, date of birth, telephone number, gender, and exact location.
We may seek personally identifiable information from you in a variety of ways, including: when you register on our Website, fill out a contact form or other online form, make online purchases, make user comments or otherwise interact via social media, through automated means, through your calls or emails to customer services, and from our processors.
We may use personally identifiable information in the following ways: For fulfilling the purpose for which the information was given, order processing and delivery, marketing purposes, business purposes, fraud prevention, improving the service, providing offers, and to provide you with access to this website.
We may also use your information for marketing our services, products, and offerings, or those that we think may be of interest to you.
We store any personally identifiable information that we’ve collected until customers ask us to remove their data.
Non-Identifiable Personal Information
Non-identifiable personal information is information that’s technically about you, but cannot be linked directly to you without being combined with personal information. For example, if I know that you use Google Chrome when you visit my site, I will never be able to figure out who you are without combining it with personally identifiable information — even if I know what search terms you typed in, what kind of computer you are using, and how long you use the site for every time you visit, I will not be able to figure out that the user is you without personally identifiable information.
We purposefully seek the following non-identifiable personal information from you in a variety of circumstances: your browser type, operating system, session length, page views, length of page views, referral links, search terms, general location data, general demographic data, purchase information, mobile network information, browser settings, crash reports, website actions (e.g. “add to cart”), and abandoned cart data.
We may request non-identifiable personal information from you in a variety of ways, including: when you register on our Website, fill out a contact form or other online form, make online purchases, through automated means, through your calls or emails to customer services, from our processors, and from other third parties.
We may use non-identifiable personal information in the following ways: to enable website features, process and ship orders, run analytics, facilitate ads and marketing, and conduct fraud prevention.
We store any non-identifiable personal information that we’ve collected until customers ask us to remove their data. Some data is stored only in customers’ browser and can be cleared by the customer at any time.
Sensitive information is the type of information that you might not necessarily want people to know, or at least, you would want to control who knows the information and how they come across it. An example of sensitive information could be your credit score or your social security number. As you can imagine, sensitive information should only be requested by a company if they really need the information to provide you with services.
We don't collect any sensitive information from you because it's not needed for us to provide our services to you.
About Automated Collection
Automated technologies help us make our website run more smoothly. Through the use of automated means, we are able to see which of our pages are most popular, how users find our website, what causes errors in the website, and a lot of other details which help us make the website the best it can be.
We may use a number of automation technologies, including cookies. Flash cookies, web beacons, or others as they become available or necessary.
Our automated technologies are supported by the use of other technologies, which may include technologies from Facebook, Alphabet, Inc., Snapchat, and Shopify. For an updated list, input www.bryananthonys.com onto a website such as https://www.cookieserve.com/.
Please note that disabling and deleting cookies might make this website (and others) work improperly.
Flash cookies are functionally similar to regular cookies, but they are not subject to the same controls as regular cookies are. While you can follow the directions in the “Cookies” section to block most cookies, flash cookies require a different type of opt out. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on Adobe's website.
Web Beacons are tiny files that load when a user completes an action like visiting a particular webpage, or opening an email. Because the tiny file is loaded from a server, and the server can see that your computer is trying to open the page or email, the server can deduce that you have visited the page or viewed the email.
“Do Not Track”
There is not yet an industry consensus on how to handle “Do Not Track” signals, so our website is not yet set up to handle them. In the future, this section will discuss how the “Do Not Track” signals are honored.
Who Else Sees Your Data
Most websites who collect user data have relationships with other companies or people that result in user data being shared with those companies or people. This section explains how those relationships work, and what our relationships with others look like when it comes to your data.
Processors Who Help Us Run Our Site
Most businesses need others’ help to run properly (imagine using eBay without PayPal!). When a business hires another business or uses another business’s services, that other business is sometimes called a third party processor, or a subprocessor.
We try to keep this section up-to-date with who our subprocessors are, and what kinds of information they collect.
As of the date that these terms were last updated, our subprocessors include:
Afterpay North America
Reach (With Reach UK Ltd)
Marco Fine Arts
Attentive Mobile, Inc.
Back in Stock from SureSwift Capital
Checkout Promotions & Upsells from Store Recon
Easy GDPR + Cookie Bar
Edit Order by Cleverific app (Cleverific Inc)
Matrixify app (ITissible, SIA)
PushOwl Web Push Notifications
Stamped.io Reviews & UGC
Our subprocessors have access to a variety of information, insofar as their access to the data is necessary to help us provide services to you. Our subprocessors have access to your full name, home address, email address, IP address, date of birth, telephone number, gender, exact location, and first and third party cookies.
Third Parties We Share Information With
Businesses often have complicated relationships with other businesses. Some companies are owned by other companies, they work with companies that are owned by the same company, they engage in partnerships, and find any variety of ways to work together to bring services and products to the public.
We may currently share information with some third parties. Before we get into that, you should know that if we ever sell the company, part of the company, or any of the assets of the company, our users' data would probably be shared with the purchasing company or person. Be aware that sharing of your data might have to happen in that kind of circumstance.We may always share data, if our legal counsel believes it is required of us, in order to comply with any court order, law, or legal process, including to respond to any government or regulatory request. We may also share data, at our discretion, if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of the company, our customers, or others. We may also share data to protect ours or other people's rights, or in connection with a sale, merger, etc. of the company, or sharing that is necessary for us to run our site or services.
We currently share customer data with Liquid Web, which provides us with data storage services.
Third Parties Who Share Information With Us
Some companies get information from third parties for a variety of reasons. One example might be if a website is trying to create a more personalized web browsing experience for their users. If a website knows the kind of content you like, and they’re able to share that information with another website, then that other website can also make sure to only show you content that you like. However, there can be any number of reasons why a website needs information from third parties, like for credit checks, allowing users to login through social media, or other reasons.
We don't collect any information about our users from third parties.
Children Under the Age of Majority
Our Website is not intended for anyone under the age of majority in their respective jurisdiction, and in no case is our website to be used by anyone under the age of 18 years of age. No one under the age of majority may provide any information to or on the Website. We do not knowingly collect personal information from those under the age of majority. If you are under the age of majority, do not use or provide any information on this Website or through any of its features, register on the Website, make any purchases through the Website, use any of the interactive or public comment features of this Website, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a person under the age of majority, we will delete that information. If you believe we might have any information from or about a person under the age of majority, please contact us at firstname.lastname@example.org.
Our company makes efforts to provide security to our user data. It’s impossible to guarantee that data security will be 100% effective, that’s why you hear about hacks or viruses all the time now. Small companies, large companies, and even governments are sometimes the victims of cyber attacks. We take steps to protect your data through encrypting data in transit, providing for the physical security of servers, imposing binding confidentiality obligations on employees, and conducting penetration testing.
To delete your information at your request, or due to our recordkeeping practices, we use a deletion feature provided by Shopify. When we delete a user record, any orders the user might have are anonymized and the user’s data is deleted in up to 10 days. If the user is not eligible for deletion then the request remains attached to the account and automatically executed once the user becomes eligible. Shopify forwards the deletion request to all our third party processors, who must then delete any data they hold on that customer within 48 hours. We manually delete any customer data that is held by another service not linked to Shopify.
Your Choices and Rights
This section describes your choices and rights regarding how we handle your data. In order to protect user data from theft or misuse, we may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights).
You won’t have to pay anything to exercise your rights, the only exceptions being if your request is clearly unfounded, repetitive or excessive. In those situations we might also refuse to comply with your request.
We try to respond to all legitimate requests under these rights within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated as to when we expect to have the request completed.
Even though these rights are guaranteed for EU users and residents, we are proud to grant the following options to all of our users.
The General Data Protection Regulation is a law passed in the European Union that grants EU internet users a variety of rights regarding their data. Those rights include
- The right to request access to their data;
- The right to request correction of their data;
- The right to request erasure of their data;
- The right to object to the processing of their data;
- The right to request their data in a machine readable format;
- The right to be free of decisions affecting their rights based solely on automated processes; and
- The right to withdraw their consent to undue data processing.
Legal Bases for Processing
The GDPR also requires that companies list their “Legal Basis” for each type of processing. Depending on the circumstances, our legal bases include:
- User consent;
- Necessity for the performance of our obligations to the user; and
- Necessity for the purposes of our justified legitimate interests.
For more information on how legal bases work, please visit https://gdpr-info.eu/art-6-gdpr/.
The rights listed in this section are specific to California residents.
California users are also allowed to opt out of any sales of their personal information that may occur. Users who opt out may opt back in at any time.
California users may request that we delete their personal information, but those requests have some exceptions. One example of an exception would be if you paid for one of our products or services, and then requested that your data be deleted before we could deliver the product or service you paid for.
Processing of Data Outside of the EU
The internet is a complex, interwoven, global structure, so your data may move across the planet. Be aware that this includes areas outside of the European Economic Area.By continuing to use this website, you are telling us that you consent to these transfers, even if the countries your data travels to don’t have the same level of privacy protection as your home country.
We ask that you check back from time to time to see if any changes have been made to this policy. Continued use of the website after any changes are made means that you accept the changes.
The date that the most recent updates went into effect is listed at the beginning of this policy.