Last updated: July 7, 2018
The privacy of your data is important to us.
Hats Off Creative Services, Inc. offers a wide range of marketing and web services across several divisions:
- Big Head Web Hosting. Website and eMail Hosting Services
- Big Head Web Hosting Affiliate. Affiliate Hosting Services
- Creative Services. Wholesale Marketing and Web Services
- Creative Services Retail. Marketing and Web Services
- The Portfolio Studio. Projects Portfolio
- Smart Alertz Web Security. Website Security Services
Identity & Access
Your personal data includes information such as:
- Phone Number
- Other data collected that could directly or indirectly identify you
We collect information so that we can provide the best possible experience when you utilize our Services. Much of what you likely consider personal data is collected directly from you when you:
- Create an account or purchase any of our Services (ex: billing information, including name, address, credit card number)
- Request support assistance (ex: email, phone number)
- Complete contact forms or request newsletters or other information from us (ex: email) or
- Participate in contests and surveys, apply for a job, or otherwise participate in activities we promote that might require information about you
We are committed to protecting consumer credit card data in compliance with the Payment Card Industry Data Security Standard (PCI DSS). Our alignment with this standard is reflected in the people, technologies and processes we employ.
We maintain PCI Compliance and pass rigorous testing annually to ensure our security standards are up to date for accepting credit and debit cards. We conduct regular vulnerability scans and penetration tests in accordance with the PCI DSS requirements for our business model. We attest to our PCI compliance annually, and our most recent self-attestation was completed on July 7, 2018. See 2018-2019 Certificate of Compliance
We keep our systems secure so that you can trust us with sensitive payment card information. We know that by staying PCI compliant, we are part of the solution – a united, global response to fighting payment card data compromise.
We never sell your personal information to third parties, and we won’t use your name or company in marketing statements without your permission. When you email our team with a question or to ask for help, your correspondence may be archived, and the email address may be saved for future reference.
The only times we’ll ever share your info:
- To provide products or services you’ve requested, with your permission. List of third-party services we use.
- To investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service, or as otherwise required by law.
Information We Collect Through Your Use of our Services
We may collect certain technical information using cookies and other tracking mechanisms to help us operate and provide our Services to you. This information includes, without limitation:
- Information about the systems and device(s) you use to access our Services, including MAC address, IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, device type, and device identifiers;
- Information about your visits to our Sites, including the full URL clickstream to, through and from the Sites (including date and time);
- Information to facilitate your use of our Services (including to provide access to third-party websites and services), such as URL requests, destination IP addresses, or device configuration details; and
- Pages you view or search for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), your engagement with certain variable/dynamic elements of a page and methods used to browse away from the page.
If you decline to have us collect such information for example, by disabling cookies, we may not be able to provide our Services to you.
Information We Collect about You from Third Parties
Our Services may also, from time to time, contain links to and from social media platforms. You may choose to connect with us through a social media platform and when you do, and to the extent available, we may collect additional information from you, such as your user names, profile picture, contact information, contact list, and the profile pictures of your contacts, through the social media platform. Please be advised that social media platforms may also collect information from you. We do not have control over the collection, use and sharing practices of social media platforms and encourage you to review their usage and disclosure policies and practices, including the data security practices, before using the social media platforms. We may combine the information we collect about you from the various sources described above.
Third-Party Information Collection
Our Services may contain links to third-party websites and services. Please note that these websites and services may have their own privacy policies. We do not accept any responsibility or liability for the policies of any third parties. If you chose to access any websites or services linked from our Services, please check the applicable policies before you use or submit any personal information to such website or service.
Third parties unaffiliated with us may also collect information about you, including tracking your browsing history, when you use our Services. We do not have control over these third-party collection practices and advise you to adjust the settings of your browsers or install plug-ins and add-ins if you wish to minimize these third party collections.
How Your Information May Be Used
We may use any information we collect, including personal information and technical information, as described to you at the time of collection, for the following purposes:
- Providing, Maintaining and Improving our Services. Operating and improving our Services (e.g., administration, troubleshooting, managing account access, protecting security); evaluating our Services; developing new features, products, or services; and for other customer service and support purposes.
- Legal Compliance. Complying with laws, regulations and requests from law enforcement or other governmental entities; carrying out our obligations and enforce our rights arising from any contracts; and using as evidence in litigation.
- Tailoring Content. Personalizing the information and content we display to you, including marketing, promotional and sponsored content and advertising within the Services.
- Protecting Rights and Interests. Protecting the safety, rights or property of Hats Off Creative Services or any third party; investigating, preventing or otherwise addressing activity that Hats Off Creative Services, in its sole discretion, may consider to be or pose a risk of being, an illegal, unethical, or legally questionable activity.
- Research and Analytics. Researching and analyzing how you interact with our Services, including to monitor usage and activity trends and for statistical purposes; creating reports for customers that may include both aggregate trends and the organizations that are viewing their releases, or accessing our Services or customer websites or otherwise using our Services; and measuring or understanding the effectiveness of content, communications, Website visits, web traffic, our Services, or advertising we or our customers serve to you and other customers like you, and to deliver relevant advertising to you and other customers like you.
- Marketing and Communications. Contacting you directly about your use of an account or Service for which you are registered; providing you with information about products or services, from us or third parties that may interest you; serving advertisements to you; and responding to your requests, feedback or questions.
- Electronic eBlasts/eNewsletters. If User decides to opt-in to our mailing list, they will receive emails that may include company news, updates, related product or service information, etc. If at any time the User would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email, User may contact us via our Site or they can turn off the appropriate notifications setting within their user panel. We may use third party service providers to help us operate our business and the Site or administer activities on our behalf, such as sending out newsletters or surveys. We may share your information with these third parties for those limited purposes provided that you have given us your permission.
Security & Encryption
We maintain physical, electronic, and procedural safeguards to protect the confidentiality and security of information transmitted to us. To guard your information delivered to us electronically, our web sites use Secure Sockets Layer (SSL). All data is encrypted via SSL/TLS when transmitted to and from our servers to your browser. The database backups are also encrypted. Unfortunately, however, no data transmission over the Internet can be guaranteed to be 100% secure. As a result, while we strive to protect your contact information, to the extent permitted by law, we do not guarantee or warrant the security of any information you transmit to or from our web sites, and you do so at your own risk.
Cookies & Other Tracking Mechanisms
- Browser Cookies. A browser cookie is a small file placed on the hard drive of your computer. That cookie then communicates with servers, ours or those of other companies that we authorize to collect data for us, and allows recognition of your device. You may use the tools available on your computer or other device to set your browser to refuse or disable all or some browser cookies, or to alert you when cookies are being sent. However, if you refuse or disable all browser cookies, you may be unable to access certain parts of our Websites or use certain features or functionality of our Services.
- Web Beacons. Our Services may contain small electronic files known as web beacons (also referred to as clear GIFs, pixel tags, tracking pixels and single-pixel GIFs) that permit us to, for example, count users who have visited those pages or opened an e-mail and for other website-related statistics. Web beacons in email marketing campaigns, press releases or other types of communications or content allow us to track your responses and your interests in our content, offerings and web pages. We may use web beacons and/or other tracking technologies to collect information about you when you interact with our Services, e-mails, press releases or other types of communications or content, including information about your browsing and purchasing behavior.
Ways to Control your Data
- Opting out of marketing communications. You may receive certain promotional or informational communications from us. Where required by law, promotional communications will be sent only with your consent. You can opt out of promotional emails at any time by following the instructions at the bottom of the e-mails. Please note that certain emails may be necessary for the operation of our Services. You may, however, continue to receive these emails relating to your account or our Services, if appropriate, even if you unsubscribe from our optional communications.
- Accessing, updating or deleting your personal information. We value the accuracy of the information we have about you. You may access, update or delete your information (or in some cases object to its processing) at any time by submitting a Privacy Request Update.
California Online Privacy Protection Act (CalOPPA)
In compliance with the CalOPPA, we agree to the following:
- Anonymous user visits if wanted.
- Users will be able to change personal information by logging in to their account.
GDPR: Your Rights with Respect to Your Information
The General Data Protection Regulation (“GDPR”) in Europe gives people under its protection certain rights with respect to their personal information collected by Hats Off Creative Services. Accordingly, Hats Off recognizes and will comply with GDPR and those rights, except as limited by applicable law. The rights under GDPR include:
- Right of Access. This includes your right to access the personal information we gather about you, and your right to obtain information about the sharing, storage, security and processing of that information.
- Right to Correction. This is your right to request correction of your personal information.
- Right to Erasure. This is your right to request, subject to certain limitations under applicable law, that your personal information be erased from our possession (also known as the “Right to be forgotten”). However, if applicable law requires us to comply with your request to delete your information, fulfillment of your request may prevent you from using some or all of our services and may result in closing your account.
- Right to Complain. You have the right to make a complaint regarding our handling of your personal information with the appropriate supervisory authority.
- Right to Restrict Processing. This is your right to request restriction of how and why your personal information is used or processed.
- Right to Object. This is your right, in certain situations, to object to how or why your personal information is processed.
- Right to Portability. This is your right to receive the personal information we have about you and the right to transmit it to another party.
- Right to not be subject to Automated Decision-Making. This is your right to object and prevent any decision that could have a legal, or similarly significant, effect on you from being made solely based on automated processes. This right is limited, however, if the decision is necessary for performance of any contract between you and us, is allowed by applicable European law, or is based on your explicit consent.
Many of these rights can be exercised by signing in and directly updating your account information. If you have questions about exercising these rights or need assistance, please contact us at firstname.lastname@example.org.
Location of Site and Data
This Site is operated in the United States. If you are located in the European Union or elsewhere outside of the United States, please be aware that any information you provide to us will be transferred to the United States. By using our Site, participating in any of our services and/or providing us with your information, you consent to this transfer.
Hats Off Creative Services, Inc.
Data Security & Privacy
P. O. Box 24713
Knoxville, TN 37933