Protecting your privacy is important to THE DESIGN STUDIO. (“SUB BOX”)
Personal Data is any information that would identify a person directly, or indirectly in combination with data from other sources. For example, a full name, home or work address, phone number, national identification number (SSN, SIN, etc.), email address, banking details, IP address, biometric data, usage data, or any information that may individually identify a person.
Consent and Collection of Personal Data
If you use a SUB BOX website, or conduct a transaction through a SUB BOX Service where Personal Data is essential, your consent is implied to collect and use your Personal Data to facilitate that use or complete that transaction requested or initiated by you only. Examples of instances in which Personal Data may be collected by SUB BOX are, without limitation:
During these instances, we may collect data such as, but not restricted to: areas of the Services or SUB BOX websites you visit, transaction type(s) you engage in or request (and amounts thereof), content you view, your IP address, data downloaded or submitted by you, payment information provided by you, shipping and billing information entered by you, as well as the nature, quantity and price of the goods or services you exchange and the individuals or entities with whom you communicate or transact business using the Services.
In the event SUB BOX requests Personal Data for scenarios independent of the above, such as marketing-related questions via questionnaires, surveys, and profile data, it will include a specific consent request. The consent request will include a clear purpose and goal for the collection of Personal Data, along with a means of withdrawing consent. In these scenarios, we may ask for data such as, but not limited to: your contact information (name, telephone numbers, email address, mailing address), date of birth, product and/or cosmetic concerns, which brands and products you use, user authentication and security information (e.g. username and password).
Age of Consent
The Services offered by SUB BOX are directed towards and designed for the use of persons above the age of majority in your province, state, or country. Persons under the age of majority are not permitted to use the Services on their own, and SUB BOX will not approve applications of, or establish, or maintain accounts or memberships for, any persons below their respective region’s age of majority.
Personal Data Use
SUB BOX may use collected Personal Data for such purposes as:
Personal Data will only be retained by SUB BOX for the length of time required to fulfill the purpose or complete the transaction for which it was collected, or as may be required by law. Beyond that point, Personal Data in the possession or control of SUB BOX will be anonymized or securely destroyed.
Legal Basis for Processing
Lawful Basis for Processing
Consent as a Basis for Processing
In some cases, SUB BOX will ask for your consent to process your Personal Data. You may indicate your consent in a number of ways, including, as may be presented by SUB BOX and permitted by law, ticking a box (or equivalent action) to indicate your consent when providing us with your Personal Data through our Services or a form, or registering or creating an account with us. Note that certain country/region-specific rules regarding consent may also apply, depending upon the jurisdiction in which you reside.
SUB BOX maintains reasonable physical, technical, and administrative security measures to minimize the risk of unauthorized loss, theft, copying, misuse, access, disclosure, alteration, or destruction of your Personal Data.
If transactions are offered as part of a SUB BOX Service, transaction information is transmitted to and from SUB BOX in encrypted form using industry-standard Secure Socket Layer (SSL) connections to help protect such information, including Personal Data transmitted in the course of these transactions, from interception.
SUB BOX also restricts access to your Personal Information to only those persons who have a legitimate business need or legal requirement to view it in connection with the Services. You, as a Personal Data owner, may also authorize any persons you may choose to have access to your Personal Data.
Although SUB BOX does utilize security measures appropriate to the level of risk, no method of data transfer or storage on the internet is 100% secure and security risks cannot be eliminated entirely. As such, SUB BOX cannot guarantee perfect security, integrity, or confidentiality of Personal Data.
SUB BOX maintains a security incident response protocol to be put in place in the event that the security of your Personal Data in the possession or control of SUB BOX is compromised. In the event of a data breach or security incident involving the Services, SUB BOX will apply this protocol to enable SUB BOX to effectively and efficiently respond to, and contain, the breach or incident. SUB BOX may also seek to notify you in such an event. If notification is appropriate or required, SUB BOX may notify you by email, messaging to your device, or other reasonable means.
Disclosure of Personal Data
SUB BOX does not provide Personal Data to unaffiliated third parties for their use in marketing directly to you. We may use unaffiliated companies, or trusted third party service providers, to help maintain and operate our Services for reasons related to our business operations and to better serve you, and those companies may receive your Personal Data for that purpose. For example, Bold may use third party payment processor services in connection with the Services and its websites, and the payment information that you provide to SUB BOX may be disclosed to and used by these payment processors for the purposes of completing and executing transactions requested or initiated by you. When SUB BOX shares Personal Data with third-party services that support our delivery of the Services, we require that they use your Personal Data only for the purposes we’ve authorized, and that they protect your Personal Data to at least the same standards used by SUB BOX.
As part of agreements with merchants who have installed SUB BOX Apps and the execution of transactions on behalf of merchants that make use of SUB BOX Apps in connection with their online stores, we may disclose Personal Data which has been collected by us that is specific to that merchant’s store and your transactions in connection therewith.
SUB BOX may also disclose Personal Data about you in connection with legal requirements, such as in response to an authorized subpoena, governmental request or investigation, or as otherwise permitted by applicable law (including, without limitation, to prevent fraud or abuse, or to protect SUB BOX’s legal rights, property, or the safety of SUB BOX, its employees, users or others).
Finally, as SUB BOX’s business develops, it may sell or buy corporate assets, and in such transactions Personal Data may be one of the transferred business assets. If SUB BOX, its internet businesses, or substantially all of its shares or assets, is acquired or an acquisition is contemplated, Personal Data may be one of the assets assessed or transferred in connection with that transaction.
Transfers of Your Personal Data to Other Countries
Where Personal Data is transferred from the European Economic Area to a country that has not received an adequacy decision by the European Commission, SUB BOX relies on appropriate safeguards, such as for example the European Commission-approved Standard Contractual Clauses and EU-U.S. Privacy Shield Frameworks, to transfer the Personal Data.
“Cookies” and Advertisers
The SUB BOX websites, or the third-party companies used to host, operate, or maintain these websites, may place a “cookie” on your computer in order to allow you to use these websites and to personalize your experience.
A “cookie” is a small piece of data, or an alphanumeric identifier, that can be sent by a web server to your computer or device, which then may be stored by your browser on your computer or device. Cookies allow SUB BOX to recognize your computer or device while you are on our websites and help customize your online experience and make it more convenient for you. Cookies are also useful in allowing more efficient log-in for users, tracking transaction histories, and preserving information between browsing sessions. The information collected from cookies may also be used to improve website functionality.
Most web browsers have features that can notify you when you receive a cookie or prevent cookies from being sent. If you disable cookies, however, you may not be able to use certain personalized functions of SUB BOX websites.
Rights with Respect to Personal Data
In certain circumstances, you may have the right to have your Personal Data, or certain components of your Personal Data, erased by SUB BOX, to have your Personal Data moved, copy or transmitted from SUB BOX’s systems to other systems, or to object to or restrict certain processing of your Personal Data by SUB BOX. In the event that you wish to inquire about, or seek to exercise any of these rights (as they may be applicable), please contact SUB BOX.
European Economic Area and the United Kingdom
To the extent that Bold’s processing of your Personal Data is subject to the General Data Protection Regulation, (or applicable laws covering the processing of Personal Data in the United Kingdom), Bold relies on its legitimate interests, described above, to process your data. Bold may also process other information that constitutes your Personal Data for direct marketing purposes, and you have a right to object to Bold’s use of your Personal Data for this purpose at any time.
If you are a customer of a merchant who uses Bold’s Apps and wish to exercise these rights, please contact the merchants you interacted with directly – we serve as a processor on their behalf, and can only forward your request to them to allow them to respond.
If you are unhappy with the response that you receive from us, we hope that you would contact us to resolve the issue but you also have the right to lodge a complaint with the relevant data protection authority in your jurisdiction at any time.
California Privacy Rights
This section provides additional details about California consumers and the rights afforded to them under the California Consumer Privacy Act or (“CCPA”). If you need to access this notice in an alternative format, please contact us via the method in Contact & Questions section below.
Under CCPA “Personal Information” is defined as anything that identifies, relates to, describes or is capable of being associated with or could reasonably be linked, directly or indirectly, with a particular California consumer of household. For more details about the Personal Information we have collected over the last 12 months, including the categories of sources, please see the Personal Data and Consent and Collection of Personal Data section above. We collect this information for the business and commercial purposes described in the Personal Data Use section above. We share this information with the categories of third parties described in there. Bold does not sell (as such term is defined in the CCPA) the personal information we collect (and will not sell it without providing a right to opt out). Please note that we may use third-party cookies for our advertising purposes as further described in our Cookies and Advertising section above.
The CCPA requires opt-in consent to information use for minors under the age of 16 and verified parental consent for children under the age of 13. We do not knowingly collect or process the information of children.
Subject to certain limitations, the CCPA provides California consumers the right to request, free of charge, to know more details about the categories or specific pieces of personal information we collect (including how we use and disclose this information), to delete their personal information, to opt out of any “sales” that may be occurring, and to not be discriminated against for exercising these rights.
California consumers may make a request pursuant to their rights under the CCPA by contacting us at firstname.lastname@example.org. We will verify your request using the information associated with your account, including email address. Government identification may be required. Consumers can also designate an authorized agent to exercise these rights on their behalf.
SUB BOX Services may contain links to other websites, apps, or services, including those of advertisers or third-party content providers who offer downloads as part of a SUB BOX Service. SUB BOX is not responsible for the privacy practices or the content of other websites, apps, or services. We encourage you to read the Privacy Policies published by such third parties before divulging your Personal Data to them.
Contact & Questions