Last Modified on May 23, 2018
Our Privacy Commitment
This policy answers the following questions:
Quivers, Inc. is a Delaware corporation with principal offices located at the address set out below.
You can contact us as follows:
FAO: Marissa Luedy, Director of Operations
50 W Broadway Ste 333
SLC, UT 84101-2027
What Information Do We Collect About You?
Types of Information We Collect
Information that you provide to us
We will collect any information that you provide to us when you:
(a) make an enquiry, provide feedback, or make a complaint over the phone, by email or on the Site;
(b) submit correspondence to us by post, email or via the Site;
(c) order products or services via the Site;
(d) create an account to use the Service;
(e) update your profile and other account details;
(f) subscribe to our newsletter and mailing lists;
(g) fill in a form, conduct a search, respond to surveys, participate in promotions or use any other features of the Site;
(h) submit reviews and comments on the Site;
(i) register to and/or attend events organized by us;
(j) submit a CV;
(l) attend an interview or assessment;
(m) ‘follow’, ‘like’, post to or interact with our social media accounts, including Facebook, LinkedIn, Twitter, Pinterest, Instagram and Google+; and
(n) request or participate in a demo on the Site.
The information you provide to us will include (depending on the circumstances):
(a) Identity and contact data: Title, names, addresses, email addresses and phone numbers;
(b) Account profile data: If you’re registering for an account you may also provide a username, password, job title/position, and birth date.
(c) Financial Data: If you are using the Site to purchase products or services, you will also provide payment details, which may include billing addresses, credit/debit card details and bank account details;
(d) Employment and background data: If you are submitting a job application, you may also provide additional information about your academic and work history, qualifications, skills, projects and research that you are involved in, references, proof of your entitlement to work, your national security number, your passport or other identity document details, your current level of remuneration (including benefits), and any other such similar information that you may provide to us;
(e) Survey data: From time to time we might ask if you would be willing to participate in our surveys; if you agree, we will also collect any information that you provide as part of that survey; and
(f) Sensitive information: If you are submitting a job application, you may provide information about your race or ethnicity, religious beliefs, sexual orientation, health and whether or not you have any disability.
Information We Collect About You
(a) Information contained in correspondence: We will collect any information contained in any correspondence between us. For example, if you contact us using a query button on the Site or by email or telephone, we may keep a record of that correspondence;
(b) Information transmitted on the Site: We will collect information that you upload or post through the Service, including to your account;
(c) Transactional data: We will collect information related to your transactions through the Service, including the date and time, the amounts charged and other related transaction details. Please note that we do not accept credit card numbers delivered by email. You should never send credit card information by email, as it is not secure;
(d) Website usage and technical data: Our servers automatically record information that your browser or mobile device sends whenever you utilize the Service. This information includes, among other things, your Internet Protocol address, mobile device operating system, your browser type and version, the search engine you used to find the Service, if any, which aspects of the Service you use and from where, and when and how long you use them. We use this information to monitor and analyze how users use the Service, to provide customer service and to maintain and improve the Service. We may also collect similar information from emails we may send to you which then help us track which emails are opened and which links are clicked by recipients. The information allows for more accurate reporting and improvement of the Service. This information may be collected by a third-party website analytics service provider on our behalf and/or may be collected using cookies or similar technologies. For more information on cookies please read the section titled “Cookies and Analytical Data” below; and
(e) Sensitive information: “special categories” of particularly sensitive personal information (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data) and information about criminal convictions and offences requires higher levels of protection. We need to have further justification for collecting, storing and using this type of personal information. We have in place an appropriate policy document and safeguards which we are required by law to maintain when processing such data. We process special categories of personal information where it is needed for reasons of substantial public interest for equal opportunities monitoring or where we need it to carry out our legal obligations or exercise rights in connection with employment;
Information we receive from third parties
In certain circumstances, we will receive information about you from third parties who may be based inside or outside the EEA. For example:
(a) Fraud detection agencies: Where permitted or required by law, we may receive information about you, including fraud detection information from third party service providers and/or partners;
(b) Employers, recruitment agencies and referees: If you are a job applicant, we may contact your recruiter, current and former employers and/or referees to provide information about you and your application;
(c) Service providers: We may collect personal information from our website developer, IT support provider, payment services provider, and survey service provider;
(d) Site security: We will collect information from our website security service partners about any misuse to the Site, for instance, the introduction of viruses, Trojans, worms, logic bombs, website attacks or any other material or action that is malicious or harmful; and
(e) Social media plugins: We currently use social media plugins from the following service providers: Facebook (including the Freshdesk support plugin), Google+, Twitter, and LinkedIn. By providing your social media account details you are authorizing that third-party provider to share with us certain information about you.
We might also receive information about you from third parties if you have indicated to such third party that you would like to hear from us.
How We Use Your Personal Information
We will use your information for the purposes listed below either on the basis of:
(a) performance of your contract with us and the provision of the Service to you;
(b) your consent (where we request it);
(c) where we need to comply with a legal or regulatory obligation; or
(d) our legitimate interests or those of a third party (see details below).
The personal information you provide to us will allow us to communicate with you and provide the Service to you, depending on the aspects of the Service you utilize.
We use your information for the following purposes:
(a)To provide access to the Site: To provide you with access to the Site and the Service in a manner convenient and optimal and with personalized content relevant to you including sharing your information with our website hosts and developers (on the basis of our legitimate interest to ensure the Site and the Service is presented in an effective and optimal manner);
(b) To register your account: When you sign up to use the Site and the Service, we will use the details provided on your account registration form (on the basis of performing our contract with you);
(c) To process and facilitate transactions with us: We will use your information to verify your identity, to process transactions and payments, and to collect and recover money owed to us (on the basis of performing our contract with you and on the basis of our legitimate interest to recover debts due);
(e) To conduct business with you, your employer, or the organization you represent: We use your information to contact you and manage and facilitate our business relationship with you, your employer, or the organization you represent;
(f) User and customer support: To handle your customer service questions or issues and to provide customer service and support (on the basis of our contract with you or on the basis of our legitimate interests to provide you with customer service), deal with enquiries or complaints about the Site and share your information with our website developer, IT support provider, payment services provider, support services provider] as necessary to provide customer support (on the basis of our legitimate interest in providing the correct products and services to users of the Service and to comply with our legal obligations);
(g) Prize draws, competitions and surveys: To enable you to take part in prize draws, competitions and surveys (on the basis of performing our contract with you and our legitimate interest in studying how the Site and the Service are used, to develop them and grow our business);
(h) Recruitment: To process any job applications you submit to us, whether directly or via an agent or recruiter including sharing this with our third party recruitment agency (on the basis of our legitimate interest to recruit new employees or contractors);
(i) Marketing: To keep in contact with you about our news, events, new Site features, products, services, or enhancements to the Service that we believe may interest you, provided that we have the requisite permission to do so, and sharing your information with our marketing services provider (either on the basis of your consent where we have requested it, or our legitimate interests to provide you with marketing communications where we may lawfully do so);
(j) Advertising: To deliver relevant Site content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you (on the basis of our legitimate interests in studying how the Site and the Service are used, to develop them, to grow our business and to inform our marketing strategy);
(k) Social media interactions: To interact with users on social media platforms including Facebook, LinkedIn, Twitter, Pinterest, Instagram and Google+, for example, responding to comments and messages, posting, ‘retweeting’ and ‘liking’ posts (on the basis of our legitimate interest in promoting our brand and communicating with interested individuals);
(l) Analytics: To use data analytics to improve the Site and the Service, products/services, marketing, customer relationships and experiences (on the basis of our legitimate interests in defining types of customers for the Site and the Service, to keep the Site and the Service updated and relevant, to develop our business and to inform our marketing strategy);
(m) Suggestions and recommendations: To share your information with selected third parties such as suppliers and partners, to enable them to contact you with information about things that may interest you (where we have your consent to do so);
(n) Research: To carry out aggregated and anonymised research about general engagement with the Site and the Service (on the basis of our legitimate interest in providing the right kinds of products and services to users of the Site and the Service); and
Our legitimate interests
As outlined above, in certain circumstances we may use your personal information to pursue legitimate interests of our own or those of third parties. Where we use your information for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you. Our legitimate interests don’t automatically override yours and we won’t use your information if we believe your interests should override ours unless we have other grounds to do so (such as your consent or a legal obligation). If you have any concerns about our processing please refer to section headed “Your Rights” below
Cookies and Analytical Data
We may make your personal information non-personally identifiable by either combining it with information about other users (aggregating your personal information with information about other users), or by removing characteristics (such as your name or email address) that make the information personally identifiable. This process is known as de-personalizing or anonymizing your information.
Do Not Track
In compliance with California legislation, AB370, effective January 1, 2014, Quivers’s practices in responding to “do not track” signals and collecting user information over time and across a network of websites when you visit the Site are as follows: We honor the request of “do not track” signals sent by your browser when you visit the Site. Additionally, Quivers may collect user information about your online activities over time and across different websites, or authorize third parties to do so.
Quivers uses third-party service providers such as Google Analytics to help us learn about who visits the Site and what pages are being viewed.
If you do not wish for cookies to be installed on your device, you can change the settings on your browser or device to reject cookies. For more information about how to reject cookies using your internet browser settings please consult the “Help” section of your internet browser (or alternatively visit http://www.aboutcookies.org). Please note that you will not be able to use the Service if you disable cookies.
|QuiversSession||This cookie stores a UUID which uniquely identifies a browser session. This cookies allows our HoverCart to recognize a consumer across multiple subdomains of a given domain.||Does not expire.|
|HoverCart-Language||This cookie identifies the language that a user has selected to use within our HoverCart shopping experience.||Does not expire.|
|quiversauth||This cookie stores a JWT authentication token used by our Administrative Web UI to make authorized requests against our Web API.||Does not expire.|
|quiversauth_hovercart||This cookie, like the quiversauth cookie, stores a JWT authentication token to make authorized requests against our Web API. This authentication token is used by the HoverCart specifically.||Does not expire.|
|QuiversAuth||Similar to quiversauth and quiversauth_hovercart, this cookie is used for similar purposes by the Catalog Tool UI.||Does not expire.|
|PHPSESSID||This cookie stores a PHP session Id, used to identify the session of a user within the Catalog Tool UI. This allows their session to persist while navigating between pages of the UI.||Does not expire.|
|SSOLogin||This cookie stores a boolean true or false value which indicates to the Catalog Tool UI if the user is granted Single-Sign-On into this tool from an authorization cookie of the Administrative Web UI or HoverCart.||Does not expire.|
|displaysettings||This cookie is used by our Administrative Web UI to store which fields a user has opted to want displayed when viewing a list of their customer orders within the UI.||Does not expire.|
In compliance with the Children’s Online Privacy Protection Act (COPPA), we do not knowingly provide our Service to, and/or collect or maintain the personal information of, persons under the age of 18. If you are under the age of 18, please do not access the Site at any time or in any manner. We will take appropriate steps to delete the personal information of persons under the age of 18.
Will We Share Your Personal Information with Third Parties?
Sharing Your Information
We will share the personal information we collect about you (in connection with the purposes and on the lawful grounds described above, and in addition to the recipients of your information as described above) with third parties (who may be based both inside and outside the EEA) such as:
(a) Quivers Network: Members of the Quivers network (including brands and retailers). Where required by European data protection laws and/or the Privacy Shield, we will enter into written contracts with any such unaffiliated third-party data controllers requiring them to (i) provide the same level of protection for your personal information that European data protection laws and/or the Privacy Shield require and (ii) limit their use of your personal information so that it is consistent with any consent you have provided and with the notices you have received;
(c) Corporate affiliates: Other segments of our business or companies in our corporate group based in Australia and India;
(d) Regulators and governmental bodies: Regulators, governmental bodies, and other authorities acting as processors or joint controllers who require reporting of processing activities in certain circumstances;
(e) Marketing parties: Any selected third party that you consent to our sharing your information with for marketing purposes;
(f) Prospective buyers of our business: If we become involved in a merger, acquisition or other transaction involving the sale of some or all of Quivers’ assets, user information, including personal information collected about you, could be included in the transferred assets and so be shared with any prospective buyer of our business or assets. Should such an event occur, we will use reasonable means to notify you through email and/or a prominent notice on the Site; and
(g) Other third parties (including professional advisers): Any other third parties (including legal or other advisors, regulatory authorities, courts, law enforcement agencies and government agencies) where necessary to enable us to enforce our legal rights, or to protect the rights, property or safety of our employees or where such disclosure may be permitted or required by law.
Before we use your personal information for a purpose that is materially different than the purpose we collected it for or that you later authorized, we will provide you with the opportunity to opt out and/or ask you to provide your consent to allow us to use your personal information for that new purpose. Under certain circumstances, we may remain liable for the acts of our third-party agents or service providers who perform services on our behalf with respect to their handling of personal information that we transfer to them pursuant to European data protection laws and/or the Privacy Shield.
Additional Information You Should Know About Third Parties
What choices do you have about the collection and use of your personal information?
(A) Notice to all Individuals
Control of Your Information
You may update or request deletion your personal information stored by Quivers by writing to us at email@example.com. Additionally, you may have the right to access the Privacy Shield Data (as defined below) that we hold about you, provided that granting such access is not unreasonably burdensome or expensive under the circumstances and that it would not violate the rights of someone other than the individual requesting access. If you would like to request access to your Privacy Shield Data, you can submit a written request to the email address provided above. We may request specific information from you to confirm your identity. In some circumstances we may charge a reasonable fee for access to your information.
Opting Out of Receiving Communications From Us
If you no longer want to receive our emails or other announcements, you may unsubscribe by writing to us at firstname.lastname@example.org or following the “unsubscribe” link at the bottom of our emails. Please note that you cannot unsubscribe from certain correspondence from us, including messages relating directly to your account (if applicable).
(B) Notice to individuals residing in the European Union
You have certain rights in respect of the information that we hold about you, including:
(b) the right to ask us not to process your personal data for marketing purposes;
(c) the right to request access to the information that we hold about you;
(d) the right to request that we correct or rectify any information that we hold about you which is out of date or incorrect;
(e) the right to withdraw your consent for our use of your information in reliance of your consent (refer to the section headed “How we use your personal information” above
(g) the right to object to our using your information on the basis of our legitimate interests (refer to the section headed “How we use your personal information” above to see when we are relying on our legitimate interests (or those of a third party)) and there is something about your particular situation which makes you want to object to processing on this ground;
(h) the right to receive a copy of any information we hold about you (or request that we transfer this to another service provider) in a structured, commonly-used, machine readable format, in certain circumstances;
(i) in certain circumstances, the right to ask us to limit, or cease processing, or erase information we hold about you; and
the right to lodge a complaint about us to the relevant data protection authority or regulator in your country of work or residence.
Please note that we may need to retain certain information for our own record-keeping and research purposes. We may also need to send you service-related communications relating to your user account even when you have requested not to receive marketing communications.
How to Exercise your rights
You may exercise your rights above by contacting writing to us at email@example.com or in the case of preventing processing for marketing activities also by checking certain boxes on forms that we use to collect your data to tell us that you don’t want to be involved in marketing or by updating your marketing preferences via your account with us.
We will comply with your requests to exercise your rights above unless we have a lawful reason not to do so.
What we need from you to process your requests
We may need to request specific information from you to help us confirm your identity and to enable you to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. We will try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
What Security Measures Do We Take to Safeguard Your Personal Information?
The personal information that you provide to us is stored on servers which are protected by protocols and procedures designed to ensure the security of such information. Our secure server software (SSL) is the industry standard and is among the best software available today for secure commerce transactions. It encrypts all of your personal information, including credit card number, name, and address, so that the information cannot be read as it travels over the Internet. We restrict access to personal information to Quivers employees, independent contractors and agents who need to know this information in order to develop, operate and maintain the Service. All Quivers personnel who have access to this information are trained in the maintenance and security of such information. Access to such personal information is minimized whenever possible. Logs are kept of access to application data, which can be monitored for unauthorized activities.
However, no server, computer or communications network or system, or data transmission over the Internet can be guaranteed to be 100% secure. As a result, while we strive to protect user information, we cannot ensure or warrant the security of any information you transmit to us or through the use of the Service and you acknowledge that you provide such information and engage in such transmissions at your own risk. Once we receive a transmission from you, we will endeavor to maintain its security on our systems.
In the event that personal information you provide to us is compromised as a result of a breach of security, when appropriate we will take necessary steps to investigate the situation, notify you and take the necessary steps to comply with any applicable laws and regulations.
How Long Do We Keep Your Personal Information?
We will retain your information for as long as is necessary to provide you with the Service or for as long as we reasonably require to retain the information for our lawful business purposes, such as for the purposes of exercising our legal rights or where we are permitted to do so. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. We look to find ways to reduce the amount of information we hold about you and the length of time that we need to keep it, though we generally retain user data for recordkeeping and fraud prevention purposes until the user requests their data be deleted.
Quivers recognizes that the European Economic Area and Switzerland (collectively, the “Privacy Shield Jurisdictions”) have established strict protections regarding the handling of certain personally identifiable information that we receive in the US from the Privacy Shield Jurisdictions (“Privacy Shield Data”), including requirements to provide adequate protection for Privacy Shield Data transferred outside of the Privacy Shield Jurisdictions. To provide adequate protection for certain Privacy Shield Data about consumers and suppliers received in the US, Quivers has elected to self-certify to the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework, in each case administered by the US Department of Commerce (collectively, the “Privacy Shield”). Quivers adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement, and Liability.
For purposes of enforcing compliance with the Privacy Shield, Quivers is subject to the investigatory and enforcement authority of the US Federal Trade Commission. For more information about the Privacy Shield, see the US Department of Commerce’s Privacy Shield website located at www.privacyshield.gov. To review Quivers’s representation on the Privacy Shield list, see the US Department of Commerce’s Privacy Shield self-certification list located at www.privacyshield.gov/list.
International Transfers of Your Information
Our company is located in the United States of America and many of our external third parties are based outside the European Economic Area (EEA). As such, the processing of your personal data will involve transfers of data outside the EEA.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following transfer solutions are implemented:
(a) We will transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries;
(b) Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, European Commission: Model contracts for the transfer of personal data to third countries; and
(c) Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. For further details, see European Commission: EU-US Privacy Shield.
A list of the countries outside of the EEA to which we may transfer your personal information is as follows:
United States Minor Outlying Islands
United States of America
Questions or Complaints
Notification of Changes
Questions? Contact Us