This Privacy Policy describes how CULTURUNNERS collects and uses personally identifiable information ("Personal Data") in accordance with the EU General Data Protection Regulation ("GDPR"). It is important for you (as an individual who provides us with Personal Data) to understand how we use (or "process") Personal Data, including that which we collect about you during your visit to this Website and our other websites, and which we process more generally pursuant to this Policy.
Our aim always is to process Personal Data fairly, lawfully and transparently. However, if you are unhappy with the information provided in this Policy or have any broader questions or concerns please email: info@culturunners.com.
Personal Data Collection
When you submit your Personal Data on this Website, you are agreeing to the processing and transfers of your Personal Data as set out in this Privacy Policy. This includes when you register as a user and when you subscribe to our mailing lists for information, invites and updates.
More generally, and subject to this Policy, we may also obtain Personal Data when you correspond with or visit CULTURUNNERS in New York. Personal Data may also be collected from publicly available records or from other sources, including other affiliates and partners.
The types of Personal Data we collect and process may include:
Sensitive Personal Data is neither requested nor collected by us generally. Sensitive Personal Data includes for example information relating to race or ethnic origin, religious beliefs, and health. If you do provide us with Sensitive Personal Data because we have agreed between us that such disclosure is necessary, you must also explicitly consent to us using it for the purposes for which it has been provided.
Cookies and Google Analytics
Cookies are small pieces of information stored by your browser on your computer's hard drive. If you want to know more about cookies and how they work, please refer to the following websites: http://www.allaboutcookies.org and http://www.youronlinechoices.com.
If you are a registered user of the Site, we will use a cookie for the duration of your visit to the Site for the purposes of allowing you to save items so that you can find them again easily. After you close your browser, this cookie will expire.
Through our Website we store the IP addresses of users in order to increase the session security. The IP address is only logged when you put something into your basket. If you return to the Website you are not identifiable until the point when you log-in as a registered user with an active account.
We also use Google Analytics, a web analytics service provided by Google, Inc. Google Analytics uses cookies to collect information about details of our users' visits to the Site (including IP addresses) and the resources they access on it. Google Analytics provides us with reports based on this information in order to us to help us understand how visitors engage with the Site. Google Analytics will not transfer the information it collects to any third party except where required to do so by law. Please note that we will not use Google Analytics to collect any information from which you can be personally identified, and we will not associate the information provided to us by Google Analytics with Your Information. Google Analytics' cookies will remain on your computer for between thirty minutes and two years from being set / updated, unless you delete them before they expire. For more information about Google Analytics, please visit http://www.google.com/intl/en/analytics/privacyoverview.html. You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. Unless you do this, cookies will be issued when you use our Site, but you can delete them via your browser at any time. If you do not accept cookies, or decide to delete them, you will still be able to access and use the Site but you won't be able to save any items. You can also install the Google Analytics Opt-Out Browser Add-On to prevent Google Analytics cookies being set, which is available for download here.
Personal Data Use
Except as otherwise disclosed in this Privacy Policy, we will process Personal Data only for the purposes of:
In accordance with the GDPR, we have identified below the relevant lawful basis for the processing of various types of Personal Data for different purposes:
We will retain Personal Data for the length of time required for the specific purposes for which it is processed, as set out in this Privacy Policy. However, we may also keep your Personal Data for a longer period, for example, where required by our legal and regulatory obligations or in order to ensure we have effective back-up systems. In such cases, we will ensure that your Personal Data will continue to be subject to this Policy, restrict access to any archived Personal Data and ensure that all Personal Data is held securely and kept confidential.
Transfers of Personal Data to Third Parties
We may share Personal Data with our affiliates companies, and our partners, as well as our fulfilment houses (these are companies which coordinate mailings on our behalf, or which provide payment services). We will ensure that there is a legal basis for all such transfers of Personal Data under the GDPR and that the related processing activities are as set out in this Privacy Policy.
We may also retain other companies and individuals to perform functions on our behalf in relation to the processing of Personal Data as explained in this Privacy Policy. Examples include credit/debit card validation and authorisation agencies, data analysis firms, customer support specialists, webhosting companies and IT services providers. Such third parties may process Personal Data if needed to perform their functions and on our instructions, but will be subject to appropriate contractual safeguards and may not use such Personal Data for any other purpose.
Such third parties may be located in countries both inside and outside the European Economic Area ("EEA"). Although countries outside the EEA may not require the same level of protection of Personal Data as those within the EEA and as is the case in the UK, we always demand that our third party processors adhere to the same procedures that we follow ourselves with respect to your Personal Data and that adequate safeguards are in place in advance of any transfer outside the EEA.
We may disclose any information, including Personal Data, we deem necessary to comply with any applicable law, regulation or governmental request.
Protecting Personal Data
We implement various security measures to protect the security of your Personal Data.
We have security arrangements in place to guard against unauthorised access, improper use, alteration, destruction or accidental loss of your Personal Data. In accordance with the GDPR, we take appropriate organisational and technical security measures, including specific information security standards for the protection of Personal Data.
Your Rights and Responsibilities
The GDPR generally provides individuals with rights to access, to object to the processing of, to rectify, to erase, to restrict and to port their Personal Data. You can exercise any of these rights by contacting us at any time at info@culturunners.com.
We have specific procedures in place to enable you to request that we provide you with details of your Personal Data which we process and a description of how we process it.
You have the right to unsubscribe from any marketing emails we send you. You can do this by clicking on the link at the bottom of every email we send to you or by contacting us by email. You can also request that your Personal Data is deleted from our systems at any time, though please note that we may be entitled to continue to store such Personal Data in accordance with the law and with this Policy.
We will take reasonable steps to create an accurate record of any Personal Data submitted through the Website or otherwise processed by us. However, we do not assume responsibility for confirming the ongoing accuracy of your Personal Data and so please let us know if corrections and updates are required.
Changes to this Privacy Policy
This Privacy Policy is effective from 01 August 2020.
We may revise this Privacy Policy from time to time and will post the revised version here. As we may make changes at any time without notifying you, and the Policy governing our processing of your Personal Data will be the one in place at the time of the processing in question, we suggest that you periodically consult this Privacy Policy.