Privacy Policy

Last updated: May 2019

Bonset America, Inc. and its affiliates and subsidiaries (collectively “Bonset America”) respect the privacy of our customers and users. Please take time to read this Privacy Policy (“Privacy Policy”) as we believe it is important for our customers and users to understand how we collect, process and use personal data. By using the Products and Services, Websites or Portals, you consent to the data we collect and how we use and share it in accordance with this Privacy Policy.  If you do not agree with the data we collect and how we use and share it, you should not use the Products and Services, Websites or Portals.

What Data We Collect

Bonset America’s customers and users voluntarily provide us with data, including data that can be used to identify, either directly or indirectly, an individual (“Personal Data”) when they purchase or use our products and services (together, “Products and Services”) and access our websites or portals (“Websites” or “Portals”).

Data Provided by Users and Customers

  • Name, address, email, telephone number, username and password (collectively "Account Information")
  • Credit card, debit card, banking or other payment information
  • Information submitted as a result of completing forms on our Websites or Portals, entering a promotion or survey or subscribing to, commenting on or downloading information from our Websites or Portals
  • Customer content stored, processed, maintained or transmitted using our Products and Services
  • File system information such as stored file folder names, file extensions, file sizes, and the configuration of any device registered for use in connection with the Products and Services, including any hardware delivered as part of the Products and Services (each a "Device")
  • Technical information as a result of configuring the Products and Services, including IP addresses, browser-type, device-type, internet service provider, referring or exiting pages, operating system, date and time stamp or clickstream data
  • Any other information shared with us directly or indirectly through a customer’s or user’s use of the Products and Services, Websites or Portals

Aggregate Information. To the extent permitted by applicable law, Bonset America may use, process, transfer and store customer and user data in an anonymous (or pseudonymous) and aggregated manner. We may combine such data with other information collected, including information from third-party sources. By using the Products and Services, our customers and users agree that we are permitted to collect, use, share and store anonymized (or pseudonymized) aggregated data collected through the Products and Services for benchmarking, analytics, metrics, research, reporting, machine learning and other legitimate business purposes. Automated Decisions. To the extent permitted by applicable law, Bonset America may collect data in an automated manner and make and use automated decisions about customers, including using machine learning algorithms, in order to provide or optimize the Products and Services, for security or analytics purposes, to display advertisements and offers based on individual preferences and for any other lawful purpose.

Why We Use Data

Bonset America processes data, including Personal Data, for a variety of purposes, such as:

  • With customer or user consent, e.g., to receive marketing materials
  • Where the processing is necessary for the performance of a contract, e.g., to facilitate backing-up and restoring data, for archiving purposes, or to provide technical support
  • Where necessary to comply with law
  • Where the processing is necessary for the purposes of our legitimate interests, taking into account individual interests. Our legitimate interests include providing the Products and Services, internal record-keeping and administrative purposes and to operate, maintain and improve the Websites or Portals

How We Use Cookies and Other Technologies

We use certain automatic data collection technologies such as cookies, web beacons, pixel tags and other technologies to collect data, including Personal Data, when users or customers visit the Websites or Portals, use the Products and Services or interact with us, and may share this data with our third-party marketing vendors (including for example, advertising networks and providers of external services like web traffic analysis services and analytics tools). We explain these technologies below. Cookies. Cookies are small text files placed on a computer by a web server when browsing online and are used to store user preference data so that a web server doesn't have to repeatedly request this information. A user may block cookies by activating the settings on the browser that blocks all or some cookies. However, if a user blocks all cookies (including strictly necessary cookies), a user may not be able to access all or parts of our Websites or Portals. We use the following cookies:

  • Strictly Necessary Cookies. These cookies are required for the operation of our Websites and Portals. They include, for example, cookies that enable a customer to log-in to secure areas of our Websites and Portals and use e-commerce.
  • Analytical and Performance Cookies. These cookies allow us to recognize and count the number of users visiting our Websites and Portals and see how those users navigate our Websites or Portals. This helps us to improve our Websites and Portals.
  • Functionality Cookies. These cookies recognize a user that returns to our Websites or Portals. This enables us to personalize our content, greet the user by name and remember preferences, for example, choice of language or region.
  • Targeting Cookies. These cookies record visits to our Websites or Portals and the links followed. We use this information to improve our Websites or Portals and ensure the advertising displayed is relevant to users.

Web Beacons. A web beacon is a small pixel incorporated into a web page or email to keep track of activity on the page or email.  A web beacon helps us better manage the content of our Websites by informing us of what content is effective. Cross-device Tracking. We may use third-party cross-device tracking. For example, a user may use multiple browsers on a single device, or use various devices, which can result in the customer having multiple accounts or profiles across various devices. Cross-device tracking may be used to connect these various accounts or profiles and the corresponding data from different devices.

Global Data Management

Bonset America is a global organization. As a result, data collected by us, including Personal Data, may be transferred or accessed by Bonset America’s subsidiaries and affiliates in other countries around the world regardless of a customer or user country of residence.  Please note that by using the Products and Services, Websites or Portals or by providing Personal Data to us, customers and users acknowledge and agree that Personal Data may be sent to and processed in countries outside your country of residence, including the U.S.  For individuals residing in the European Economic Area (“EEA”), and for Personal Data subject to European data protection laws, this includes transfers outside of the EEA. Some of these countries may not have data protection laws that provide an equivalent level of data protection as the laws in your country of residence, however, we will take steps to ensure Personal Data is handled in accordance with the EU-U.S. and Swiss Privacy Shield Frameworks and/or the General Data Protection Regulation, as applicable.

When and Why We Share Your Personal Data

We do not and will not sell Personal Data to marketers or other vendors. We may share data, including Personal Data, in the following circumstances: Service Providers. Bonset America may share data, including Personal Data, with our contracted third-party service providers in order to provide and improve our Products and Services, Websites or Portals or to administer surveys and user analysis to better understand user needs and preferences. These third-parties include affiliates and subsidiaries, business partners, payment and delivery services, advertising networks, analytics providers, credit reference agencies, social media companies, email distributors, marketing automation partners, customer survey companies, data storage and hosting partners, IT specialists and product developers. Legal Purposes. Bonset America may share data, including Personal Data, as necessary to comply with applicable law, court orders, governmental agencies, for the administration of justice, to protect vital interests, to protect the security or integrity of Bonset America’s databases, Products and Services, Websites or Portals, or to take precautions against legal liability. Sale. In the event of a merger, consolidation, or acquisition of all, substantially all or a portion of Bonset America’s business or assets, Bonset America may share data, including Personal Data. Customers and users acknowledge and agree that data, including encrypted stored data and Personal Data that Bonset America has collected, may be securely shared, disclosed and transferred to such successor or assignee.

Retention of Data

We may retain data, including Personal Data, for as long as necessary to deliver the Products and Services or as needed for other lawful purposes. We may retain anonymized or pseudonymized, aggregated data indefinitely or to the extent permitted under applicable law.

Your Rights

Subject to applicable data protection laws, customers and users have the following rights with respect to Bonset America’s handling of Personal Data:

  • Access. The right to access Personal Data held by Bonset America.
  • Opt-Out. The right to object to certain processing of Personal Data (unless Bonset America has overriding compelling grounds to continue processing), including the right to opt-out of receiving direct marketing. We will, however, continue to use Personal Data for the limited purpose of communicating important notices relating to purchases, changes to Products and Services or policies, and other reasons permitted by law.
  • Rectification. The right to request correction of Personal Data that is incomplete, incorrect, unnecessary or outdated.
  • Right to be Forgotten. The right to request erasure of all Personal Data that is incomplete, incorrect, unnecessary or outdated within a reasonable period of time. Bonset America will do everything possible to erase Personal Data if a user or customer so requests. However, Bonset America will not be able to erase all Personal Data if it is technically impossible due to limitations of existing technology or for legal reasons, such as Bonset America is mandated by applicable law to retain Personal Data.
  • Restriction of Processing. The right to request restriction of processing Personal Data for certain reasons, such as the inaccuracy of Personal Data.
  • Data Portability. If requested, Bonset America will provide Personal Data in a structured, secure, commonly used and machine-readable format.
  • Right to Withdraw Consent. If Personal Data is processed solely based on consent, and not based on any other legal basis, customers can withdraw consent at any time.
  • Data Protection Contact. The right to contact the relevant data protection regulator regarding Bonset America’s handling of Personal Data.

Bonset America As A Data Controller and Processor

Bonset America, Inc. acts as a data controller when we collect and process Personal Data for Bonset America’s legitimate interests, such as analyzing user interaction with our Websites or processing a customer credit card payment. Bonset America, Inc. acts as a data processor when we provide Products and Services to our customers, such as remote troubleshooting technical support. When acting as a data processor, Bonset America will only process Personal Data in accordance with customer instructions and this Privacy Policy. Bonset America, Inc.'s affiliates or subsidiaries may also act as data controllers or processors to the extent customers purchase Products and Services from those entities or Personal Data is shared with those entities.

Do Not Track

Bonset America belongs to advertising networks that may use browsing history across participating websites to show interest-based advertisements. Currently, our Products and Services do not recognize if a browser sends a "do not track" signal or similar mechanism to indicate the wish not to be tracked or receive interest-based advertisements.

California Privacy Rights

Under California’s "Shine the Light" law, California residents who provide Personal Data in obtaining Products and Services for personal, family or household use are entitled to request and obtain from Bonset America, once per calendar year, information about Personal Data Bonset America has shared, if any, with other businesses for their own direct marketing uses. Bonset America does not currently share your Personal Data with other businesses for their own direct marketing uses. However, if applicable, this information would include the categories of Personal Data and the names and addresses of those businesses with which Bonset America shared Personal Data for the immediately prior calendar year (e.g., requests made in 2018 will receive information regarding 2017 sharing activities). To obtain this information, please send an email to privacy@bonset.com with "Request for California Privacy Information" in the subject line, or mail Bonset America, Inc., Two Avenue de Lafayette, Boston, MA 02111 Attn: Privacy.

Security

Bonset America and its global third-party cloud storage providers have reasonable and appropriate technical and organizational security measures in place to protect against unauthorized processing, loss, misuse and alteration of Personal Data under its control, including: (a) pseudonymization (such as where data is separated from identifiers so that linkage to an identity is not possible without additional information that is stored separately) and encryption, (b) ensuring the ongoing confidentiality, integrity, availability and resilience of systems and services used to process Personal Data, and (c) ensuring a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational security measures. Please be advised that we cannot, and we do not believe that anyone can, genuinely guarantee or warrant absolute security of Personal Data disclosed or transmitted via the Internet to us or a third-party. As a result, absent Bonset America’s gross negligence, customers and users agree to not hold Bonset America responsible for the theft, destruction, loss, damage or inadvertent disclosure of Personal Data or other data provided to Bonset America.

Linking

The Websites and Portals may contain links to third-party websites that Bonset America does not control or maintain. Bonset America is not responsible for the privacy practices employed by these third-party websites. Bonset America encourages users to read the privacy statements of such other websites before submitting any Personal Data.

Regarding Children

Bonset America does not knowingly collect or distribute any Personal Data from children under 13 years old. If a child under 13 has provided Bonset America with Personal Data, the parent or guardian of that child should contact Bonset America immediately at privacy@bonset.com to delete this Personal Data.

Privacy Shield Frameworks

EU-U.S. Privacy Shield. Bonset America has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Privacy Shield Framework and its Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, Recourse, Enforcement and Liability. Bonset America's certification under the Privacy Shield applies to all Personal Data subject to this Privacy Policy and transferred from the EEA to the U.S.  Bonset America is responsible for the processing of Personal Data it receives and subsequently transfers to a third-party acting as an agent on its behalf. Bonset America complies with the EU-U.S. Privacy Shield Principles for all onward transfers of Personal Data from the EEA, including the onward transfer liability provisions. U.S.-Swiss Privacy Shield. Bonset America has certified to the U.S. Department of Commerce that it adheres to the U.S.-Swiss Privacy Shield Framework and its Principles of Notice, Choice, Onward Transfer, Security, Data Integrity, Access and Enforcement. Bonset America's certification under the Privacy Shield applies to all Personal Data subject to this Privacy Policy and transferred from Switzerland to the U.S.  Bonset America is responsible for the processing of Personal Data it receives and subsequently transfers to a third-party acting as an agent on its behalf. Bonset America complies with the U.S.-Swiss Privacy Shield Principles for all onward transfers of Personal Data from Switzerland, including the onward transfer liability provisions. Dispute Resolution. Disputes within the jurisdiction of the EU-U.S. or Swiss Privacy Shield Frameworks should first be referred to privacy@bonset.com. Bonset America has further committed to refer unresolved privacy complaints under the EU-U.S. and Swiss Privacy Shield Principles to JAMS, Bonset America’s independent recourse mechanism. If a timely acknowledgement of a complaint is not received, or if we have not satisfactorily addressed a complaint, please contact or visit the JAMS website at https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. The services of JAMS for Privacy Shield complaints are provided at no cost to the complainant. If neither Bonset America nor JAMS resolves the complaint, customers and users may pursue binding arbitration through the Privacy Shield Panel. To learn more about the Privacy Shield Panel, visit here. Bonset America is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.  Without prejudice to any other administrative or judicial remedy, customers and users always have the right to lodge a complaint with the relevant data protection supervisory authority in their resident country. Conflict. If there is any conflict between the terms in this Privacy Policy and the EU-U.S. or Swiss Privacy Shield Principles, the Privacy Shield Principles shall govern according to jurisdiction. To learn more about the Privacy Shield program, and to view our certifications, please visit https://www.privacyshield.gov/.

Dispute Rsolution

Customers and users agree that any dispute or claim against Bonset America will be resolved by binding arbitration, rather than in court. Such disputes and claims shall be referred to and finally determined by arbitration in accordance with JAMS Streamlined Arbitration Rules and Procedures. By using the Products and Services or accessing the Websites or Portals, customers and users agree to not participate in or seek to recover monetary or other relief in any lawsuit filed against Bonset America alleging class, collective and/or representative claims. Instead, by agreeing to arbitration, customers and users may bring claims against Bonset America in an individual arbitration proceeding. Claims of more than one individual cannot be arbitrated or consolidated with those of any other individual. Customers and users acknowledge the advisement to consult with an attorney in deciding whether to accept this Privacy Policy prior to using the Products and Services, Websites or Portals including this arbitration agreement. If any provision of this Privacy Policy is held to be invalid, the remaining provisions shall not be affected.

Changes to Bonset America's Privacy Policy

As laws and best practices evolve, this Privacy Policy may change. Bonset America will provide email notification to customers and users if changes to the Privacy Policy are material. Continued use of the Products and Services after modification constitutes acceptance to the Privacy Policy, as modified. We encourage periodic review of the Privacy Policy for the latest information on our privacy practices.