Privacy policy

Last updated:02/04/2024

This Privacy Policy describes how ForeverCarat (the "Site", "we", "us", or "our") collects, uses, and discloses your personal information when you visit, use our services, or make a purchase from forevercarat.org (the "Site") or otherwise communicate with us (collectively, the "Services"). For purposes of this Privacy Policy, "you" and "your" means you as the user of the Services, whether you are a customer, website visitor, or another individual whose information we have collected pursuant to this Privacy Policy.

Please read this Privacy Policy carefully. By using and accessing any of the Services, you agree to the collection, use, and disclosure of your information as described in this Privacy Policy. If you do not agree to this Privacy Policy, please do not use or access any of the Services.

 

Any updates or modifications to this Policy will be posted to our Website on this page. By using or accessing the Services, you signify that you have read, understand and agree to be bound by this Policy.

Our Services are operated in the United States but can be accessed worldwide.

If you are located in the European Economic Area (“EEA”), Switzerland, or the United Kingdom, we are subject to the UK General Data Protection Regulation (“UK GDPR”) and the EU General Data Protection Regulation (“EU GDPR”) and are the Controller of your data.

California residents should consult the section titled “Your California Privacy Rights” for rights that apply to them.

If you have questions about this Policy, please contact us at fc@forevercarat.org


Changes to This Privacy Policy

We may update this Privacy Policy from time to time, including to reflect changes to our practices or for other operational, legal, or regulatory reasons. We will post the revised Privacy Policy on the Site, update the "Last updated" date and take any other steps required by applicable law.

We reserve the right to change this Policy at any time. In the event we make changes to this Policy, such policy will be re-posted in the "Privacy" section of our Services with the date such modifications were made indicated on the top of the page. Therefore, please review this Policy from time to time so that you are aware when any changes are made to this Policy. If you have any questions about the changes that were implemented, please contact us at fc@forevercarat.org and include “Information Regarding Updated Policy” in the subject line. In any event, your continued use of the Services after such change constitutes your acceptance of any such change(s), and if you do not accept any changes, you may choose not to use the Services or opt out by sending us an appropriate notice. 

How We Collect and Use Your Personal Information

Types of Information

We may collect the following types of Information through our Services:

(1) “Personal Data” such as your name, e-mail address and phone number, mailing address, and other information that can be used to directly identify and contact you (which, in some cases, may include certain Device Information or information from the signature block of your e-mail);

(2) “Device Information” which is information relating to the computer or device you are using when you access our Services, such as your computer’s IP address, your mobile device identifiers (including Apple IDFA or an Android Advertising ID), the type of browser and operating system you are using, the identity of your internet service provider, and your device and browser settings.

(3) “Usage Data” which is data related to your use of the Services such as the pages you visit, the sites you use before or after visiting ours, your actions within the Services, the type of content or advertisements you have accessed, seen, forwarded and/or clicked on, Wi-Fi connections, date and time stamps, log files, and diagnostic, crash, website, and performance logs and reports.

As described in more detail below, we collect Personal Data only when you provide it to us but may collect other types of Information whenever you use our Services through automated means such as software developer kits, cookies and web beacons (which are discussed in more detail below).

Personal Data

You may enter the Website and browse its content without submitting any Personal Data. However, we will need to collect relevant Personal Data to provide you with certain services offered by the Services, including if you choose to create an account on our website, contact us or otherwise communicate with us in any way, subscribe or opt in to our newsletter, alerts, or other communications, subscribe or opt in to SMS messages, sign up for product waitlists, participate in a contest or promotion, order our products, submit product reviews, questions, feedback or user comments, complete an optional survey, contact customer service or otherwise interact with the Services.

We use the Personal Data that we collect to respond to your requests, communicate with you regarding the Services and our content, send you promotional or marketing communications, guard against potential fraud, provide product information, service your requests and orders, and provide you with the applicable services, features or functionality associated with your submission. When you submit Personal Data through the Services, whether by directly providing it to us upon request or voluntarily disclosing it through comments, you are giving your consent to the collection, use and disclosure of your Personal Data as set forth in this Privacy Policy.

Device Information & Usage Data

Whether or not you submit Personal Data, any time you visit our Services, we or our service providers may collect, store or accumulate certain Device Information and Usage Data. This Information may be used in furtherance of the purposes described above with respect to Personal Data and in aggregate form for internal business purposes, such as optimizing the Services, evaluating the popularity of content, generating statistics and developing marketing plans, and otherwise for general administrative, analytical, research, optimization, and security purposes.

Information to and from Social Networks

We may provide functionality that will allow you to connect to our Services through a third-party social network such as Facebook, Twitter or Instagram (each, a “Social Network”). If you connect through a Social Network, we may collect Personal Data from your profile, such as your name, username, and e-mail address, and we will use that Personal Data for the purposes set forth herein. In addition, our Services may offer social sharing features which will allow you to “Share” or “Like” on a Social Network. If you decide to use such features, it may allow the sharing and collection of Information both to and from such Social Network, so you should check the privacy policy of each Social Network before using such features.

SHARING OF INFORMATION

In no event will we disclose, rent, sell or share any of your Personal Data to third parties for direct marketing purposes. We only share your Information with third parties for the purposes described below.

We contract with companies or individuals to provide certain services related to the functionality and features of the Services, including content streaming, email and hosting services, software development, data management, orders, payment processing, management of forms, quizzes and polls, customer service, returns, live chat, marketing, fraud prevention, product review and questions, and administration of contests and other promotions. We call them our “Service Providers.” We may share your Information with Service Providers as appropriate for them to perform their services for us and our Service Providers are permitted to use your Information only for such purposes.

We use Shopify, Inc. to host our website and to process our orders. Shopify’s privacy policy is located at:

https://www.shopify.com/legal/privacy

The server automatically logs the IP address you use to access our website as well as other information about your visit such as the pages accessed, information requested, the date and time of the request, the source of your access to our website (e.g. the website or URL (link) which referred you to our website), and your browser version and operating system.

In certain instances, as with Paypal, which process payments, you may also be directed to a third-party website which is governed by its own privacy policy:

https://www.paypal.com/us/webapps/mpp/ua/privacy-full

We may also share or transfer Device Information and Usage Data in aggregated, anonymized form with or to our affiliates, licensees, partners and Service Providers for administrative, analytical, research, optimization, and security purposes, but no such Information will be linked with your Personal Data or be used to identify or contact you.

Finally, we may share your Information: (i) In response to subpoenas, court orders, or other legal process; to establish or exercise our legal rights; to defend against legal claims; or as otherwise required by law. In such cases we reserve the right to raise or waive any legal objection or right available to us; (ii) When we believe it is appropriate to investigate, prevent, or take action regarding illegal or suspected illegal activities; to protect and defend the rights, property, or safety of our company, our users, or others; and in connection with the enforcement of our Terms of Use and other agreements; or (iii) In connection with a corporate transaction, such as a divestiture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy.

What Personal Information We Collect

The types of personal information we obtain about you depends on how you interact with our Site and use our Services. When we use the term "personal information", we are referring to information that identifies, relates to, describes or can be associated with you. The following sections describe the categories and specific types of personal information we collect.

Information We Collect Directly from You

Information that you directly submit to us through our Services may include:

  • Basic contact details including your name, address, phone number, email.
  • Order information including your name, billing address, shipping address, payment confirmation, email address, phone number.
  • Account information including your username, password, security questions.
  • Shopping information including the items you view, put in your cart or add to your wishlist.
  • Customer support information including the information you choose to include in communications with us, for example, when sending a message through the Services.

Some features of the Services may require you to directly provide us with certain information about yourself. You may elect not to provide this information, but doing so may prevent you from using or accessing these features.

Information We Collect through Cookies

We also automatically collect certain information about your interaction with the Services ("Usage Data"). To do this, we may use cookies, pixels and similar technologies ("Cookies"). Usage Data may include information about how you access and use our Site and your account, including device information, browser information, information about your network connection, your IP address and other information regarding your interaction with the Services.

Information We Obtain from Third Parties

Finally, we may obtain information about you from third parties, including from vendors and service providers who may collect information on our behalf, such as:

  • Companies who support our Site and Services, such as Shopify.
  • Our payment processors, who collect payment information (e.g., bank account, credit or debit card information, billing address) to process your payment in order to fulfill your orders and provide you with products or services you have requested, in order to perform our contract with you.
  • When you visit our Site, open or click on emails we send you, or interact with our Services or advertisements, we, or third parties we work with, may automatically collect certain information using online tracking technologies such as pixels, web beacons, software developer kits, third-party libraries, and cookies.

Any information we obtain from third parties will be treated in accordance with this Privacy Policy. We are not responsible or liable for the accuracy of the information provided to us by third parties and are not responsible for any third party's policies or practices. For more information, see the section below, Third Party Websites and Links.

We may use certain automatic analytics and tracking technologies to assist us in performing a variety of functions, including storing your Information, collecting Device Information and Usage Data, understanding your use of the Services and customizing the content offered to you on the Services. We may use platforms like Google Analytics to provide aggregated or anonymized information relating to demographics, geography, interests or affinities. Other technologies we may use include:

(1) Cookies. Cookies are text files placed in your computer's browser to store your preferences. We use cookies or other tracking technologies to understand site and Internet usage and to improve or customize the Services and the content, offerings, or advertisements you see on the Services. For example, we may use cookies to personalize your experience on the Services or remember any settings you have chosen. Most web browsers automatically accept cookies, but you can usually configure your browser to prevent this. However, not accepting cookies may make certain features of the Services unavailable to you.

(2) Web Beacons. We may also use "web beacons" or clear GIFs, or similar technologies, which are small pieces of code placed on a web page or in an email, to monitor the behavior and collect data about the visitors viewing a web page or email. For example, web beacons may be used to count the users who visit a web page or to deliver a cookie to the browser of a visitor viewing that page. Web beacons may also be used to provide information on the effectiveness of our email campaigns (e.g., open rates, clicks, forwards, etc.).

(3) Mobile Device Identifiers and SDKs. We also sometimes use, or partner with publishers or app developer platforms that use, mobile Software Development Kits ("SDKs") that are incorporated into the Services to collect Information, such as mobile identifiers (e.g., IDFAs and Android Advertising IDs), geolocation information, and other information about your device or use of the Services. A mobile SDK may act as the mobile version of a web beacon (see "Web Beacons" above).

By visiting the Services, whether as a registered user or otherwise, you acknowledge, and agree that you are giving us your consent to track your activities and your use of the Services through the technologies described above, as well as similar technologies developed in the future, and that we may use such tracking technologies in the emails we send to you. Please note that no such tracking technologies will collect any Personal Data from you unless you choose to submit it to us and that data relating to you individually is not shared with any third parties.

PERSONAL DATA RETENTION

We retain the Personal Data we receive as described in this Privacy Policy for as long as you use the Services or as necessary to fulfill the purpose(s) for which it was collected, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws.

PRIVACY AND SECURITY

We take reasonable precautions to protect our customers' Personal Data against loss, misuse, unauthorized disclosure, alteration, and destruction. However, please remember that no transmission of data over the Internet or any wireless network can be guaranteed to be 100% secure. As a result, while we strive to protect your Personal Data, we cannot ensure or warrant the security of any Information that you transmit to us or from us, and you do so at your own risk. You hereby acknowledge that we are not responsible for any intercepted information sent via the Internet, and you hereby release us from any and all claims arising out of or related to the use of intercepted information in any unauthorized manner.

If you believe your Personal Data is being improperly used by us or any third party, please immediately notify us via email at fc@foreverCarat.org

How We Use Your Personal Information

  • Providing Products and Services. We use your personal information to provide you with the Services in order to perform our contract with you, including to process your payments, fulfill your orders, to send notifications to you related to you account, purchases, returns, exchanges or other transactions, to create, maintain and otherwise manage your account, to arrange for shipping, facilitate any returns and exchanges and to enable you to post reviews.
  • Marketing and Advertising. We use your personal information for marketing and promotional purposes, such as to send marketing, advertising and promotional communications by email, text message or postal mail, and to show you advertisements for products or services. This may include using your personal information to better tailor the Services and advertising on our Site and other websites.
  • Security and Fraud Prevention. We use your personal information to detect, investigate or take action regarding possible fraudulent, illegal or malicious activity. If you choose to use the Services and register an account, you are responsible for keeping your account credentials safe. We highly recommend that you do not share your username, password, or other access details with anyone else. If you believe your account has been compromised, please contact us immediately.
  • Communicating with you. We use your personal information to provide you with customer support and improve our Services. This is in our legitimate interests in order to be responsive to you, to provide effective services to you, and to maintain our business relationship with you.

Cookies

Like many websites, we use Cookies on our Site. For specific information about the Cookies that we use related to powering our store with Shopify, see https://www.shopify.com/legal/cookies. We use Cookies to power and improve our Site and our Services (including to remember your actions and preferences), to run analytics and better understand user interaction with the Services (in our legitimate interests to administer, improve and optimize the Services). We may also permit third parties and services providers to use Cookies on our Site to better tailor the services, products and advertising on our Site and other websites.

Most browsers automatically accept Cookies by default, but you can choose to set your browser to remove or reject Cookies through your browser controls. Please keep in mind that removing or blocking Cookies can negatively impact your user experience and may cause some of the Services, including certain features and general functionality, to work incorrectly or no longer be available. Additionally, blocking Cookies may not completely prevent how we share information with third parties such as our advertising partners.

How We Disclose Personal Information

In certain circumstances, we may disclose your personal information to third parties for legitimate purposes subject to this Privacy Policy. Such circumstances may include:

  • With vendors or other third parties who perform services on our behalf (e.g., IT management, payment processing, data analytics, customer support, cloud storage, fulfillment and shipping).
  • With business and marketing partners, including Shopify, to provide services and advertise to you. Our business and marketing partners will use your information in accordance with their own privacy notices.
  • When you direct, request us or otherwise consent to our disclosure of certain information to third parties, such as to ship you products or through your use of social media widgets or login integrations, with your consent.
  • With our affiliates or otherwise within our corporate group, in our legitimate interests to run a successful business.
  • In connection with a business transaction such as a merger or bankruptcy, to comply with any applicable legal obligations (including to respond to subpoenas, search warrants and similar requests), to enforce any applicable terms of service, and to protect or defend the Services, our rights, and the rights of our users or others.

We have, in the past 12 months disclosed the following categories of personal information and sensitive personal information (denoted by *) about users for the purposes set out above in "How we Collect and Use your Personal Information" and "How we Disclose Personal Information":

Category Categories of Recipients
  • Identifiers such as basic contact details and certain order and account information
  • Commercial information such as order information, shopping information and customer support information
  • Internet or other similar network activity, such as Usage Data
  • Vendors and third parties who perform services on our behalf (such as Internet service providers, payment processors, fulfillment partners, customer support partners and data analytics providers)
  • Business and marketing partners
  • Affiliates

We do not use or disclose sensitive personal information for the purposes of inferring characteristics about you.

We have “sold” and “shared” (as those terms are defined in applicable law) personal information over the preceding 12 months for the purpose of engaging in advertising and marketing activities, as follows.

Category of Personal Information Categories of Recipients
Identifiers such as basic contact details and certain order and account information Business and marketing partners
Commercial information such as records of products or services purchased and shopping information Business and marketing partners
Internet or other similar network activity, such as Usage Data Business and marketing partners

User Generated Content

The Services may enable you to post product reviews and other user-generated content. If you choose to submit user generated content to any public area of the Services, this content will be public and accessible by anyone.

We do not control who will have access to the information that you choose to make available to others, and cannot ensure that parties who have access to such information will respect your privacy or keep it secure. We are not responsible for the privacy or security of any information that you make publicly available, or for the accuracy, use or misuse of any information that you disclose or receive from third parties.

Third Party Websites and Links

Our Site may provide links to websites or other online platforms operated by third parties. If you follow links to sites not affiliated or controlled by us, you should review their privacy and security policies and other terms and conditions. We do not guarantee and are not responsible for the privacy or security of such sites, including the accuracy, completeness, or reliability of information found on these sites. Information you provide on public or semi-public venues, including information you share on third-party social networking platforms may also be viewable by other users of the Services and/or users of those third-party platforms without limitation as to its use by us or by a third party. Our inclusion of such links does not, by itself, imply any endorsement of the content on such platforms or of their owners or operators, except as disclosed on the Services.

Children’s Data

The Services are not intended to be used by children, and we do not knowingly collect any personal information about children. If you are the parent or guardian of a child who has provided us with their personal information, you may contact us using the contact details set out below to request that it be deleted.

As of the Effective Date of this Privacy Policy, we do not have actual knowledge that we “share” or “sell” (as those terms are defined in applicable law) personal information of individuals under 16 years of age.

Security and Retention of Your Information

Please be aware that no security measures are perfect or impenetrable, and we cannot guarantee “perfect security.” In addition, any information you send to us may not be secure while in transit. We recommend that you do not use unsecure channels to communicate sensitive or confidential information to us.

How long we retain your personal information depends on different factors, such as whether we need the information to maintain your account, to provide the Services, comply with legal obligations, resolve disputes or enforce other applicable contracts and policies.

Your Rights and Choices

Depending on where you live, you may have some or all of the rights listed below in relation to your personal information. However, these rights are not absolute, may apply only in certain circumstances and, in certain cases, we may decline your request as permitted by law.

  • Right to Access / Know. You may have a right to request access to personal information that we hold about you, including details relating to the ways in which we use and share your information.
  • Right to Delete. You may have a right to request that we delete personal information we maintain about you.
  • Right to Correct. You may have a right to request that we correct inaccurate personal information we maintain about you.
  • Right of Portability. You may have a right to receive a copy of the personal information we hold about you and to request that we transfer it to a third party, in certain circumstances and with certain exceptions.
  • Right to Opt out of Sale or Sharing or Targeted Advertising. You may have a right to direct us not to "sell" or "share" your personal information or to opt out of the processing of your personal information for purposes considered to be "targeted advertising", as defined in applicable privacy laws. Please note that if you visit our Site with the Global Privacy Control opt-out preference signal enabled, depending on where you are, we will automatically treat this as a request to opt-out of the "sale" or "sharing" of information for the device and browser that you use to visit the Site.
  • Right to Limit and/or Opt out of Use and Disclosure of Sensitive Personal Information. You may have a right to direct us to limit our use and/or disclosure of sensitive personal information to only what is necessary to perform the Services or provide the goods reasonably expected by an average individual.
  • Restriction of Processing: You may have the right to ask us to stop or restrict our processing of personal information.
  • Withdrawal of Consent: Where we rely on consent to process your personal information, you may have the right to withdraw this consent.
  • Appeal: You may have a right to appeal our decision if we decline to process your request. You can do so by replying directly to our denial.
  • Managing Communication Preferences: We may send you promotional emails, and you may opt out of receiving these at any time by using the unsubscribe option displayed in our emails to you. If you opt out, we may still send you non-promotional emails, such as those about your account or orders that you have made.

You may exercise any of these rights where indicated on our Site or by contacting us using the contact details provided below.

We will not discriminate against you for exercising any of these rights. We may need to collect information from you to verify your identity, such as your email address or account information, before providing a substantive response to the request. In accordance with applicable laws, You may designate an authorized agent to make requests on your behalf to exercise your rights. Before accepting such a request from an agent, we will require that the agent provide proof you have authorized them to act on your behalf, and we may need you to verify your identity directly with us. We will respond to your request in a timely manner as required under applicable law.

We use Shopify's ad services such as Shopify Audiences to help personalize the advertising you see on third party websites. To restrict Shopify merchants that use these ad services from using your personal information for such services, visit https://privacy.shopify.com/en.

 

Opting Out of Communications

As described above, we may use the Personal Data we collect from you to send you newsletters or other communications from us, including those promotional or marketing in nature. If you do not want to receive such communications, you can opt out.

You may also at any time opt out of receiving communications from us by sending an e-mail to support@shopshashi.com with the subject line “Opt Out.”

Disallowing Cookies and Location Data Collection

You can opt out of the collection and use of certain information, which we collect about you by automated means, by changing the settings in the device you use to access the Services. In addition, your browser may tell you how to be notified and opt out of receiving certain types of cookies. Please note, however, that without cookies you may not be able to use some or all of the features of the Services.
The online advertising industry also provides websites from which you may opt out of receiving targeted ads from data partners and other advertising partners that participate in self-regulatory programs. You can access these and learn more about targeted advertising and consumer choice and privacy, at:

http://optout.networkadvertising.org
http://www.youronlinechoices.eu
https://youradchoices.ca/choices
http://optout.aboutads.info

Your Right to Access, Review, and Delete Personal Data

Under certain laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”), you may have the right to: obtain confirmation that we hold Personal Data about you, request access to and receive information about the Personal Data we maintain about you, restrict the use of the data, receive the data in a portable format, receive copies of the Personal Data we maintain about you, update and correct inaccuracies in your Personal Data, object to the continued processing or use of your Personal Data, complain to a supervisory authority, and have the Personal Data blocked, anonymized or deleted, as appropriate. The right to access Personal Data may be limited in some circumstances by local law. If you qualify, in order to exercise these rights, please contact us as set forth below.
E-mail: fc@forevercarat.org

We may ask you to provide additional information for identity verification purposes, or to verify that you are in possession of an applicable email account.

Please understand, however, that we reserve the right to retain an archive of such Personal Data for a commercially reasonable time to ensure that its deletion does not affect the integrity of our data; and we further reserve the right to retain an anonymous version of such Information.

Do Not Track

We use analytics systems and providers and participate in ad networks that process Personal Information about your online activities over time and across third-party websites or online services, and these systems and providers may provide some of this information to us. We process or comply with any web browser’s “do not track” signal or similar mechanisms.
Note, however, that you may find information about how to opt out of online behavioral advertising and/or block or reject certain tracking technologies in the section caption “Disallowing Cookies and Location Data Collection” above.

Complaints

If you have complaints about how we process your personal information, please contact us using the contact details provided below. If you are not satisfied with our response to your complaint, depending on where you live you may have the right to appeal our decision by contacting us using the contact details set out below, or lodge your complaint with your local data protection authority.

International Users

Please note that we may transfer, store and process your personal information outside the country you live in, including the United States. Your personal information is also processed by staff and third party service providers and partners in these countries.

If we transfer your personal information out of Europe, we will rely on recognized transfer mechanisms like the European Commission's Standard Contractual Clauses, or any equivalent contracts issued by the relevant competent authority of the UK, as relevant, unless the data transfer is to a country that has been determined to provide an adequate level of protection.

Contact

Should you have any questions about our privacy practices or this Privacy Policy, or if you would like to exercise any of the rights available to you, please email us at fc@forevercarat.org