PRIVACY POLICY

theheelrack.com is operated by TheHeelRack. This Privacy Policy (“Privacy Policy” or “Policy”) describes how theheelrack.com collects, uses, and discloses personal information when you access or use our website or any other services that link to this Privacy Policy, visit us in our stores, or otherwise communicate with us.

This Policy also tells you about your rights and choices with respect to your personal information, and how you can reach out to us to get answers to your questions. Our privacy practices with respect to personal information about our employees, job applicants and contractors, past and present, are addressed through other internal company policies and procedures, and are outside the scope of this Policy.

You can access specific topics in this Privacy Policy by clicking on the relevant links below:

Types of Information We Collect
The types of personal information we collect about you depends on how you interact with us. “Personal Information” refers to information that identifies, relates to, describes, or can be associated with you. The following provides examples of the type of information that we collect and have collected in the preceding 12 months and our purpose for collecting that information.

Category | Example of Information Collection | Purpose for Collection

Identifiers

  • Basic identifying information such as name, email address, postal address, billing address, shipping address, and phone number.
  • Providing account-related functionalities.
  • To fulfill your contract for the provision of products or services, to ship the goods to you or your provided recipient, to provide receipts and order updates, and to send notifications to you about your account, purchases, returns, and exchanges.
  • To receive and act upon your feedback or issues.
  • To share information about our products and services.
  • To operate contests and sweepstakes.
  • To fulfill our promotions.
  • To conduct surveys or contests and to understand your opinions.
  • To serve targeted advertisements.

Commercial Information

  • Payment information such as credit or debit card number. This information may be collected by our consumer care representatives to help with completing your order. However, typically this information is collected by our payment processor partners.
  • Information regarding the products or services you have purchased, returned, exchanged, or considered, and your preferences, as well as your government-issued identifier in connection with return transactions.
  • To fulfill your contract for the provision of products or services, to provide receipts and order updates, and to send notifications to you about your account, purchases, returns, and exchanges.

Demographic Information

  • Date of birth or your location
  • To send birthday promotions and gifts.
  • To understand and analyze our customers.

Internet or Other Network Activity Information

  • If you receive email from us, we use certain tools to capture data related to when you open our message, click on any links or banners it contains and make purchases.
  • Mobile device or app information such as unique identifying information that is sent from your device when visiting our website or one of our stores.
  • We use cookies, web beacons, clear GIF, pixels, internet tags, and other similar tracking technologies (collectively “tracking technologies”) to monitor how you interact with our website and mobile applications and other websites. This may include which links you click on or identifying information about your device or browser.
  • With web logs we may collect your browser type, operating system, Internet Protocol (IP) address (a number that is automatically assigned to a computer when the Internet is used), domain name, click-activity, referring website, and/or a date/time stamp for your visit.
  • Information about your interactions with our online services and advertisements, including browsing activities and data that reflects the content you have accessed, clicked on, or viewed, use of our accessibility features, and information about the websites or apps visited immediately before or after interacting with our online services.
  • To understand how you interact with our communications.
  • To identify unique visitors, and to understand how users interact with their mobile devices.
  • To operate our website and mobile applications efficiently, provide account-related functionalities, and understand how you interact with our website and mobile applications to better improve them and maintain security standards.
  • To detect and prevent fraud.
  • To serve targeted advertisements and engage in behavior-based advertising and capture web analytics.

Characteristics of Protected Classifications Under State or Federal Law

  • Age
  • To send birthday promotions and gifts.
  • To understand and analyze our customers.

Geolocation Data

  • Your location from the GPS, Wi-Fi, and/or cell phone, computer, or device to determine your distance from one of our stores.
  • To understand our users and provide tailored services.
  • In some contexts, our use is also based on your consent to provide us with geolocation information.
  • To serve targeted advertisements.

Audio, Electronic, Visual, Thermal, Olfactory, or Similar Information

  • Audio recordings of customer service calls.
  • Video recordings (CCTV) of stores.
  • For quality assurance purposes.
  • For safety, security, fraud, loss prevention, and operation purposes in store.

Professional or Employment-Related Information

  • Business/professional contact information (name, email address, phone number).
  • Employment position.
  • Background or screening information to the extent needed and in accordance with applicable law.
  • To maintain our relationship with our suppliers, subcontractors, and service providers, and performing our contract with the organization.

Sensitive Personal Information

  • Account login and password.
  • Credit card/debit card number and pin. This information may be collected by our consumer care representatives to help with completing your order. However, typically this information is collected by our payment processor partners.
  • Racial or ethnic origin, religion.
  • Provide account-related functionalities to our users.
  • To fulfill your contract for the provision of products or services, to provide receipts and order updates, and to send notifications to you about your account, purchases, returns, and exchanges.
  • To understand and analyze our customers.

Inferences Drawn from Any of the Information Identified Above

  • We use the information listed above to draw inferences about your preferences.
  • We use the information listed above to draw inferences about your preferences.

Use and Processing of Your Information
In addition to the specific situations discussed elsewhere in this policy, we use information for the following situations:

  • To identify you when you visit our website, mobile applications, or our stores and personalize your experience.
  • To provide products and services you request or to process returns.
  • To streamline the checkout process.
  • To administer, maintain, evaluate, and improve our website, mobile applications, and services, and to develop new products and services.
  • To conduct research and analytics related to our website, mobile applications and services, including combining any or all of the information that we collect or obtain.
  • To respond to inquiries related to support, or other requests.
  • To communicate with you, such as through our clienteling services or to send marketing and promotional materials, including information relating to our products, services, sales, or promotions.
  • For internal administrative purposes, as well as to manage our relationships.
  • To detect, investigate, prevent, or take action regarding possible malicious, deceptive, fraudulent, or illegal activity, including fraudulent transactions, attempts to manipulate or violate our policies, procedures, and terms and conditions, security incidents, and harm to the rights, property, or safety of TheHeelRack and our customers, employees, or others.

Although the sections above describe our primary purpose in collecting your information, in many situations we have more than one purpose. For example, if you complete an online purchase, we may collect your information to perform our contract with you, but we also collect your information as we have a legitimate interest in maintaining your information after your transaction is complete so that we can quickly and easily respond to any questions about your order. As a result, our collecting and processing of your information is based in different contexts upon your consent, our need to perform a contract, our obligations under law, and/or our legitimate interest in conducting our business.

Sources of Information
We collect your personal information in the following ways, pursuant to applicable law:

  • Directly From You, when you use or engage with our website or mobile applications, shop with us, register for an account, contact us, respond to a survey, post on our site, or sign up to receive emails, text messages, and/or postal mailings. For example, we collect and record information and content you provide to us over the phone, email, or online chat, or when you communicate with us using any other service or communication method.
  • Through Our Use of Cookies and Other Automatic Data Collection Technologies, when you visit our website, open or click on emails we send you, or interact with our advertisements. We or third parties we work with automatically collect certain information using technologies such as cookies, web beacons, clear GIF, pixels, internet tags, web server logs, and other data collection tools. For more information, please see the “Cookies and Similar Tracking Technologies” section below.
  • Through in-store and other offline technologies. In some cases, we record customer service calls for quality assurance. We may also use Closed Circuit Television or CCTV in our stores for safety, security, fraud, loss prevention, and operational purposes.
  • From Our Third Party Partners, including from third parties that we have partnered with to provide you the products and services that you have requested from us.
  • From Other Sources, We may obtain information about you from other sources, such as data analytics providers, marketing or advertising service providers, fraud prevention service providers, vendors that provide services on our behalf, or publicly available sources. We also create information based on our analysis of the information we have collected from you.
  • Additionally, if you have given TheHeelRack permission to store your payment information, your credit card issuer may provide us with updated payment information (including credit card number and expiration date) in connection with the credit card issuer’s account updater service. We use this information to perform our contract with you. The credit card issuer’s use of your information is not governed by this privacy policy, but by their own privacy policies.

Disclosures of Information
In addition to the specific situations discussed elsewhere in this policy, we disclose information in the following situations:

  • Affiliates: We may disclose your information to our corporate affiliates (e.g., parent company, sister companies, subsidiaries, joint ventures, or other companies under common control) to provide you with our products and services.
  • Acquisitions: If another company acquires our company, business, or our assets, we will also disclose your information to that company, including at the negotiation stage.
  • Other Disclosures with Your Consent: We may ask if you would like us to disclose your information with other unaffiliated third parties who are not described elsewhere in this policy.
  • Compliance with Law or Other Legal Process: We may disclose your information in response to subpoenas, warrants, or court orders, or in connection with any legal process, or to comply with relevant laws. We may also disclose your information in order to establish or exercise our rights, to defend against a legal claim, to investigate, prevent, or take action regarding possible illegal activities, suspected fraud, safety of person or property, or a violation of our policies, or to comply with your request for the shipment of products to or the provision of services by a third party intermediary.
  • Public Forums: You may have the opportunity to post comments, or reviews, in a public forum. If you decide to submit information on these pages, that information may be publicly available.
  • Partner Promotion: We may offer contests, sweepstakes, or other promotions with third-party partners. If you decide to enter a contest, sweepstakes, or promotion that is sponsored by a third-party partner, the information that you provide will be shared with us and with them in order to carry out the promotion. A third-party partner’s use of your information is not governed by this privacy policy.
  • Service Providers and Contractors: We may disclose your information to service providers and contractors for processing for a specific business purpose on our behalf. Among other things, service providers and contractors may help us to administer or host our website, assist in daily business operations, provide professional services, distribute communications, manage promotions, provide data analytics and logistics, operate advertising and marketing campaigns, conduct surveys, provide technical support, process payments, host or store data, assist with fraud prevention, and assist in the fulfillment of orders.
  • Third Party Applications/Websites: We may disclose customer information (including personally identifiable information) with certain companies for advertising and marketing purposes.

Cookies and Similar Tracking Technologies
We and our third-party partners use cookies and similar tracking technologies (e.g., web beacons, pixels, tags, and software development kits) to automatically collect information from your browser or device when you visit our website or use our applications. Cookies are small text files that websites store on a user’s computer or device. We may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer or device until you delete them) to help us operate our website and collect information.

We use these technologies for various purposes, including:

  • Strictly Necessary: These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in, or filling in forms.
  • Functional: These cookies enable the website to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our pages.
  • Performance/Analytics: These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.
  • Targeting/Advertising: These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites.

You can manage your cookie preferences through our Cookie Preference Center or through your browser settings. Please note that blocking some types of cookies may impact your experience of our site and the services we are able to offer.

Your Rights and Choices
Depending on where you reside, you may have certain rights regarding your personal information. These rights may include:

  • Right to Know: You may have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources from which the information is collected, our business or commercial purpose for collecting or disclosing information, and the categories of third parties with which we disclose information.
  • Right to Delete: You may have the right to request that we delete personal information we have collected from you, subject to certain exceptions.
  • Right to Opt-Out: You may have the right to opt-out of the sale of your personal information or the sharing of your personal information for cross-context behavioral advertising.
  • Right to Correct: You may have the right to request that we correct inaccurate personal information we maintain about you.
  • Right to Non-Discrimination: You have the right not to receive discriminatory treatment for the exercise of these privacy rights.

To exercise any of these rights, please submit a request through our designated request form on theheelrack.com or contact us using the information provided at the end of this Policy. We will verify your request using the information associated with your account or by requesting additional information as necessary.

Data Security and Retention
We implement and maintain reasonable administrative, physical, and technical security safeguards designed to protect your personal information from unauthorized access, destruction, use, modification, or disclosure. However, no method of transmission over the internet or method of electronic storage is 100% secure. Therefore, while we strive to protect your personal information, we cannot guarantee its absolute security.

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. The criteria used to determine our retention periods include: (i) the length of time we have an ongoing relationship with you; (ii) whether there is a legal obligation to which we are subject; and (iii) whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation, or regulatory investigations).

Children’s Privacy
Our website and services are not directed to, and we do not knowingly collect personal information from, children under the age of 13. If we learn that we have collected personal information of a child under 13 without parental consent, we will take steps to delete such information from our files as soon as reasonably possible.

Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make changes, we will revise the “Effective Date” at the top of this Policy. If we make material changes to this Policy, we will notify you by prominently posting a notice on our website or by sending you a notification in accordance with your communication preferences. We encourage you to periodically review this page for the latest information on our privacy practices.

Contact Us
If you have any questions or concerns about this Privacy Policy or our privacy practices, please visit our Help Center at theheelrack.com/help or submit an inquiry through our online contact form. You may also write to us at our customer care address.

For requests related to your privacy rights, please submit a verifiable consumer request through our dedicated privacy request portal available on theheelrack.com.

California Privacy Rights
If you are a resident of California, you have specific rights regarding your personal information under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). These rights include the right to know, the right to delete, the right to correct, and the right to opt-out of the sale or sharing of your personal information. We do not sell your personal information in exchange for monetary compensation; however, we may share certain information for cross-context behavioral advertising purposes, which may be considered a “sale” under California law. California residents may exercise their rights by submitting a verifiable consumer request as described above. We will not discriminate against you for exercising any of your CCPA/CPRA rights.

Virginia, Colorado, Connecticut, Utah, and Other State Privacy Rights
Residents of Virginia, Colorado, Connecticut, Utah, and other states with comprehensive privacy laws may have similar rights regarding their personal information, including the right to access, delete, correct, and opt-out of certain processing activities. To exercise these rights, please follow the instructions provided in the “Your Rights and Choices” section above.

International Data Transfers
TheHeelRack is based in the United States. Your personal information may be transferred to, stored, and processed in the United States or other countries where our service providers operate. The data protection laws in these countries may differ from those in your country of residence. By using our website or providing us with your personal information, you consent to the transfer of your information to the United States and other jurisdictions for processing in accordance with this Privacy Policy.

Third-Party Links
Our website may contain links to third-party websites or applications that are not owned or controlled by TheHeelRack. This Privacy Policy does not apply to any third-party sites or services. We encourage you to review the privacy policies of any third-party sites or services you visit.