When processing your Personal Identifiable Information (PII), we make sure to comply with the General Data Protection Act (“GDPR”), the Washington Privacy Act (“WPA”) and of course only as described herein.
The controller within the meaning of the GDPR and WPA is:
Still Alive Supply Co.
300 Lenora Street PMB 678,
Seattle WA 98121, USA
Your data is only processed if the following legal permissions exist:
• in order to provide our contractual services and website and online services;
• processing is required by law;
• with your consent; and
• on the basis of our legitimate interests (i.e., interest in the analysis, optimization and economic operation and security of our website and shop, in particular in measuring reach, creating profiles for advertising and marketing purposes, and collecting access data and using third-party services).
The above legal bases are set out as follows:
• the fulfilment of our services and implementation of contractual measures;
• the fulfilment of our legal obligations; or
• our legitimate interests.
In connection with our processing of your data, you have the following rights:
• Right to information;
• Right to have inaccurate or incomplete PII corrected;
• Right to erasure;
• Right to restrict processing;
• Right to object to the processing;
• Right to data portability;
• Right to revoke consent; and
• Right to complain.
The above rights may be limited in some circumstances, for example, if fulfilling your request would reveal PII about another person, if you ask us to delete information which we are required to have by law, or if we have compelling legitimate interests to keep it. We will let you know if that is the case and will then only use your information for these purposes. You may also be unable to continue using our services if you want us to stop processing your PII. Please contact us at any time with questions and suggestions regarding data protection and to enforce your rights as a data subject.
When you access our website, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automated deletion: IP address of the requesting computer, Date and time of access, Name and URL of the accessed file, website from which the access was made (referrer URL), browser used and, if applicable, the operating system of your computer as well as the name of your access provider.
The aforementioned data is processed by us for the following purposes: Ensuring a smooth connection setup of the website, evaluation of system security and stability as well as for other administrative purposes. The legal basis for the data processing is our legitimate interest.
To provide our website and shop, we use the services of Webflow who process the above-mentioned data and all data to be processed in connection with our website on our behalf. The legal basis for data processing is our legitimate interest in providing our website and shop.
We use Google Tag Manager, a web analytics service provided by Google, Inc. This service allows website tags to be managed via an interface. The Google Tag Manager only implements tags. No cookies are set, and no PII is collected. The Google Tag Manager triggers other tags that may collect data. The Google Tag Manager does not access this data. If a deactivation has been made at domain or cookie level, it remains in place for all tracking tags, insofar as these are implemented with the Google Tag Manager. More information on the Google Tag Manager can be found at the following link: http://www.google.com/tagmanager/use-policy.html.
PII is collected and processed if you provide it to us for the performance of a contract. Which data is collected can be seen from the respective input forms. We store and use the data provided by you for the purpose of processing the contract. After the contractual obligations are fulfilled, your data will be in accordance with applicable tax and commercial law retention periods blocked and deleted after expiry of these periods, unless you have expressly consented to further use of your data.
If you create an account, you consent to the storage of your account and log-in. This allows us to identify you as a user and gives you the opportunity to manage your account, use our services and manage your orders. Your data will be processed on the basis of your consent.
For optimal customer support, we use first name, last name, e-mail address, and the data related to your contract with us. This data processing is based on our legitimate interest in providing our customer service.
If you make a purchase your payment will be processed via the payment service provider Stripe and payment will solely be processed through the payment system of Stripe. The legal basis for the provision of a payment system is the establishment and implementation of the user contract for the use of the service.
By using our services and ordering in our shop, you are giving your consent to receiving contractual notifications and invoices per email. Those typically include administrative information about your account, and orders. The legal bases are to provide you with our services and your consent.
If you register for our e-mail newsletter, we will send you regular information about our offers. Mandatory information for sending the newsletter is only your e-mail address. When you register for the newsletter, we store your IP address as well as the date and time of registration in order to be able to track any possible misuse of your e-mail address at a later date. You can unsubscribe from the newsletter at any time via the link provided in the newsletter or by sending us a message. The legal basis is your consent.
We commission other companies and individuals to perform tasks for us. Within the scope of this so-called commissioned processing, our business partners are carefully selected by us and are contractually obligated to us in accordance with the legal provisions of the WPA and GDPR to handle your data in a trustworthy manner and to comply with our own data protection standards.
In particular, our partners are not permitted to pass on our customers' data to third parties for advertising purposes or to use it commercially themselves. Within the scope of so-called order processing, we pass on your data to the following recipients in particular, IT service providers, Cooperation partners, Credit institutions, Logistics service providers, postal & courier service providers, Management consultants / auditors / tax consultants. The transfer is primarily for the purpose of providing you with the requested services.
In the case of transfer abroad, the companies commissioned by us have been obligated to comply with data protection by means of corresponding clear contracts. You can obtain information about which categories of customer data have been processed at any time. A data protection agreement based on standard contractual clauses has been concluded with both companies and the companies have been committed to data protection. We regularly check compliance with the agreement on site.
We use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
However, as with all databases or data sets that include PII, those may be breached inadvertently or through wrongful intrusion. Upon becoming aware of a data breach, we will notify all affected individuals whose PII may have been compromised, and the notice will be accompanied by a description of action being taken to reconcile any damage as a result of the data breach. Notices will be provided as expeditiously as possible after which the breach was discovered.
In order to run our business economically, to identify market trends, customer and user wishes, we analyze the data available to us on business transactions, contracts, enquiries, etc. In doing so, we process inventory data, communication data, contract data, payment data, usage data, metadata whereby the persons concerned include customers, interested parties, business partners, visitors, and users of the online offer. The analyses are carried out for the purposes of business management evaluations, marketing, and market research.
In doing so, we may take into account the profiles of registered users with details, for example, of their purchasing transactions. The analyses serve us to increase user-friendliness, to optimize our offer and business efficiency and are not disclosed externally, unless they are anonymous analyses with summarized values.
If these analyses or profiles are personal, they will be deleted or made anonymous upon termination by the user, otherwise after 2 years from conclusion of the contract. In all other respects, the macroeconomic analyzes and general trend determinations are prepared anonymously wherever possible.
Based on our legitimate interest, we are present in various "social media" networks in order to communicate with our users, interested parties and users registered there and to be able to inform them about our offers there. We would like to point out that you use these platforms and their functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g., commenting, sharing, rating).
If you believe that the information, we hold about you is inaccurate or that we are no longer entitled to use it and want to request its rectification, deletion, or object to its processing, please do so in your account if applicable or by contacting us. For your protection and the protection of all of our users, we may ask you to provide proof of identity before we can answer the above requests.
Keep in mind, we may reject requests for certain reasons, including if the request is unlawful or if it may infringe on trade secrets or intellectual property or the privacy of another user. Also, we may not be able to accommodate certain requests to object to the processing of personal information, notably where such requests would not allow us to provide our service to you anymore.
Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage no uniform technology standard for recognizing and implementing DNT signals has been finalized.
We do not sell data to third parties. However, we might, making available, transfer, communicate electronically, consumer’s personally identifiable information by the business to a business affiliated inclusive with a third party but not for monetary but for other valuable consideration.
Our services are restricted to users who are 18 years of age or older. We do not knowingly collect PII from anyone under the age of 18. If you suspect that a user is under the age of 18, please contact us.
Because we’re always looking for new and innovative ways to improve our website and services, this policy may change over time. We will notify you before any material changes take effect so that you have time to review the changes.