Effective Date: January 3, 2020
Cabaxis, Inc., together with its affiliates, subsidiaries, successors and assigns ("Company," "us," "our," and "we"), is committed to protecting the privacy of individuals who visit the Cabinotch.us and/or[Cabinotch.info websites (collectively, the "Website") operated by Company (collectively, "Visitors"), as well as entities and individuals who purchase products and/or register for accounts on or otherwise actively provide information through the Website or otherwise to Company (collectively, "Customers"). This Privacy Statement describes the Company's information practices in relation to Visitors' and Customers' use of the Website, as well as the purchase of products from Company through the Website. This Privacy Statement also applies to information collected by the Company through offline contacts it may have with Customers and Visitors. Customers and Visitors may at times be referred to in this Privacy Statement as "you." If you have any questions about this Privacy Statement, please contact the Company at firstname.lastname@example.org.
IMPORTANT NOTICE: Please see the information in the Section entitled "Sharing of Information Collected" for an understanding regarding the parties with whom we may share your information, how they will use your information (including for direct marketing purposes), and how you may opt-out of our sharing of your information with these third parties.
1. Your Agreement to this Privacy Statement
Please read this Privacy Statement carefully before you browse and use the Website. Your usage of the Website signifies that you have read, understand, and agree with all of the terms of this Privacy Statement. You may also be required to click-to-agree to this Privacy Statement when taking certain actions on the Website. If you are acting on behalf of an entity, you represent that you have full authority to bind your entity to this Privacy Statement. If you do not have such authority or if you do not agree to all of the terms of this Privacy Statement, do not use the Website. You agree that this Privacy Statement is supported by reasonable and valuable consideration, the receipt and sufficiency of which are hereby acknowledged. Without limiting the generality of the foregoing, you acknowledge that such consideration includes your use of the Website.
2. Modifications to this Privacy Statement
We reserve the right to update and revise this Privacy Statement at any time. We will post any new or revised Privacy Statement here, and you should review this Privacy Statement regularly to make sure that you are aware of its terms. You can determine if this Privacy Statement has been revised since your last visit to the Website by referring to the effective date or last updated date at the top of this Privacy Statement. The Company will also provide notification of significant changes to this Privacy Statement through the Website. In addition, if changes are significant, we may notify you of such changes either (a) via the Personal Information (defined below) that you have provided to us, if any; or (b) by requiring that you click-to-agree to the revised Privacy Statement the next time you log in to use the Website if you have an account for the same. Your use of the Website following such updates or revisions to this Privacy Statement constitutes your acceptance of and agreement to the terms of this Privacy Statement, as updated or revised by us, and the revisions will apply to the Personal Information and Automatically-Collected Information (defined below) collected on and after the date on which we post the updated or revised Privacy Statement. If we intend to use earlier-collected Personal Information and Automatically-Collected Information in accordance with the terms of the revised Privacy Statement, we will request your express consent to do so. We will keep prior versions of this Privacy Statement in an archive for your review upon request.
3. Personal Information Collected
Personally-identifiable information that we may collect includes information such as your name, home or business address, billing address, email address, telephone number, fax number, and other information that could be used to contact you or identify you personally; demographic information (such as your zip code); your username and password; details regarding your entity and its products; your financial information, such as your credit card and debit card numbers and bank routing and account numbers, or information contained in a purchase order you submit to purchase product; and any other information you enter into the Website or provide to us through offline contacts, such as email or phone call (hereafter, "Personal Information"). See additional information below regarding collection and use of your Personal Information.
4. Automatically-Collected Information
As you navigate and browse the Website, the Company automatically collects and stores information about your visit to and use of the Website, such as: The date and time of your visit, the duration of your visit, the type of browser and browser language you use, your Internet Protocol ("IP") address, your mobile device ID, type of computer or other operating device used, the actions you take on the Website (such as the web pages viewed and the links clicked), the websites (if any) from which you linked to the Website, and the website(s) you visit after visiting the Website. All such information is referred to in this Privacy Statement as "Automatically-Collected Information." We collect Automatically-Collected Information through the use of commonly-used information-gathering tools, such as cookies and web beacons, which are discussed in more detail below. Unless otherwise stated in this Privacy Statement, Automatically-Collected Information may be combined with your Personal Information. See information below regarding our use of Automatically-Collected Information to track your online activity and deliver targeted advertising.
5. Collection and Use of Personal Information
Personal Information may be provided by you to us in several ways, including without limitation, when you contact us through the Website, when you express an interest in obtaining additional information about the products we offer; when you create an account through the Website, when you use our Design Library, and/or when you purchase products from us, either through the Website or by submitting an Order Form via fax or mail. In order to engage in any of the foregoing activities, you must provide us your Personal Information.
YOU DO NOT HAVE TO PROVIDE US WITH YOUR PERSONAL INFORMATION TO BROWSE THE WEBSITE, AND WE ONLY COLLECT PERSONAL INFORMATION FROM YOU WHEN YOU VOLUNTARILY PROVIDE IT TO US. YOU ARE NEVER UNDER ANY OBLIGATION TO PROVIDE YOUR PERSONAL INFORMATION. However, if you do not provide your Personal Information, you will not be able to use certain features of the Website, create an account, use our Design Library, or purchase products from us. When you do provide us your Personal Information, you are authorizing us to use that information in accordance with the terms of this Privacy Statement and to store your information on our servers located in the United States.
- Use of Personal Information to Perform Services Requested and to Contact You
The Company uses Personal Information of Customers and Visitors to perform the services requested. For example, if you fill out an Order Form or if you request product information, the Company will use the information provided to contact you about your interest in our products, and if you purchase products from us, we will use your Personal Information to fulfill the order. We may also use your Personal Information to contact you regarding your account and product orders and/or to provide required notices.
- Use of Personal Information for Marketing Purposes
The Company may also use Personal Information of Customers for marketing purposes. For example, the Company may use Personal Information you provide to contact you to further discuss your interest in Cabinotch® products and to send you information regarding the Company and its partners, such as information about promotions or events. At any time, you may request that we stop contacting you for marketing purposes by sending an email with your request to email@example.com. Also, if we use your Personal Information to send you marketing communications, we will provide you with an unsubscribe mechanism to opt-out of receiving future marketing communications. If you request that we not contact you for marketing purposes (either by using the unsubscribe mechanism or by sending us an email), we reserve the right to contact you for non-marketing purposes relating to the product orders and your use of the Website. Please see important information below regarding third parties with whom we share your Personal Information for their direct marketing purposes.
- Use of Financial Information to Fulfill Product Orders
The Company uses financial information solely to collect payment for the products you purchase from us, either through the Website or by submitting an Order Form via fax or mail.
If you purchase products from us through the Website, we provide data encryption during the payment process. We only use your credit card, debit card, or account or other financial information to charge you for products you order through the Website, and we only retain your financial information to complete the order. We do not retain your financial information after the transaction is complete. We use a third-party intermediary to manage payment processing. Our third-party payment processor follows Payment Card Industry ("PCI") standards, and our third–party payment process is PCI-Compliant. Our third-party payment processor is not authorized to use your financial information in any way other than to process payments on our behalf and is required to keep the information confidential.
We only share your financial information with our third-party payment processor, your credit card provider, and financial institutions to process payments.
- Use of Personal Information and Automatically-Collected Information Generally
We also may use both Personal Information and Automatically-Collected Information to help diagnose problems with the Website, to analyze statistical use patterns and demographic data, and to improve our products and services. We may use your Personal Information and Automatically-Collected Information to customize and tailor your experience using the Website, displaying content we think you might be interested in and according to your preferences.
6. Collection and Use of Automatically-Collected Information
The Company uses commonly-used information-gathering tools, such as cookies and web beacons, to collect Automatically-Collected Information as you navigate the Website. This section describes in further detail the types of Automatically-Collected Information the Company may collect and how the Company may use this Automatically-Collected Information.
The Company may use Automatically-Collected Information to operate and improve the Website. We may also use Automatically-Collected Information to track what Visitors and Customers to the Website are looking at most frequently so we can recognize and deliver more of the desired features, products, and services.
The Website uses a feature of your Internet browser called "cookies" to make your interactions with the Website easy and meaningful. When you visit the Website, our servers send a cookie to your computer or other operating device. The cookie is placed on your hard drive or other operating device, and it assigns your computer or operating device a unique, random number that acts as a sort of anonymous ID. Standing alone, cookies do not personally identify you; rather, a cookie identifies the computer or operating device a Customer or Visitor uses to access the Website. A cookie cannot read data off of your hard drive. Unless you choose to identify yourself to us, such as by responding to a promotional offer, opening an account, purchasing product, or filling out a web form, you remain anonymous to the Company when browsing the Website; in other words, the cookie alone with not allow us to identify you personally.
There are two types of cookies: Session-based and persistent-based. Session cookies exist only during one session. They disappear from your computer or operating device when you close your browser software or otherwise end your session. Persistent cookies remain on your computer after you close your browser or otherwise end your session.
We also use third-party persistent cookies to help us deliver advertising based on your online activity, as described in Section 7 below.
Most browsers automatically accept cookies, but you can disable the acceptance of cookies at any time by changing the preferences in your browser. Most browsers also allow you to change the settings to require that the browser notify you when you receive a new cookie. Please refer to your browser for information on how to disable and control cookies. If you disable your web browser's ability to accept cookies, you will be able to browse the Website, but you will not be able to successfully use an account on the Website or use various other features of the Website. Further, note that in order to stop receiving our advertisements based on your online activity, you will need to opt-out of this online tracking, as described in Section 7.
- Web Beacons
The Company uses web beacons alone or in conjunction with cookies to compile Automatically-Collected Information about Customers' and Visitors' usage of the Website, as well as their interaction with emails from the Company. Web beacons are clear electronic images imbedded in a web page, website feature, or email, which can recognize certain types of information on your computer or other operating device, such as cookies, when you viewed a particular website tied to the web beacon, and a description of a website tied to the web beacon. For example, the Company may place web beacons in marketing emails that notify the Company when you click on a link in the email that directs you to the Website. The Company uses web beacons to operate and improve the Website and email communications and to statistically monitor how many people are using the Website and opening our emails and for what purposes. We do not collect Personal Information with web beacons.
- IP Addresses and Mobile Device IDs
When you visit the Website, the Company collects your Internet Protocol ("IP") addresses and mobile device IDs to track and aggregate Automatically-Collected Information. For example, the Company uses IP addresses and mobile device IDs to monitor the regions from which Customers and Visitors navigate the Website. The Company also collects IP addresses and mobile device IDs from Customers when they log into the Website in order to confirm the applicable Customer's identity.
7. Third Party Cookies and Website Analytics; Our Targeted Advertising Practices
We use third-party services, including Google Analytics, Jetpack and Sumo, to track and analyze your Website activity, as well as to track websites you visit after visiting the Website. We do not combine this Automatically-Collected Information with your Personal Information. In order to gather this Automatically-Collected Information, we use a Google Analytics cookie on the Website.
We may also use other third-party services, such as Google AdWords and Google Display Network, to serve online advertisements to you on other websites after you've visited the Website. This practice is known as remarketing, and you will see our advertisements across the Internet unless you opt-out, as discussed below. We, along with third-party vendors (such as Google), use first-party cookies (such as the Google Analytics cookie) and third-party cookies together to inform, optimize, and deliver advertisements based on your online activity, including your past visits to the Website. If you would like to learn more about this program, you can do so here.
If you would like to opt-out of receiving targeted advertisements like this from Google, you can manage these settings by visiting the Google Ads settings page. Also, Google recommends installing the Google Analytics Opt-out Browser Ad-on. Alternatively, you can opt-out by visiting the Network Advertising Initiative opt-out page. Note that even if you opt-out, you may still see Company advertisements, but they will not be delivered based on your online activity.
The advertisements described in this Section are different from marketing communications you will receive if you are on our promotional mailing list, which is discussed in Section 5(b) above.
8. Sharing of Information Collected
The Company may share your Personal Information in the ways described below. Also, note that this Privacy Statement is provided on behalf of Cabaxis, together with its affiliates, and subsidiaries, all of whom may have access to your Personal Information for use in accordance with this Privacy Statement, unless otherwise specifically stated in this Privacy Statement. The Company may also share de-identified, aggregated Automatically-Collected Information without restriction.
- Sales Agents; Third-Party Service Providers
The Company may share Personal Information about Customers and Visitors with the Company's sales agents and other third-party service providers so that these agents and service providers can contact Customers and Visitors who have provided contact information on our behalf to perform certain services for us, fulfill product orders, perform certain marketing on our behalf, and/or perform website analytics services, as described above, or other services relating to the operation of the Website (such as hosting, data storage, and security). The Company may also share Personal Information of our Customers and Visitors with the Company's agents and service providers to ensure the quality of information provided. These third-party service providers are not authorized to use your information in any way other than as described here and are required to keep the information confidential.
- Third-Party Payment Processor
The Company uses a third-party intermediary to manage payment processing. This intermediary is not permitted to store, retain, or use financial information or your other Personal Information except for the sole purpose of payment processing on the Company's behalf. For more information regarding third parties who will have access to your financial information, see the Subsection entitled "Use of Financial Information to Fulfill Product Orders" above.
- Third Parties for Their Direct Marketing Purposes
UNLESS PROHIBITED BY LAW, WE MAY SHARE YOUR PERSONAL INFORMATION WITH THIRD PARTIES SO THAT THEY MAY SEND YOU MARKETING COMMUNICATIONS PROMOTING THEIR PRODUCTS AND SERVICES. Even if you close your account and are no longer a Customer or Visitor, we may continue to share your Personal Information as described in this notice. However, at any time (whether you are a continuing Customer or Visitor or not), you can contact us to limit our sharing of your Personal Information with third parties for their direct marketing purposes. You may contact us to request that we not share your Personal Information with unrelated third parties for their direct marketing purposes. You may also contact us to request that we not share your Personal Information with our affiliates and subsidiaries for their direct marketing purposes. See the Section below entitled "Correcting and Updating Your Information; Opt-Out Rights" for instructions regarding how to contact us to request that we stop sharing your Personal Information with unrelated third parties and/or our affiliates, parent company, and subsidiaries for their direct marketing purposes.
- Merger, Acquisition, or Sale
We may transfer any and all Personal Information and Automatically-Collected Information to a third party if is involved in a merger, acquisition, reorganization, restructuring, or other sale or transfer of all or any portion of its assets or business, whether as a going concern or as part of bankruptcy, liquidation, or similar proceedings in which information of Customers and Visitors is among the assets transferred. In this event, we will, if allowed, use reasonable efforts to notify you when your Personal Information and Automatically-Collected Information is transferred to any third party under this paragraph by posting such notice on the Website, and by contacting you via the Personal Information you have provided us, if any. Unless you consent otherwise, we will require the third party to use your Personal Information in accordance with the promises made in this Privacy Statement, even after the transfer. But any new information you provide after the transfer will likely be subject to a new policy, and you should review that policy.
- Required by Law
Notwithstanding anything to the contrary in this Privacy Statement, the Company reserves the right to disclose your Personal Information and Automatically-Collected Information, without your consent and without additional notice to you, if we reasonably believe we are required by law, rule, regulation, judicial proceeding, court order, subpoena, or similar legal process to do so; if we reasonably believe that disclosure is necessary to protect, establish, or exercise our rights or property, or to defend against legal claims; or if we reasonably believe that disclosure is necessary to protect our other Customers or Visitors or our employees, property, or business, or to take action regarding illegal activities or suspected fraud.
- Public Areas of the Cabinotch Website
The Website contains areas where Customers and Visitors can post content that will be viewed by other Customers and Visitors, such as our blog. You should be aware that when you voluntarily disclose Personal Information on these areas for public viewing, the information may be collected, stored, used, and disclosed by other Customers and Visitors. Such activities are beyond our control, and we shall have no responsibility for or liability regarding the protection or security of such information. Do not post Personal Information that you want to keep private on these areas of the Website.
9. Correcting and Updating Your Information; Opt-Out Rights
- Stop Marketing Communications
See the Subsection entitled "Use of Personal Information for Marketing Purposes" above regarding how to unsubscribe from future marketing communications from us. Also, you may contact us at any time via the contact information shown here to be removed from the list of our Customers whose Personal Information we share with third parties (including unrelated third parties and/or our affiliates and subsidiaries) for their direct marketing purposes.
2400 Calhoun Rd
Owensboro, KY 42301
- Stop Targeted Online Advertisements
See Section 7 above regarding how to opt-out of receiving targeted Company advertisements based on your online activity.
- Review and Modification of Information; Deleting Information
Customers may update or change their Personal Information by editing their user or organization record, or by sending us an email request to firstname.lastname@example.org.
To update a billing profile, please visit your account on the Website. In addition to updating your billing information, you can also change the form of electronic payment processing you desire.
If you want to close your account and/or ask us to delete your Personal Information from our databases, please contact us at email@example.com. Upon receipt of your request to delete or to change your Personal Information, we will use commercially-reasonable efforts to remove your existing Personal Information from our databases, but see the Section entitled "Retention and Storage" below regarding why we may retain some information. Please note that your account and all features of the Website may not function properly if we remove any or all of your Personal Information.
10. Intended Users of the Cabinotch Website
The Website is intended for adults only. By accessing, browsing, or using the Website, you affirm (i) that you are eighteen (18) years old or older, or that you are between the ages of thirteen (13) and seventeen (17) and possess legal parental consent or guardian consent to use the Website and provide information through the Website; (ii) that you are a United States or Canadian resident; and (iii) that you have authority to agree to this Privacy Statement and are competent and capable of understanding and complying with this Privacy Statement. The Website is not directed at children under the age of thirteen (13), and children under age thirteen (13) are prohibited from using the Website. The Company does not and will not knowingly permit submission of Personal Information by anyone under thirteen (13) years of age through the Website. The Company does not and will not knowingly contact children under the age of thirteen (13) for marketing purposes. If we learn that we have received Personal Information or Automatically-Collected Information from a child under age thirteen (13), we will delete that information from our files.
11. Security; Disclaimer
The Company uses commercially-reasonable physical, electronic, and managerial security measures to assist in protecting against the loss, misuse, and unauthorized alteration of Personal Information that is under our control. When the Website is accessed using Internet Explorer version 8.0 or later, Firefox version 2.0 or later, or Safari version 5.0 or later, Secure Socket Layer ("SSL") technology protects your Personal Information using both server authentication and data encryption during transmission. These technologies help ensure that your Personal Information is safe, secure, and only available to you through use of your username and password. The Company hosts the Website in a secure server environment that uses firewalls and other advanced technology to prevent interference or access from outside intruders. The Company also offers enhanced security features that permit Customers to configure security settings to their level of comfort.
Here are additional details regarding the security measures we take:
- Physical Security
Our production equipment is collocated at a facility that provides 24-hour physical security, redundant electrical generators, and other backup equipment designed to keep servers continually up and running.
- Data Encryption
The Company leverages encryption products to protect customer data and communications, including 256-bit irreversible SSL Certification. The lock icon in the browser indicates that data is shielded from access while in transit.
- Customer Authentication
Customers access accounts on the Cabinotch Website only with a valid and unique username and password combination, which is encrypted via SSL while in transmission. Customers must enter their username and password for each log in.
- Operation System Security
The Company provides operating system-level security by using a minimal number of access points to all production servers. We protect all operating system accounts with strong passwords, and production servers do not share a master password database. All operating systems are maintained at each vendor's recommended patch levels for security and are hardened by disabling and/or removing any unnecessary users, protocols, and processes.
- Database Security
Whenever possible, database access is controlled at the operating system and database connection level for additional security. Access to production databases is limited to a number of points, and production databases do not share a master password database.
- Server Management Security
Company employees do not have direct access to the Company's server production equipment, except where necessary for system management, maintenance, monitoring, and backups. The Company's engineering team provides all system management, maintenance, monitoring, and backups.
The safety and security of your Personal Information also depends on you. Customers are responsible for keeping usernames and passwords confidential. Also, you should not send us sensitive Personal Information via email, as this is not secure. Please notify us if you become aware that your Personal Information is lost, stolen, or used without permission; we may disable access to your account in order to prevent an unauthorized third party from accessing your account. Further, in the event of an unauthorized use of your financial information, you should contact our card issuer and/or bank immediately.
DISCLAIMER: Unfortunately, no data storage system, or system of transmitting data over the Internet or wireless network, can be guaranteed to be 100% secure, and no security system can prevent all security breaches. As a result, we do not and cannot guarantee the security of our servers or any Personal Information or Automatically-Collected Information provided to us in connection with your use of the Website. Any transmission of your Personal Information and Automatically-Collected Information to us through the Website is at your own risk.
12. Security Researchers: Website Vulnerability Reporting Policy
Security researchers seeking information on how to report security issues to the Company should review and comply with the following:
The Company acknowledges the valuable role that independent security researchers play in Internet security. Keeping our Customers' and Visitors' data secure is important to us, and we encourage responsible reporting of any vulnerabilities that may be found in the Website. The Company is committed to working with the security community to verify and respond to any potential vulnerabilities that are reported to us. Additionally, the Company pledges not to initiate legal action against security researchers for penetrating or attempting to penetrate our systems as long as they adhere to the following conditions:
- Testing for Security Vulnerabilities
Conduct all vulnerability testing against demonstration websites of our online services to minimize the risk to our Customers' and Visitors' data. Request domain names for demonstration websites at firstname.lastname@example.org.
- Reporting a Potential Security Issue
Privately share details of the suspected vulnerability with the Company by sending an email to email@example.com. Provide full details of the suspected vulnerability so the Company may validate and reproduce the issue.
- The Company does not permit the following types of research:
- Causing, or attempting to cause, a Denial of Service (DoS) condition.
- Accessing, or attempting to access, data or information that does not belong to you.
- Destroying or corrupting, or attempting to destroy or corrupt, data or information that does not belong to you.
- Company's Commitment to Security Researchers:
To all security researchers who follow this Vulnerability Reporting Policy, Company commits to the following:
- To respond in a timely manner, acknowledging receipt of your report
- To provide an estimated time frame for addressing the vulnerability
- To notify the reporting individual when the vulnerability has been fixed
- No Compensation
The Company does not compensate people for reporting security vulnerabilities, and any requests for such compensation will be considered a violation of the conditions above.
13. Retention and Storage
See the Subsection entitled "Use of Financial Information to Fulfill Product Orders" above regarding retention of your financial information to complete product purchases you initiate. We may retain all other Personal Information and Automatically-Collected Information in our databases until you ask us to remove your information from our databases, unless applicable laws require otherwise. Note that even after you ask us to remove your information from our databases, it may be impossible to remove some information, such as information tracked in our web server log files and information that may reside in backup files. This residual information is retained to preserve the integrity of our backed-up files. We may also retain Automatically-Collected Information even after you request that we remove your information from our databases, for use in the aggregate and to analyze and improve the Website. Your Automatically-Collected Information may be retained for the purpose of serving targeted online advertising to you until you opt-out of receiving these advertisements, as described in Section 7 above. Further, even after you request that we remove your information from our databases, we may retain Personal Information and Automatically-Collected Information to comply with any applicable law, rule, regulation, or guideline; to prevent fraudulent activity; to protect ourselves against liability; and to allow us to enforce our contractual or other rights and to pursue available remedies and limit any damages we may sustain.
This Privacy Statement applies only to Personal Information and Automatically-Collected Information collected through the Website. The Website may contain links to other websites that are not owned or controlled by us ("Linked Sites"). We are not responsible or liable for and have not reviewed the privacy practices of the Linked Sites, or the owners or operators of the Linked Sites. The owners and operators of the Linked Sites may have their own policies regarding privacy and security. We advise you to review any Linked Sites for their own privacy practices to determine what information about you may be collected and used when you use such Linked Sites.
If any part of this Privacy Statement is determined to be invalid or unenforceable pursuant to applicable law, then the invalid or unenforceable provision will be deemed superseded by a valid, enforceable provision that most closely matches the intent of the original provision, and the remainder of the Privacy Statement shall continue in full force and effect.
16. Contacting Us
Questions regarding this Privacy Statement or the information practices pertaining to the Website should be directed to Cabaxis at 2400 Calhoun Rd, Owensboro, KY 42301; Email: firstname.lastname@example.org.
© 2020 Cabaxis Inc. All rights reserved.