This policy applies to information we collect through any medium, including, but not limited to, information:
- On this Site
- In email, text, and other electronic messages between you and the Site
- Through mobile and desktop applications you download from this Site, which provide dedicated non-browser-based interaction between you and this Site
- When you interact with our advertising and applications on third-party websites and services, if those applications or advertising include links to this policy
It does not apply to information collected by:
- Us offline or through any other means, including on any other Site operated by Company or any third party (including our affiliates and subsidiaries); or
- Any third party (including our affiliates and subsidiaries) including through any application or content (including advertising) that may link or be accessible from or on the Site.
4. POLICY APPLICABLE TO ONLINE ACTIVITIES ONLY
5. PERSONAL INFORMATION WE MAY COLLECT
TYPES OF INFORMATION COLLECTED. We may ask you for certain information referred to on this Site as “Personal Information,” which includes information that pertains to your identity. Such information may include, but is not limited to, items such as your name, address, date of birth, age, gender, e-mail address, telephone number, or credit card or debit card number information. You may be required to provide Personal Information to access or use certain parts of our Website or features of the Site. If you do not provide the requested Personal Information, you may not be able to access or use the features of the Site where such information is requested. This Site will also collect information about you but does not individually identify you.
6. GENERAL INFORMATION WE MAY COLLECT
TYPES OF INFORMATION COLLECTED. There may be other instances in which we collect information from you that is more general in nature (“General Information”). Such information may include your Internet Protocol (IP) address, which enables us to identify your computer or device on a Transmission Control Protocol/Internet Protocol (TCP/IP) network, which includes the World Wide Web. Your computer has an IP address, which is required in order for you to communicate with others via the Internet. Such General Information, including the “Click Stream Data” (defined below) and cookies, as mentioned below, may be collected from you whenever you access the Site, whether or not you provide us with any Personal Information.
6.1. Click Stream Data
When you visit our Website we may also collect “Click Stream Data” (server address, domain name). This information can be combined with information you have provided to us by registering, for example, which will enable us to analyze and better customize your visits. We may use Click Stream Data for traffic analysis or e-commerce analysis of our Website, to determine which features of our Site are most or least effective or useful to you.
6.3 Clear GIF’s
We may use “clear GIFs” (aka “Web beacons” or “pixel tags”) or similar technologies, in the Site and/or in our communications with you to enable us to know whether you have visited a Web page or received a message. A clear GIF is typically a one-pixel, transparent image (although it can be a visible image as well), located on a Web page or in an e-mail or other type of message, which is retrieved from a remote site on the Internet enabling the verification of an individual’s viewing or receipt of a Web page or message. A clear GIF may enable us to relate your viewing or receipt of a Web page or message to other information about you, including your Personal Information.
6.4 How We Respond to “Do Not Track” Disclosures
We may utilize geolocation (identifying your geographical location by means of digital information that is processed through the internet) to track visitors to our Website. Geolocation is used to track the number of visitors to our Website which may be accessible by third parties and for marketing purposes.
7. GENERAL INFORMATION YOU PROVIDE US
There are instances in which you will provide information to us and the information we collect on or through our Site as a result may include:
- Information that you provide by filling in forms on our Site. This includes information provided at the time of registering to use our Site, subscribing to our service posting material or requesting further services. We may also ask for your information when you enter a contest or promotion sponsored by us, and when you report a problem with our Site.
- Records and copies of your correspondence (including email addresses) if you contact us.
- Your responses to surveys that we might ask you to complete for research purposes.
- Details of transactions you carry out through our Site and of the fulfillment of your orders.
- You may be required to provide financial information before placing an order through our Site.
- Your search queries on the Site.
You also may provide information to be published or displayed on public areas of the Site, or transmitted to other users of the Site or third parties (collectively “User Contributions”). Your User Contributions are posted on and transmitted to others at your own risk. Although we limit access to certain pages, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Site with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.
8. USE GENERAL INFORMATION ABOUT YOU
We may primarily use the Personal Information you provide and any General Information we receive from you to provide products and services to you, including, but not limited to, the following:
- To administer a content promotion survey or other Site and to provide you with the relevant products or services (for example, to deliver a prize you may have won in a contest).
- To send you information or materials via e-mail about products, offers, and news we think might interest you. This information may relate to products, offers, and news of Company or its licensees or selected commercial partners. We send you this only if you have single-opted-in to receive e-mails from our Website. A single-opt-in occurs when you only need to submit your email address to register for our Website and subscribe to any related mailings. If you no longer wish to receive any e-mails from us, or if you want to modify your personal data or want your personal data to be deleted from our database, see Sections 14 and 15.
- To analyze visits to the Website and learn about the interests of our visitors in aggregate and also on a personal level to better understand your interests and needs, so we can improve our products and services and deliver to you the type of content, features and promotions that you are most interested in.
9. PROTECTION OF YOUR PERSONAL INFORMATION AND GENERAL INFORMATION
We implement and maintain appropriate security measures in order to protect both the Personal Information and the General Information that we receive from you through our Website. Please keep in mind, however, that whenever you give out, or have Personal Information collected online there is a risk that third parties may intercept and use that information. While the Website strives to protect your Personal Information and privacy, we cannot guarantee the security of any information you disclose online. By using this Site, you expressly acknowledge and agree that we do not guarantee the security of any data provided to or received by us through this Site and that any Personal Information, General Information, or other data or information received from you through the Site is provided to us at your own risk, which you expressly assume.
10. RIGHT TO OPT IN AND OPT OUT
You have the right to “opt in” and “opt out” of certain of our uses of your Personal Information, including by contacting us at firstname.lastname@example.org or by submitting a request in writing to Aura International Limited located at 1702 Waga Commercial Centre, 99 Wellington Street, Hong Kong SAR; Attn: Compliance Department. At the time you are requested to provide Personal Information on this Site, you will have the opportunity to elect to, or not to: (1) receive correspondence from us, or (2) have your Personal Information shared with other entities for their marketing purposes. You may also make this request by sending an e-mail to email@example.com. Users may opt not to receive our electronic newsletters or those of third parties when providing Personal Information. Users who opt in may remove themselves from mailing lists at any time through the account-management pages or by following the instructions at the end of the e-mail they received from us. If you opt not to provide certain Personal Information when registering for or using our Site, however, you may not be able to use some of our services such as message boards.
Please understand that if you opt out of receiving promotional correspondence from us, we may still contact you in connection with your relationship, activities, transactions and communications with us. Also, a request to have us stop sharing your Personal Information with other entities for marketing purposes will only apply as of the date of your request, and we will not be responsible for any communications that you may receive from entities that received your Personal Information prior to such request. In these cases, please contact that entity directly.
11. NO USE OF THIS SITE BY PERSONS UNDER 18 PERMITTED
11.1. Registration Declined
11.2. Notice Concerning Children
PLEASE NOTE: We are a general audience Site, and do not direct any of our content specifically at children under 13 years of age. We understand and are committed to respecting the sensitive nature of children’s privacy online. If we are given notice or have reason to suspect that a Site user is under age 13, we will timely delete any Personal Information in that user’s account.
12. THIRD PARTIES
12.1. Sharing Information With Persons or Entities Who Manage This Website
Our global and local Websites and the Personal Information and General Information collected are managed and controlled by Aura International Limited located at 1702 Waga Commercial Centre, 99 Wellington Street, Hong Kong SAR. The servers that make Company’s global and local Websites available are located in North America. We utilize a Content Delivery Network based on the location you access our Website from.
12.2. Disclosing Information to Third Parties
WHO MAY HAVE ACCESS TO YOUR INFORMATION. Other than to the companies belonging to, or affiliated with us for the purposes set out above, and except as described in this Policy, we do not sell, trade, or otherwise transfer your Personal Information or General Information to third parties without informing you in advance. We provide some of our services through contractual arrangements with affiliates, services providers, partners and other third parties (collectively, “Service Partners”). Our Service Partners may use your Personal Information to operate our Sites and to deliver their services. For example, your data may be transferred to Website hosting partners and other parties who assist us in designing and operating the Website, executing services (such as for prize fulfillment), or helping us analyze collected data. These parties will only use your data for the purpose of carrying out the work as agreed with us and will be required to keep the information confidential. We will encourage our Service Partners to adopt and post privacy policies. However, the use of your Personal Information by our Service Partners is governed by the privacy policies of those Service Partners and is not subject to our control. Please also see Paragraph 6.4 on how we will respond to “do not track” signals.
RELEASE OF INFORMATION. We may release Personal or General Information without your consent for security purposes, when required by law, or to prevent imminent harm to any person or entity. We will disclose Personal or General Information upon receipt of a court order or subpoena, or to cooperate with a law enforcement investigation, which may include responding to requests and court orders from jurisdictions outside the United States. We fully cooperate with law enforcement agencies in identifying those who use our services for illegal activities. We reserve the right to report to law enforcement agencies any activities that we in good faith believe to be unlawful, as determined in our sole discretion. Release of your personal data or Personal Information for security purposes, as described in this agreement to any person or entity under any circumstances shall be based on a determination made solely by us, exercising our own discretion, permission for which is expressly granted by you to us in accordance with this Policy.
12.4. Links to Third Parties
13. AUTOMATIC COLLECTION
COOKIES. In addition to Section 6.2 above, cookies are also used for such activities as remembering your username and password, if you use such a feature on this Site. You can turn off all cookies, in case you prefer not to receive them. You can also have your computer warn you whenever cookies are being used. For both options you have to adjust your browser settings (such as Chrome, Safari, Firefox, Internet Explorer, or other browser). There are also software products available that can manage cookies for you. Please be aware, however, that when you choose to reject cookies, this choice may limit the functionality of the Website you visit and you may lose access to some of its features.
14. DELETING OR MODIFYING PERSONAL INFORMATION
CHANGING YOUR INFORMATION. You may cancel your account or any associated registration information at any time, and you may opt out of receiving any e-mails us. Additionally, you can choose to have all your Personal Information deleted from our database. You may opt out or delete your Personal Information and unsubscribe from our marketing materials, by clicking the ‘unsubscribe’ link located on our marketing e-mails and following the instructions provided. We encourage you promptly to update your Personal Information when it changes or utilize the ‘unsubscribe’ link to discontinue receiving marketing information from us.
15. YOUR CALIFONIA PRIVACY RIGHTS
15.1 California Shine The Light Law
We may from time to time elect to share certain “personal information” (as defined by California’s “Shine The Light” law) about you with third parties for those third parties’ direct marketing purposes. California Civil Code Section 1798.83 permits California residents who have supplied personal information, as defined in the statute, to us to, under certain circumstances, to request and obtain certain information regarding our disclosure, if any, of personal information to third parties for their direct marketing purposes. If this applies, you may obtain the categories of personal information shared and the names and addresses of all third parties that received personal information for their direct marketing purposes during the immediately prior calendar year (e.g. requests made in 2017 will receive information about 2016 sharing activities). To make such a request, please provide sufficient information for us to determine if this applies to you, attest to the fact that you are a California resident and provide a current California address for our response. You may make this request in writing at:
Aura International Limited Customer Service
1702 Waga Commercial Centre, 99 Wellington Street, Hong Kong SAR
Attn: Privacy Compliance
Or email: firstname.lastname@example.org
Any such request must include “California Privacy Rights Request” in the first line of the description and include your name, street address, city, state, and ZIP code. Please note that we are only required to respond to one request per customer each year, and we are not required to respond to requests made by means other than through this e-mail address or mail address.
15.2 California Consumer Privacy Act (CCPA)
The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
We may from time to time collect the following categories of “personal information” (as defined by the California Consumer Privacy Act) about you: name, address, phone number, email, IP address, geolocation, purchase history, unique personal identifier, browser type, operating system, information about your use of the Site, and demographic information (including employment-related information) for the purposes of processing orders and administering your account, responding to Customer Service requests, and to better understand your needs and interests and improve marketing and promotional efforts of our products and services. We do not sell your personal information. We may from time to time elect to share personal information about you with third party vendors to perform certain functions on our behalf.
California residents may request the personal information collected or shared by Aura International Limited, and/or request that their personal information be deleted. We will not discriminate against California consumers for exercising their CCPA rights. California residents may request disclosure and/or deletion of personal information by filling out and submitting a request via our CCPA Request Form or calling +(852) 3565 4988.
Only you may make a consumer request related to your personal information. You may also make a consumer request on behalf of your minor child.
Your request must provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information, or are an authorized representative. You may only make a consumer request for disclosure twice within a 12 month period.
16. QUESTIONS OR COMMENTS
17. EU CITIZENS; GDPR ADDENDUM
Last updated June 1, 2020
PLEASE READ THIS EU DATA PROCESSING ADDENDUM (“ADDENDUM”) CAREFULLY BEFORE USING THE WEBSITE, SOFTWARE OR SERVICES OFFERED BY AURA INTERNATIONAL LTD. D/B/A CARAM (“AURA INTERNATIONAL LIMITED” OR “COMPANY”). THIS ADDENDUM SHALL APPLY TO THE EXTENT AURA INTERNATIONAL LIMITED IS A PROCESSOR OF PERSONAL DATA (DEFINED BELOW) THAT IS SUBJECT TO CERTAIN DATA PROTECTION LAWS (DEFINED BELOW). YOU OR THE ENTITY YOU REPRESENT AGREE THAT YOU HAVE READ AND ACCEPT THE TERMS IN THIS ADDENDUM, WHICH SUPPLEMENT AURA INTERNATIONAL LIMITED’S TERMS OF SERVICE AVAILABLE AT WWW. CARAM.DE/TERMS-OF-USE (“TERMS OF SERVICE”).
IF YOU OR DO NOT UNCONDITIONALLY AGREE TO ALL THE TERMS AND CONDITIONS OF THIS ADDENDUM, YOU HAVE NO RIGHT TO USE AURA INTERNATIONAL LIMITED’S SERVICES AND MUST NAVIGATE AWAY FROM THIS PAGE.
This Addendum supplements the Terms of Service whenever any user of Aura International Limited’s Services provides Aura International Limited with personal data that is or will be subject to Data Protection Laws (for the purposes of this Addendum, each user who does so shall be referred to as a “Controller”). Any terms not defined in this Addendum shall have the meaning set forth in the Terms of Service. In the event of a conflict between the terms and conditions of this Addendum and the Terms of Service, the terms and conditions of this Addendum shall supersede and control.
Definitions 1.1 “Data Subject” means any individual about whom Personal Information may be processed under these terms.
1.2 “Data Protection Legislation” means the GDPR (as defined below), together with any national implementing laws in any Member State of the European Union or, to the extent applicable, in any other country, as amended, repealed, consolidated or replaced from time to time.
1.3 “GDPR” means the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
1.4 “Personal Information” means personal data (as defined under the Data Protection Legislation) that are subject to the Data Protection Legislation and that you authorize Aura International Limited to collect in connection with Aura International Limited’s service terms.
1.5 “Process” or “Processing” means any operation or set of operations performed on Personal Information or on sets of Personal Information, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaption or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction of Personal Information.
1.6 “Security Incident” means a breach of security of the Service or Aura International Limited’s systems used to Process Personal Information leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Information transmitted, stored or otherwise Processed by Aura International Limited in the context of this Addendum.
1.7 “Sensitive Information” means Personal Information revealing a Data Subject’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data, sex life or sexual orientation.
2. Limitations on Use. Aura International Limited will Process Personal Information solely on your behalf and in accordance with the Agreement, this Addendum and any other documented instructions from you (whether in written or electronic form), or as otherwise required by applicable law. Aura International Limited is hereby instructed to Process Personal Information to the extent necessary to enable Aura International Limited to provide the Service in accordance with the Agreement. In case Aura International Limited cannot process Personal Information in accordance with your instructions due to a legal requirement under any European Union or Member State law to which Aura International Limited is subject, Aura International Limited shall (i) promptly notify you in writing (including by e-mail) of such legal requirement before carrying out the relevant Processing, to the extent permitted by the applicable law; and (ii) cease all Processing (other than merely storing and maintaining the security of the affected Personal Information) until such time as you provides Aura International Limited with new instructions. you will be responsible for providing any necessary notices to, and obtaining any necessary consents from, Data Subjects whose Personal Information is provided by you to Aura International Limited for Processing pursuant to this Addendum. You acknowledge that the Service are not intended or designed for the Processing of Sensitive Information, and you agree not to provide any Sensitive Information through the Service.
3. Security. Aura International Limited shall implement, and maintain throughout the term of the Addendum at all times in accordance with then current good industry practice, appropriate technical and organizational measures to protect Personal Information in accordance with Article 32 of the GDPR. On request, Aura International Limited shall provide you with a written description of the security measures being taken. The Service provides reasonable technical and organizational measures that have been designed, taking into account the nature of its Processing, to assist you in securing Personal Information Processed by Aura International Limited.
4. Data Subject Requests . You are responsible for handling any requests or complaints from Data Subjects with respect to their Personal Information Processed by Aura International Limited under this Addendum. Aura International Limited will notify you promptly and in any event no less than fifteen (15) business days’ notice, unless prohibited by applicable law, if Aura International Limited receives any such requests or complaints. The Service include technical and organizational measures that have been designed, taking into account the nature of its Processing, to assist customers, insofar as this is possible, in fulfilling their obligations to respond to such requests or complaints.
5. Regulatory Investigations. At your request, Aura International Limited will assist you in the event of an investigation by a competent regulator, including a data protection regulator or similar authority, if and to the extent that such investigation relates to the Processing of Personal Information by Aura International Limited on your behalf in accordance with this Addendum. Aura International Limited may charge a reasonable fee for such requested assistance except where such investigation arises from a breach by Aura International Limited of the Agreement or this Addendum, to the extent permitted by applicable law.
6. Security Incident. In the event that Aura International Limited becomes aware of a Security Incident, Aura International Limited will notify you promptly and in any event no later than forty-eight (48) hours after Aura International Limited discovers the Security Incident. In the event of such a Security Incident, Aura International Limited shall provide you with a detailed description of the Security Incident and the type of Personal Information concerned, unless otherwise prohibited by law or otherwise instructed by a law enforcement or supervisory authority. Following such notification, Aura International Limited will take reasonable steps to mitigate the effects of the Security Incident and to minimize any damage resulting from the Security Incident. At your request, Aura International Limited will provide reasonable assistance and cooperation with respect to any notifications that you are legally required to send to affected Data Subjects and regulators. Aura International Limited may charge a reasonable fee for such requested assistance.
7. Sub-Processors. You agree that Aura International Limited may disclose Personal Information to its subcontractors for purposes of providing the Service (“Sub-Processors ”), provided that Aura International Limited (i) shall enter into an agreement with its Sub-Processors that imposes on the Sub-Processors obligations regarding the Processing of Personal Information that are at least as protective of Personal Information as those that apply to Aura International Limited hereunder, including requiring the Sub-Processors to only process Personal Information to the extent required to perform the obligations sub-contracted to them, and (ii) shall remain fully liable for all obligations subcontracted to, and all acts and omissions of, the Sub-Processors. If you object to a new Sub-processor, as permitted in the preceding sentence, Aura International Limited will use reasonable efforts to make available to you a change in the Service or recommend a commercially reasonable change to your configuration or use of the Service to avoid Processing of Personal Data by the objected-to new Subprocessor without unreasonably burdening you. If Aura International Limited is unable to make available such change within a reasonable period of time, which shall not exceed thirty (30) days, either party may terminate the component of the Service which cannot be provided by Aura International Limited without the use of the objected-to new Sub-processor by providing written notice to the other party. 8. Data Transfers. In connection with the performance of the Agreement, you authorize Aura International Limited to transfer Personal Information to the United States. You and Aura International Limited will enter into Standard Contractual Clauses for the Transfer of Personal Data to Processors Established In Third Countries pursuant to Commission Decision 2010/87/EU of 5 February 2010 Countries (“Model Contract “), attached hereto as Exhibit A.
8. Information . Aura International Limited shall make available to you all information necessary to demonstrate compliance with the obligations laid down in this Addendum and allow for and contribute to audits, including inspections, conducted by you or an auditor mandated by you. Aura International Limited shall immediately inform you if, in its opinion, an instruction infringes the Data Protection Legislation.
9. Return or Disposal. Upon termination of your User Account for any reason, Aura International Limited will return or destroy Personal Information at your request and choice.
10. Limitation of Liability. The total liability of Company (and its respective employees, directors, officers, affiliates, successors, and assigns), arising out of or related to this Addendum, whether in contract, tort, or other theory of liability, shall not, when taken together in the aggregate, exceed the limitation of liability set forth in the Terms of Service.