Privacy Policy

DATA PRIVACY TRANSPARENCY STATEMENT

PAIR NETWORKS, INC. D/B/A PAIR DOMAINS – DOMAIN NAME REGISTRAR

Effective Date: July 9, 2018

pair Networks, Inc. d/b/a pair Domains has prepared this data privacy transparency statement (this “Transparency Statement”) on behalf of itself and our affiliate, Ryousha Kokusai, LLC d/b/a pair International (collectively, “we”“our”, and/or “pair”), to provide our customers, their employees, and any affected data subjects important information about the personal data we collect, receive, transfer, and process in the course of providing our services as an Internet domain name registrar (our “Domain Name Services”).

pair complies with the EU-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. pair has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. Accordingly, pair is committed to apply the Privacy Shield Principles to all Personal Data received from the European Union and Switzerland in reliance on the Privacy Shield. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/list. The Federal Trade Commission is the legal authority that has jurisdiction over pair Networks’ compliance with the Privacy Shield. pair Networks may have potential liability in cases of onward transfer to third parties. Please direct any Privacy Shield inquiries or complaints to abuse@pairdomains.com.

In this Transparency Statement, you will find information about the types of personal data we collect regarding you ((A) as the owner of a registered pair user account through which you may register Internet domain names available through pair’s Domain Name Services (an “Account Owner”); (B) as the registrant seeking to register an Internet domain name, the “Registrant”; or (C) as an individual who has been designated by the Account Owner as an alternate WHOIS Contact as further detailed below, collectively, “you”“your”), how and why we process such personal data, with whom we may share such information, as well as how we protect your information.

In this Transparency Statement, we also describe the processes by which you may contact us in order to exercise your rights, in accordance with applicable law, to: (1) access, correct, restrict, or delete your personal data; (2) object to the processing of certain aspects of your personal data; and (3) ask any questions you may have about our privacy practices. Please take note as well that the practices described in this Transparency Statement are necessary and/or integral to the performance of our Domain Name Services. Where specifically noted below, exercising your rights as described herein may affect our ability to continue performing Domain Name Services as requested.

This Transparency Statement may be updated and/or otherwise revised periodically to reflect changes in our data processing practices and/or policies. We will post notices of all such changes on our applicable websites and/or materials and the “Effective Date” noted above will indicate when this Transparency Statement was most recently revised. Except as may be otherwise required under applicable law, revisions to this Transparency Statement will be effective on the Effective Date noted without any other notice or approval by you. In certain jurisdiction, applicable law may require additional processes and procedures, in which case, revisions to this Transparency Statement will not be effective until we have met our obligations accordingly.

1. pair is a Data Processor

Other than certain consent-based uses of personal contact information for purposes of keeping clients updated with respect to developments in domain name registration processes and procedures, our company’s services and other communications about our company and/or our products and services as expressly detailed below, we use the Personal Data described herein solely for the purposes of performing Domain Name Services. As such, we use such Personal Data only as directed by the Internet Domain Name Authorities for the domain names we offer for registration (as described below) and are thus a “Data Processor” as defined under the European Union General Data Protection Regulation (the “GDPR”).

If you have any questions about pair’s processing of your Personal Data and/or this Transparency Statement, you may contact us as follows:

Information Technology Director

pair Networks, Inc. d/b/a pair Domains

2403 Sidney Street, Suite 210

Pittsburgh, PA, 15203

United States of America

Phone: +1 888 724 7642

Email: privacycompliance@pair.com

Website: www.pairdomains.com

2. Data Controller

For the top level domains (“TLDs”) we offer for registration, other than country code top level domains (“ccTLDs”), the Internet Corporation for Assigned Names and Numbers (“ICANN”) determines the purposes and means of the processing of Personal Data as described herein. As such, ICANN is the “Data Controller” if you are seeking to register a domain name with a generic TLD we offer for registration.

Contact information for ICANN is provided at https://forms.icann.org/en/contact

For ccTLDs, the applicable domain name authority for the ccTLD in which Registrant is interested is set forth in pair’s terms and conditions of services. That domain name authority determines the purposes and means of the processing of Personal Data as described herein for domain name registration with their corresponding ccTLD. As such, the domain name authority for a given ccTLD as noted in our terms and conditions of service is the “Data Controller” for Personal Data processed for domain names with such ccTLD.

A list of the domain name authorities for the ccTLD’s we offer for registration under our Domain Name Services is available in our terms of service: https://www.pairdomains.com/agreement.html (starting at section 27 and continuing through the end of the document).

We process your Personal Data pursuant to the dictates of the applicable Data Controller, as further detailed in this Transparency Statement.

We may refer your requests and demands regarding our processing of your Personal Data as set forth in Section 9 below to applicable Data Controller(s) for response. Likewise, you have the option of addressing your concerns about this Transparency Statement directly to the applicable Data Controller(s).

3. Personal Data & Special Categories of Data

For the purpose of providing Domain Name Services, we collect the types of personal information described below about you and/or the Registrant (as further detailed below, “Personal Data”).

Personal Information — We collect personal contact information about Account Owner and, where relevant, other WHOIS Contacts (as defined below), including without limitation name, organizational affiliation (optional), mailing address, phone numbers, and email addresses.

Payment and Billing Information — We process payment information through a third-party service provider called a secure payment processor. Anytime you are asked to provide payment card information for payment to pair, you are actually entering your payment card information directly to our payment processor’s systems. We enter into written contracts with our payment processors pursuant to which they are obligated to process your payment card information securely in accordance with the Payment Card Industry Data Security Standard (“PCI-DSS”), an information security standard for organizations that handle branded credit cards from major credit card brands. We do not collect, store or otherwise process your payment card information on our systems except for the limited, redacted information described below. As of the Effective Date first noted above, our secure payment processor is Stripe, Inc. You should review information about Stripe, Inc.’s data handling policies and terms of service, available from their website (https://stripe.com/us/privacy).

Account Information — We collect certain account information about our Account Owners and other users with whom we may interact, including without limitation: username, password, domain names registered under a given account, the email headers (including IP address) of messages that you choose to send to us, and history of correspondence between you and pair.

Special Categories of Data — We do not collect or otherwise process any special categories of data as defined under the GDPR.

Google Analytics — We do utilize Google Analytics in a way that allows us to track traffic on our own website with some personally identifiable data. Please see Section 11 below for more information, including how to opt-out.

4. How We Obtain Personal Data

We collect Personal Data from data subjects or from Account Owners through pair websites, and other information you provide directly to us, including by email or in conversation with our staff.

5. Personal Data Processing and Data Retention

We use Personal Data that we collect hereunder as necessary to provide Domain Name Services in the manner required by the Data Controller(s). Subject always to your rights as set forth in Section 9 below:

a. pair Owner Accounts — In order for you to use Domain Name Services, we require you to register a pair Owner Account through pair websites. During the signup process, you will be prompted to set up a username and password for account login purposes and personal contact information as follows: Name, Organization (optional), Physical Address, Phone Number and Email Address (“Account Information”). Your login information is necessary to protect your vital interests as it enables you to secure your own Owner Account and establish your identity with pair for purposes of transactions in the course of using our Domain Name Services. Your Account Information is necessary for the performance of Domain Name Services as we use Account Information to contact you regarding your Owner Account, contact you regarding Domain Name Services, domain names that you have registered, billing, invoices, collections, etc.

b. WHOIS Information — Whenever you register a domain name using our Domain Name Services, we are obligated by applicable Data Controllers to collect and process personal information regarding you as the “Registrant” as well as personal information for “Administrative”, “Technical”, and “Billing” contacts to be associated with the domain name being registered (collectively, “WHOIS Information”) as follows: Name, Organization (optional), Physical Address, Phone Number, Fax Number and Email Address. For your convenience, we will use your Account Information as the default values for WHOIS Information for each domain name you register under your Owner Account using our Domain Name Services.

While we require that the Registrant and the Owner Account remain the same, you may designate alternate contacts as the “Administrative”, “Technical”, and/or “Billing” contacts for a given domain name registration through your Owner Account portal on our website. Whenever an Administrative, Technical, or Billing contact that is different than the Account Information is provided, we will send an email to the newly designated contacts, using the designated email address for the contact in question, seeking confirmation of consent to be designated as a contact for the domain name registration(s) in question as well as consents as may be required under this Transparency Statement. If we do not receive consent from such alternate contacts in a timely manner, we reserve the right to change the designated contact information for the Administrative and/or Technical contacts back to the Account Information.

We keep all WHOIS Information private by default at no additional cost or charge. If anybody desires to contact the Registrant, Administrative, Technical, and/or Billing contact for a domain name under your Owner Account, a search against the WHOIS registry will only provide a special purpose email address that is not personally identifiable to you. That email will be processed by pair and forwarded onto you (or the appropriate contact) using your actual
Account Information (or the actual contact information provided for the Administrative or Technical contact).

If, and only if, you provide opt-in consent would we make the WHOIS Information that you have designated for a given domain name publicly available through searches against the WHOIS registry for such domain name. However, we may disclose the WHOIS Information that you have designated to third-parties demanding such information for a legitimate interest including without limitation, a law enforcement demand, a demand under court order, or an allegation of infringing use.

As detailed below, we have obligations to transfer WHOIS Information to third-parties in accordance with our contracts with the Data Controllers/domain name authorities.

We process WHOIS Information as required under our contracts with Data Controllers who govern the Internet domain name registration system and thus our processing of WHOIS Information as noted in this Transparency Statement is necessary, and integral, to our performance of Domain Name Services that you request. Our processing of WHOIS Information as detailed in this Transparency Statement is also in furtherance of a legitimate interest, specifically the maintenance of principles of integrity, accountability, and transparency in the operation of the Internet domain name registration system(s), and the operation of the Internet itself. We will process WHOIS Information in furtherance of this legitimate interest only when that is not overridden by your data protection rights under applicable law. To the extent required by applicable law, we will seek your express consent for certain processing of certain types of WHOIS Information. You acknowledge that we will not be able to provide Domain Name Services as requested or complete the terms of our engagement if you do not give us your consent to process WHOIS Information, and each party shall have the right to terminate affected Domain Name Services accordingly without breach of contract.

c. Accounting and Billing — As noted above, your payment card information is actually collected, stored and processed primarily by our secure payment processor, subject to the terms and conditions of service, privacy policy and data security policies. pair can access only expiration date, and the first and last 4 digits of your payment card account number. We store and process such limited information locally at pair Domains for billing, accounting and operational purposes (i.e., to confirm method of payment when issuing payment acknowledgement). Generally, we may use Personal Data for our own administrative, accounting, and business needs including billing, invoicing, internal accounting and record-keeping requirements as well as other related administrative and business purposes. Certain processing is undertaken as necessary to complete a contract for services (collecting payments, making payments for authorized transactions such registration fees, payment for services rendered, etc.). In other instances our processing of Personal Data as described in this paragraph is required for us to fulfill legal obligations to which we are subject (e.g., record keeping mandated by applicable law).

d. Support and Customer Service — When you contact us for technical support or customer service, we will process Personal Data that you provide at such time to associate you with the domain name and/or the Domain Name Services that is the subject of your request and the Owner Account and WHOIS Information that is associated with such domain name and/or other Domain Name Service. Such Personal Data includes email address, name, account numbers, and email headers (including IP address). You may contact us and provide Personal Data for such technical support and/or customer service by email, phone call, self-serve online support portals through websites operated by, or on behalf of, pair. We use such Personal Data as necessary to respond to your request and/or provide the requested technical support and/or customer service, including without limitation communicating with you, internal communications, maintaining a history of correspondence, service tickets, outcomes, outstanding issues, etc. Our processing of Personal Data as described in this Section is also in furtherance of legitimate interests, including without limitation management reporting, quality assurance, reviewing historical support issues and requests for support or customer service, and to verify identity. We will process Personal Data in furtherance of this legitimate interest only when that is not overridden by your data protection rights under applicable law.

e. Compliance with Legal Obligations — In addition to processing Personal Data for the purposes of providing Domain Name Services, we process Personal Data collected hereunder to comply with our own legal and regulatory obligations. For example, we may process personal information to comply with: applicable international sanctions, “know your customer”, anti-money laundering regulations, anti-bribery compliance requirements, record keeping requirements, required public filings, reporting requirements, court order, law enforcement order, and other legal and/or regulatory requirements.

f. Legitimate Interests — We may also use Personal Data collected hereunder in circumstances other than as expressly described above in connection with the services we provide; provided, however that any such additional processing may only occur when there is a legitimate interest to do so that is not overridden by your data protection rights as required by applicable law. The types of processing/uses contemplated hereunder may include, without
limitation, for our own administrative and business needs (tracking time, billing, invoicing, collection), audits and self-assessments for compliance with applicable laws, regulations, court order, law enforcement order, and applicable workplace policies, and for information technology purposes including without limitation troubleshooting, business continuity, disaster recovery, data backup and recovery.

g. Data Retention — We generally retain Personal Data for the periods specified by applicable law, regulation, and/or court order, and in our document retention/filing polices, currently set at seven years from date of termination of relationship or seven years past the date when all of our expenses and revenue in the relationship have been recognized. We may also retain Personal Data for longer periods where there is a reasonable basis for retaining such data, including without limitation in connection with the establishment, exercise or defense of legal claims. We retain WHOIS Information and other historic information about a domain name in accordance with data retention requirements imposed on us by ICANN via our accreditation agreement.

6. Optional Data Processing

In addition to processing Personal Data in the ways set forth above for purposes related to the provision of Domain Name Services, you may also choose to allow us to use certain Personal Data as detailed below. The types of data processing described in this Section 6 are not necessary or integral to the performance of Domain Name Services and we will not use Personal Data for such optional purposes except as expressly set forth in this Section 6;

Information Requested — If you request information about our company, our affiliates, or our respective products and services, you may elect to provide personal contact information such as your name, your email address, your phone number, your company affiliation, and/or your mailing address. We may use your information to respond to your request.

Opt-In Subscription or Mailing Lists — From time to time we may offer you the option of signing up, or having us sign you up, for various subscription and/or mailing lists used to send communications from our company for purposes of keeping customers and other registered recipients updated with respect to news and developments, our company’s products and services and other communications about our company and our affiliates (“Updates”). In order to register you on such subscription and/or mailing lists, we will ask for your name and email address. We will specifically ask for your consent to use such information on an opt-in basis.

7. Onward Transfers — Data We Share with Others

We will not sell, share, transfer, disclose, rent, use, or distribute Personal Data hereunder for purposes other than as set forth in this Transparency Statement unless required by law or as expressly authorized by a Data Controller as described above.

Domain Name Authorities — We perform our Domain Name Services as a domain name registrar in accordance with the contracts we sign with, and the rights and obligations granted to/imposed upon us by, domain name authorities (such as ICANN) (“Accreditation Agreements”), and the domain name registries appointed by domain name authorities as the administrative overseer of specific top level domains (the “Registry Agreements”). In accordance with our obligations under Accreditation Agreements, and in accordance with the instructions of ICANN, and other domain name authorities, as Data Controllers, we share WHOIS Information for specific generic top level domains with ICANN or another domain name authority that governs other specific generic top level domains.

Escrow — In accordance with our obligations under Accreditation Agreements, and in accordance with the instructions of ICANN, and other domain name authorities, as Data Controllers, we share WHOIS Information with designated technology escrow companies to be held by such escrow companies in an encrypted escrow to protect WHOIS Information against situations where a registrar such as ourselves would become bankrupt, suffer an unrecoverable data loss, or otherwise lose access to WHOIS Information collected by such registrar. The escrow company appointed by ICANN is currently Iron Mountain Incorporated.

Domain Name Registries — In accordance with our obligations under Accreditation Agreements and Registry Agreements, and in accordance with the instructions of ICANN, and other domain name authorities, as Data Controllers, we transfer WHOIS Information to such Registries as a necessary part of the domain name registration process. A list of the Registries is available in our terms of service: https://www.pairdomains.com/agreement.html (starting at section 27 and continuing through the end of the document).

Dispute Resolution — We may make WHOIS Information available to third-parties upon valid request to resolve disputes or claims regarding domain names in ICANN’s UDRP arbitration process, or the WIPO (the World Intellectual Property Organization) domain name arbitration proceedings.

Special Note on ICANN’s “Temporary Specification for gTLD Registration Data” — As of the Effective Date of this Agreement, we are operating under an understanding, publicly announced by ICANN, that WHOIS Information will be held private and will not be made available for public lookups; provided, however WHOIS Information may be subject to “reasonable access” by third parties with “legitimate interests”.

Consent — We process WHOIS Information as described above, and our processing of WHOIS Information as noted in this Transparency Statement is necessary, and integral, to our performance of Domain Name Services that you request. The data processing activities described in this Section 7(a) above are obligations arising out of the Accreditation Agreements and/or Registry Agreements to which we are a party. Our processing of WHOIS Information as detailed in this Transparency Statement is also in furtherance of a legitimate interest, specifically the maintenance of principles of integrity, accountability, and transparency in the operation of the Internet domain name registration system(s), and the operation of the Internet itself. We may only process WHOIS Information in furtherance of this legitimate interest when that is not overridden by your data protection rights under applicable law. To the extent required by applicable law, we will seek your express consent to process WHOIS Information as described above. You acknowledge that we will not be able to provide Domain Name Services as requested or complete the terms of our engagement if you do not give us your consent to process WHOIS Information, and each party shall have the right to terminate affected Domain Name Services accordingly without breach of contract.

Weebly (Consent) — With every domain name registration registered with us, pair offers, on an opt-in basis only, a website builder tool from a third-party called “Weebly” at no additional charge to Registrants. We do not transmit your personal information to Weebly. Instead, for those who have expressly opted-in to use Weebly, pair shares the newly registered domain name to Weebly, along with a unique, special purpose “@weeb.pairdomains.com” or “@weeb.mypair.com” email address that is not personally identifiable to any actual person by anyone other than pair. Any email that Weebly would like to send to you is sent to this special purpose email address, directed to pair’s email servers. This address only accepts email sent from Weebly (all other senders are rejected.) Whenever we receive mail sent to that address, we scrub it for spam and viruses and then forward it to the real email address that we have for you as reflected in Account Information. In this manner, Weebly never has access to your name or your real email address, but is able to communicate with you about their service. We ask for your express consent to forward Weebly messaging to you in the manner described above. You acknowledge that, without your consent, Weebly will have no way to communicate with you about your use of their website builder tool and thus you may not be able to continue using their services.

a. Service Providers (Consent) — We may provide Domain Name Services, or otherwise process Personal Data as detailed above, using third-party service providers we have retained to support us. Such service providers include, without limitation, those who assist us in providing information technology services, backing up of Personal Data, billing services, back office support, and other similar services. These entities may be located inside, or outside, the European Economic Area. We take steps to require that such service providers protect Personal Data transferred to them in a manner that is consistent with this Privacy Policy. The information shared with each is limited only to that information required for that entity to fulfill its role in assisting us with the performance of the actions described above. Where we have knowledge that a service provider processes your Personal Data in a manner contrary to this Privacy Policy, we will take reasonable steps to prevent or stop such processing. Where applicable law requires us to obtain your consent to use such third party service providers, you acknowledge that refusal to provide your consent, or withdrawal of your consent, may
affect or prevent our ability to provide Services, and that our engagement may need to be terminated for lack of such consent.

b. Exigent Circumstances — In addition to the disclosures set forth above, we will disclose Personal Data about you: (1) if we are required to do so by law or legal process, (2) to law enforcement authorities, judiciary or other government officials, (3) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss in connection with an investigation of suspected or actual illegal activity; or (4) if necessary to protect the vital interests of any person.

8. Transfer of Personal Data Outside of the EEA

a. pair is Headquartered in the United States — pair processes Personal Data as described above in our home country, the United States of America. The United States of America is a country outside of the EEA (a “third-country”) that is not the subject to a European Commission finding of adequacy (the European Commission has not found that U.S. laws ensure an adequate level of protection for personal data with reference to the GDPR). When applicable, we process Personal Data in the U.S. on the basis of our participation in the EU-US Privacy Shield. Otherwise, we process Personal Data in the U.S. on the basis of your consent.

b. Transfers to Other Third-Country Legal or Natural Persons — Personal Data may be shared with other third-country legal or natural persons (either Data Controllers, or service providers under contract to us or to a Data Controller) for the purposes described in this Transparency Statement. When required by GDPR, we may transfer Personal Data to such third-country legal or natural persons on the basis of: (1) standard contractual clauses for data protection which have been approved for as the basis for transfers of Personal Data to third-countries by the European Commission; (2) binding corporate rules or codes of conduct approved under the terms of the GDPR; (3) when we transfer Personal Data to other organizations in the U.S., we may rely on those other organization’s participation in the EU-US Privacy Shield; or (4) the fact that the European Commission has issued a finding of adequacy with respect to privacy laws in such third country transferee’s jurisdiction. For further information, including to obtain a copy of the applicable documents used to protect your
information as set forth above, please contact us as described above.

9. Your Rights and Options

If we receive a demand from you with respect to your rights of access or rectification, we will refer your demand to the applicable Data Controllers and assist such Data Controllers, to provide you, where appropriate, with access to your Personal Data and, as applicable, with the ability to review and correct inaccuracies, delete Personal Data that is no longer necessary or relevant, receive a copy of your Personal Data in a structured machine-readable format, and otherwise fulfill your demands on the Data Controller(s) to the extent based on the exercise of rights held by you under the GDPR.

If we receive a demand from you with respect to your rights of erasure, restriction of processing and/or right to object to processing, access or rectification, we will refer your demand to the applicable Data Controllers and assist such Data Controllers to respect your requests, where appropriate. In the event that you inform us in writing that you wish to opt-out of future processing of your Personal Data we will work with the applicable Data Controllers to respect your request. Where we rely solely on your consent, you may withdraw it at any time; subject to the limitations and disclosures set forth above regarding the effect such demands or withdrawals may have on our ability to continue providing the Domain Name Services in the manner for which we have been engaged.

You may also object to processing that is described above as being based on our legitimate interests alone. In such instances, our business interests must be found to be compelling and to not jeopardize your individual rights before further processing may continue.

In order to meet our obligations under applicable law, we may take reasonable steps to verify your identity before responding to demands as set forth in this Section 9.

10. Complaints, Concerns, Recourse

If you have unresolved concerns about the processing of your Personal Data, you may have the right to complain to a data protection authority where you reside, where you work or where you believe there has been an infringement of data protection laws, all in accordance with, and subject to, applicable local law.

a. In-House Mechanism to Address Complaints — In the event you believe pair has failed to protect your privacy please immediately submit your concerns to us at: privacycompliance@pair.com Please provide details regarding your concerns and include full contact information so we can respond as quickly and completely as possible. If you are dissatisfied with the speed or scope of our response you can seek further in-house review by following the appeal procedures that will be provided to you. If, despite the appeal process, you are still dissatisfied, then you may proceed through the Independent Recourse Mechanism described below.

b. Independent Recourse Mechanism — In compliance with the EU-US Privacy Shield and Swiss-US Privacy Shield Principles, pair commits to resolve complaints about your privacy and our collection or use of your personal information. European Union and Swiss individuals with inquiries or complaints regarding this privacy policy should first contact pair at: abuse@pair.com.

pair has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield and Swiss-US Privacy Shield Principles to BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.

Under certain limited conditions, individuals have the possible additional recourse of invoking binding arbitration before the Privacy Shield Panel to be created by the US Department of Commerce and the European Commission.

11. Tracking and Traffic Data

In addition to Personal Data that we collect hereunder, we may, through our website, collect data generated automatically by traffic to our website (“Traffic Data”). Traffic Data may include, without limitation, internet protocol address(es), operating system(s) and browser specifics of your device, device characteristics, geographic (geo-location) information, user
ID(s), clickstream data, and specifics regarding your interactions with (i.e., the path you take through) the website. Traffic Data may also include your mobile device information (e.g., device model, operating system version, device date and time, unique device identifiers, mobile network information) and how you use the website. These types of information do not generally identify or relate to you as an individual; however we may associate these types of information with you as an individual.

Our website may require you to accept session “cookies” to provide customer experience and efficiencies such as enabling you to login, personalizing your experience, and/or automatically filling in standard information on return visits. “Cookies” are small pieces of information that are stored locally on your device by your browser and passed back to the server whenever a request for a new page on the site is made. The session cookie is never saved or written to disk. It is discarded when the browser exits, when you log out of the website, or when you have not visited a page on the website for a given period of time, for example 60 minutes. Most web browsers automatically accept session cookies, but most browsers also allow you to configure your web browser to refuse them or to notify you before a cookie is set. You also can manually view (and delete) any cookies stored on your computer. If you do not allow session cookies to be set, you may not be able to use our website, access the full content otherwise available through our website and/or use the full features and functionality of our website.

Our website may use Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies” to help the website analyze how users use and view the website. Any information generated by the cookie about your use of our website (including your IP address, information about the content you view, the date and time that you
view that content, and particulars about your browser and configuration as reported by your browser) may be transmitted to and stored by Google on servers in the United States. Google may use the information collected for the purpose of enabling us to evaluate your use of our website, certain aspects of your user experience thereon, compiling reports on activity for us and providing other services relating to our website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. Our website uses enhanced ecommerce Google Analytics tracking to track information about the ecommerce portions of our website such as sales performance, product sales performance, funneling, and conversion rates from advertising campaigns and landing pages on the website. Please note any information collected by the Google Analytics cookies do not include personalized identification information (such as names, e-mail addresses, and payment information). However, we also make use of a Google Analytics feature called User ID on our website. The User ID feature allows for more accurate tracking of visitors to our website by associating a unique visitor with a corresponding Google Analytics User ID over various sessions and devices. Although User ID does not enable Google to personally identify an individual or permanently identify any particular device, we have the ability to connect User ID data from Google Analytics with personally identifying information about the visitor that we have collected. This allows us to answer questions such as “How many times did a visitor visit our site before purchasing something?” More information on the Google Analytics cookies are available from Google at https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage and
https://support.google.com/analytics/answer/6004245. Visitors may opt-out of Google Analytics by visiting the Google Analytics Opt-Out Page: https://tools.google.com/dlpage/gaoptout. Customers that are logged in to pair Domains may also opt-out of Google Analytics in the “privacy preferences” section of the pair Domains web site. For customers who register a physical mailing address with us that is in the European Economic Area, we automatically opt-out such customers from Google Analytics.

12. Do Not Track

Do Not Track (DNT) is a privacy preference that you can set in certain web browsers. When you turn on DNT, the browser may send a signal or other message to web services requesting that they not track you. At this time, our information collection practices will continue to apply as described in this Transparency Statement, regardless of any DNT signals that are sent by certain browsers or selected by you. For more information about DNT, please visit AllAboutDNT.org.

HOW TO CONTACT US

In order to exercise your rights hereunder, if you have any questions about this Transparency Statement and/or our processing of Personal Data, you may contact us in accordance with the information set forth in Section 1 above.