Milk Bar Bakery | Privacy Policy

MILK BAR PRIVACY POLICY

This privacy policy has been compiled to better serve those who are concerned with how their ‘Personally Identifiable Information’ (PII) is being used online. PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website.

WHAT PERSONAL INFORMATION DO WE COLLECT FROM THE PEOPLE THAT VISIT OUR BLOG, WEBSITE, OR APP?

When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, mailing address, phone number, credit card information or other details to help you with your experience.

We additionally use pixels to identify IP addresses and browser information. We use pixels for marketing and advertising purposes including sending targeted advertisements. These pixels do not include personal identifiable information.

WHEN DO WE COLLECT INFORMATION?

We collect personal information from you when you register on our site, place an order or enter information on our site. Your IP address is collected when you visit our site.

HOW DO WE USE YOUR INFORMATION?

We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:

• To improve our website in order to better serve you. • To quickly process your transactions. • To send periodic emails regarding your order or other products and services. • To follow up with you after correspondence (live chat, email or phone inquiries) • To provide thoughtful marketing and advertising messages to you.

HOW DO WE PROTECT YOUR INFORMATION?

Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.

We use regular Malware Scanning.

Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.

We implement a variety of security measures when a user places an order to maintain the safety of your personal information.

All transactions are processed through a gateway provider and are not stored or processed on our servers.

DO WE USE ‘COOKIES’?

Yes. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the site’s or service provider’s systems to recognize your browser and capture and remember certain information. For instance, we use cookies to help us remember and process the items in your shopping cart. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

We use cookies to: • Help remember and process the items in the shopping cart. • Understand and save user’s preferences for future visits.

You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.

If you turn cookies off, some features will be disabled. It won’t affect the user’s experience that make your site experience more efficient and may not function properly.

However, you will still be able to place orders .

We additionally use pixels to identify IP addresses and browser information. We use pixels for marketing and advertising purposes including sending targeted advertisements.

You have the option of removing tracking technologies as well as opt out of receiving behavioral advertising. More information is available from NAI or DAA.

THIRD-PARTY DISCLOSURE

We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information.

We transfer select information to third parties including advertising agencies for marketing and advertising purposes. This excludes any information that is personally identifiable to you (name, email, address, etc.)

You can opt out of receiving targeted ads by emailing help@milkbarstore.com or calling 3475779504.

THIRD-PARTY LINKS

We do not include or offer third-party products or services on our website.

CALIFORNIA ONLINE PRIVACY PROTECTION ACT

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting Personally Identifiable Information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared. – See more at: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf

According to CalOPPA, we agree to the following: Users can visit our site anonymously. Once this privacy policy is created, we will add a link to it on our home page or as a minimum, on the first significant page after entering our website. Our Privacy Policy link includes the word ‘Privacy’ and can be easily be found on the page specified above.

You will be notified of any Privacy Policy changes: • On our Privacy Policy Page Can change your personal information: • By emailing us • By calling us • By logging in to your account

How does our site handle Do Not Track signals? We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.

Does our site allow third-party behavioral tracking? It’s also important to note that we do not allow third-party behavioral tracking

COPPA (CHILDREN ONLINE PRIVACY PROTECTION ACT)

When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.

We do not specifically market to children under the age of 13 years old.

FAIR INFORMATION PRACTICES

The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:

We will notify you via email • Within 7 business days

We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.

CAN SPAM ACT

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

We collect your email address in order to: • Send information, respond to inquiries, and/or other requests or questions • Process orders and to send information and updates pertaining to orders. • Send you additional information related to your product and/or service • Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.

To be in accordance with CANSPAM, we agree to the following: • Not use false or misleading subjects or email addresses. • Identify the message as an advertisement in some reasonable way. • Include the physical address of our business or site headquarters. • Monitor third-party email marketing services for compliance, if one is used. • Honor opt-out/unsubscribe requests quickly. • Allow users to unsubscribe by using the link at the bottom of each email.

If at any time you would like to unsubscribe from receiving future emails, you can email us at • Follow the instructions at the bottom of each email. and we will promptly remove you from ALL correspondence.

Requesting access, correction or deletion of your personal information At any time, you can request access to your personal information, request that any inaccuracies be corrected or request that your details be removed. Please contact our Data Protection Officer at help@milkbarstore.com.

To make a complaint about how we handled your personal information, and other information regarding your rights

We commit to investigating and resolving complaints about our collection or use of your personal information. To make a complaint, please contact our Data Protection Officer at help@milkbarstore.com.

Please note that you may request (1) access to and rectification or erasure of personal data, (2) restriction of processing concerning the data subject to, or object to, processing and (3) portability of your data. You may also have the right to withdraw consent at any time data processing, and you may lodge a complaint about processing of your personal data with a supervisory authority. Please note, however, that your provision of data to us is a requirement necessary to enter into a contract with us.

SPECIAL NOTE FOR EU INDIVIDUALS

The information we collect through this website is controlled by Momomilk LLC, which is headquartered in the United States at 382 Metropolitan Ave, Brooklyn NY 11211.

THELEGAL BASES FOR USING YOUR PERSONAL INFORMATION

We collect, use, and share your personal information where we are satisfied that we have an appropriate legal basis to do this. This may be because:

  • Our use of your personal information is in our legitimate interest as a commercial organization (for example in order to make improvements to our products and services and to provide you with information you request); you have a right to object to processing as explained in the section below titled Your legal rights;
  • Our use of your personal information is necessary to perform a contract or take steps to enter into a contract with you (for example where we use your name and contact information to make deliveries to you in the performance of our services); and/or
  • Our use of your personal information is necessary to comply with a relevant legal or regulatory obligation that we have (for example, where we are required to undertake vetting to comply with safety and security regulations or where we are required to disclose personal information to a court or tax authority).

If you would like to find out more about the legal bases on which we process personal information, please contact us using the details below.

YOUR LEGAL RIGHTS

Subject to certain exemptions, and in some cases dependent upon the data processing or data controlling activity we are undertaking, you have certain rights in relation to your personal information:

Right to access, correct, and delete your personal information: You have the right to request access to the personal information that we hold about you and:(i) the source of your personal information; (ii) the purposes, legal basis and methods of processing; (iii) the data controller’s identity, if we are not the data controller; and (iv) the entities or categories of entities to whom your personal information may be transferred.

You also have the right to request that we delete your information.

We are not required to comply with your request to erase personal information if the processing of your personal information is necessary for compliance with a legal obligation or for the establishment, exercise, or deference of legal claims.

Right to restrict the processing of your personal information: You have the right to restrict the use of your personal information when (i) you contest the accuracy of the data; (ii) the use is unlawful but you do not want us to erase the data; (iii) we no longer need the personal information for the relevant purposes, but we require it for the establishment, exercise, or defense of legal claims; or (iv) you have objected to our personal information use justified on our legitimate interests verification as to whether we have a compelling interest to continue to use your data.

We can continue to use your personal information following a request for restriction, where:

  • we have your consent; or
  • to establish, exercise or defend legal claims; or
  • to protect the rights of another natural or legal person.

Right to data portability: To the extent that we process your information (i) based on your consent or under a contract; and (ii) through automated means, you have the right to receive such personal information in a structured, commonly used, machine-readable format, or you can ask to have it transferred directly to another data controller.

Right to object to the processing of your personal information: You can object to any processing of your personal information which has our legitimate interests as its legal basis, if you believe your fundamental rights and freedoms outweigh our legitimate interests. If you raise an objection, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms.

Right to obtain a copy of personal information safeguards used for transfers outside your jurisdiction: You can ask to obtain a copy of, or reference to, the safeguards under which your personal information is transferred outside of the EEA.

Right to lodge a complaint with your local supervisory authority: You have a right to lodge a complaint with your local supervisory authority if you have concerns about how we are processing your personal information.

We ask that you please attempt to resolve any issues with us first, although you have a right to contact your supervisory authority at any time.

How to Exercise Your Rights: If you would like to exercise any of the rights described above, please send us a request at help@milkbarstore.com. In your message, please indicate the right you would like to exercise and the information that you would like to access, review, correct, or delete.

We may ask you for additional information to confirm your identity and for security purposes, before disclosing the personal information requested to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.

We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.

CROSS-BORDER TRANSFER OF INFORMATION

We generally maintain servers and systems in the United States hosted by third party service providers. We also may subcontract the processing of your data to, or otherwise share your data with, other third parties in the United States or countries other than your country of residence. As a result, where the personal information that we collect through or in connection with our website is transferred to and processed in the United States or anywhere else outside the European Economic Area (EEA) for the purposes described above, we will take steps to ensure that the information receives the same level of protection as if it remained within the EEA, including entering into data transfer agreements, using the EU Commission approved Standard Contractual Clauses, or by relying on certification schemes such as the EU – US Privacy Shield. You may have a right to details of the mechanisms under which your data is transferred outside the EEA.

REQUESTING ACCESS, CORRECTION, OR DELETION OF YOUR PERSONAL INFORMATION

At any time, you can request access to your personal information, request that any inaccuracies be corrected or request that your details be removed. Please contact us help@milkbarstore.com.

TO MAKE A COMPLAINT ABOUT HOW WE HANDLED YOUR PERSONAL INFORMATION, AND OTHER INFORMATION REGARDING YOUR RIGHTS

We commit to investigating and resolving complaints about our collection or use of your personal information. To make a complaint, please contact us at help@milkbarstore.com.

Please note that you may request (1) access to and rectification or erasure of personal data, (2) restriction of processing concerning the data subject to, or object to, processing and (3) portability of your data. You may also have the right to withdraw consent at any time data processing, and you may lodge a complaint about processing of your personal data with a supervisory authority. Please note, however, that your provision of data to us is a requirement necessary to enter into a contract with us.

CONTACTING US

If there are any questions regarding this privacy policy, you may contact us using the information below.

milkbarstore.com 382 Metropolitan Ave Brooklyn, New York 11211 United States help@milkbarstore.com 3475779504