Updated June 2020

Paola Brown LLC collects and uses your personally identifiable information to deliver the products you have requested. Your information, whether public or private, will not be sold, exchanged, transferred, or given to any other company for any reason, without your consent, other than for the express purpose of delivering our product to you and improving your customer experience.

EMAIL MARKETING
With your permission, we may send you emails about our store, new products, and other updates. When you purchase something from our store, as part of the buying and selling process, we collect payment information and personal information you give us such as your name, address, phone number and email address.

When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.

COOKIE STORAGE AND ACCESS
A cookie is a very small text document, which often includes an anonymous unique identifier. When you visit a website, that site’s computer asks your computer for permission to store this file in a part of your hard drive specifically designated for cookies. Each website can send its own cookie to your browser if your browser’s preferences allow it, but (to protect your privacy) your browser only permits a website to access the cookies it has already sent to you, not the cookies sent to you by other sites. Some of our business partners may use cookies that originate from their sites. We have no access or control over those cookies.

As you use our website, the site uses its cookies to differentiate you from other users. In some cases, we may also use cookies to prevent you from seeing unnecessary advertisements or requiring you to log in more than is necessary for security. Cookies, in conjunction with our web server’s log files, allow us to calculate the aggregate number of people visiting our website and which parts of the site are most popular. This helps us gather feedback in order to constantly improve our website and better serve our customers. Cookies do not allow us to gather any personal information about you and we do not generally store any personal information that you provided to us in your cookies.

SHARING INFORMATION WITH THIRD PARTIES
We may enter into alliances, partnerships or other business arrangements with third parties who may be given access to personal information including your name, address, telephone number and email for the purpose of providing you information regarding products and services that we think will be of interest to you. In connection with alliances, partnerships or arrangements, we may also provide certain information to third parties if we have determined that the information will be used in a responsible manner by a responsible third party. For example, some of our partners may provide services related to our site, while others power offerings developed by us for your use. We also use third parties to facilitate our business, including, but not limited to, sending email. In connection with these offerings and business operations, our partners and other third parties may have access to your personal information for use in connection with business activities. As we develop our business, we may buy or sell assets or business offerings. Customer, email, and visitor information is generally one of the transferred business assets in these types of transactions. We may also transfer such information in the course of corporate divestitures, mergers, or any dissolution.

PRIVACY
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.

COPPA COMPLIANCE
We recognize the need to provide further privacy protections with respect to personal information we may collect from children on our sites and applications. Some of the features on our sites and applications may be age-gated so that they are not available for use by children, and we do not knowingly collect personal information from children in connection with those features. When we intend to collect personal information from children, we will take additional steps to protect children’s privacy, including:

Notifying parents about our information practices with regard to children, including the types of personal information we may collect from children, the uses to which we may put that information, and whether and with whom we may share that information;
In accordance with applicable law, and our practices, obtaining consent from parents for the collection of personal information from their children, or for sending information about our products and services directly to their children;
Limiting our collection of personal information from children to no more than is reasonably necessary to participate in an online activity; and
Giving parents access or the ability to request access to personal information we have collected from their children and the ability to request that the personal information be changed or deleted.

FERPA COMPLIANCE
Paola Brown LLC, in its role as a vendor to educational agencies and institutions (EAs), receives disclosures from the EAs of personally identifiable information (PII) contained in student records. Only information that is needed for Paola Brown LLC to perform services outsourced to it by the EA is disclosed to Paola Brown LLC. These disclosures are authorized under the Family Educational Rights and Privacy Act (FERPA), a federal statute that regulates the privacy of student records by EAs that receive financial assistance from the U.S. Department of Education. Paola Brown LLC, as a contractor to the EA, receives the disclosures on the same basis as school officials employed by the EA, consistent with FERPA regulations, 34 CFR §99.31(a)(1)(i)(B). Consistent with those regulations, Paola Brown LLC has a legitimate educational interest in the information to which it is given access because the information is needed to perform the outsourced service, and Paola Brown LLC is under the direct control of the EA in using and maintaining the disclosed education records, consistent with the terms of its contract.

Paola Brown LLC is subject to the same conditions on use and redisclosure of education records that govern all school officials, as provided in 34 CFR §99.33. In particular, Paola Brown LLC must ensure that only individuals that it employs or that are employed by its contractor, with legitimate educational interests – consistent with the purposes for which Paola Brown LLC obtained the information — obtain access to PII from education records it maintains on behalf of the district or institution. Further, in accordance with 34 CFR §99.33(a) and (b), Paola Brown LLC may not redisclose PII without consent of a parent or an eligible student (meaning a student who is 18 years old or above or is enrolled in postsecondary education) unless the agency or institution has authorized the redisclosure under a FERPA exception and the agency or institution records the subsequent disclosure. An example of such a disclosure is when Paola Brown LLC is requested by a school district to assist the district in the transfer of the student records from our system to another system.

Paola Brown LLC will not sell or otherwise use or redisclose education records for targeted advertising or marketing purposes. Paola Brown LLC does not allow advertising within its products, and therefore there is no behavioral or targeted advertising. Paola Brown LLC uses data within its products only to deliver the services contracted by the educational institution. Paola Brown LLC may use anonymized, non-PII data internally to improve the products and services it delivers to EAs.

HIPAA COMPLIANCE
Paola Brown LLC understands that medical information about our users’ health is personal “ProtectedHealth Information” (“PHI”) and we are committed to protecting that medical information. We do not directly collect or solicit health-related information from our users, but recognize that PHI may be inadvertently shared within User Generated Content. Paola Brown LLC maintains HIPAA-compliant methodologies of storing and delivering User Generated Content and strives to comply with HIPAA.

DISCLOSURE
We may disclose personal information (1) if it’s in response to a legal process, e.g. in response to a court order or subpoena, or in response to a law enforcement agency’s requests, (2) in response to a charge-back inquiry from our merchant bank about your payment for products, or (3) if you violate our Terms of Service.

THIRD PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.

However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions. For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.

In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.

As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.

Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.

When you click on links in our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.

YOUR CONSENT
By using this site or our Service, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site. If you don’t provide an email address, you will be unable to create a user account to access purchase history.

UPDATES TO YOUR CONSENT
If after you opt-in for emails or subscriptions, and you change your mind, you may cancel these at any time by unsubscribing at the bottom of our emails.

QUESTIONS
If you have any further questions, or need additional information, please contact us via the contact page.