Privacy Policy
Table of Contents
- INFORMATION WE COLLECT ABOUT YOU
- HOW WE USE YOUR INFORMATION
- LINKS TO OTHER WEBSITES
- INFORMATION SECURITY
- DATA RETENTION
- YOUR CHOICES
- NOTICE TO CALIFORNIA RESIDENTS
- NOTICE TO INDIVIDUALS IN THE EUROPEAN ECONOMIC AREA OR OUTSIDE THE EEA, SWITZERLAND, AND THE UK
- GEOGRAPHIC LOCATION OF DATA STORAGE AND PROCESSING
- ACCESSING, CORRECTING, OR DELETING YOUR INFORMATION
- CHILDREN'S INFORMATION
- CHANGES TO THIS PRIVACY POLICY
- HOW TO CONTACT US
Haro Bikes (hereinafter referred to as "Haro Bikes," "us," "we," "our," or "Company") has created this Privacy Policy to apply to all users of this website, www.harobikes.com and all digital assets contained or offered therein (collectively, our "Services"). This Privacy Policy describes, among other things, the types of information we collect from users when you use our Services, how we use it, and how you can access your information.
This Privacy Policy is integrated into our Terms & Conditions of Use ("Terms & Conditions"). By using the Services and providing us with personal Information (defined below), you agree to the practices described in this Privacy Policy and to the updates to these policies posted here from time to time.
If you are a California resident, please click here for your California privacy rights, which supplements the Privacy Policy as to California Residents only.
If you are based outside of the United States, in the European Economic Area ("EEA") or outside the European Economic Area, Switzerland, and the UK, this Privacy Policy serves as notice of how we process your Personal Data (defined below) for which we are a Controller. Please click here for your EU privacy rights, which supplements the Privacy Policy as to users located in the EEA, EU, or UK only. If we require your consent, we will request it formally, in adherence to applicable data protection laws.
To make sure you stay informed of all changes, you should check these policies periodically. Updates will be referenced by the "Last Updated" date shown below.
I. INFORMATION WE COLLECT ABOUT YOU
We may collect the following types of personal data about you which are described in more detail below: (A) information you provide to us, and (B) information we may automatically collect. The information listed in (A) & (B) above, are detailed below, and hereinafter referred to as "Information."
A. Information You Provide to Us:
In using our Services, you may provide us with Information, including, without limitation:
- Contact information such as name, email address, postal address, and telephone number(s);
- Birthdate;
- Payment and transaction information including credit or bank card information;
- Additional information as otherwise described to you at the point of collection or pursuant to your consent.
B. Information We May Automatically Collect About You:
Our Services may automatically collect certain Information about you. We use this Information to help us design our Services to better suit our users' needs. This Information may include:
- IP address, which is the number associated with the service through which you access the Internet, like your ISP (Internet service provider);
- Date and time of your visit or use of our Services;
- Domain server from which you are using our Services;
- Type of computer, web browsers, search engine used, operating system, or platform you use;
- Data identifying the web pages you visited prior to and after visiting our website or use of our Services; and
- Your movement and activity within the website, which is aggregated with other information;
- Geographic data such as country or region;
- Mobile device information, including the type of device you use, operating system version, and the device identifier (or "UDID"); and
- Mobile application identification and behavior, use, and aggregated usage, performance data, and where the application was downloaded from.
1. Cookies & Technologies Used to Collect Information About You
We collect the above Information directly and through the use of third parties. We collect this Information by using certain technologies, such as cookies, web beacons, and other technologies. Third-party service providers, advertisers, and/or partners may also view, edit, or set their own cookies or place web beacons.
- Cookies (or browser cookies). Cookies are small digital files that are transferred to your computer or smartphone's hard drive when you visit a website or click on a URL. Most web browsers automatically accept cookies. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting, you may be unable to access certain parts of our Services. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Services.
- Flash Cookies. We may use local shared objects, also known as Flash cookies, to store your preferences such as volume control or display content based upon what you view on our site to personalize your visit. Third parties, with whom we partner to provide certain features or to display advertising based upon your browsing activity, use Flash cookies to collect and store information. Flash cookies are different from browser cookies because of the amount of, type of, and how data is stored. Cookie management tools provided by your browser will not remove Flash cookies.
- Web Beacons. Website pages may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages and for other related statistics (for example, recording the popularity of certain content and verifying system and server integrity). We also use these technical methods to analyze the traffic patterns, such as the frequency with which our users visit various parts of the Services. These technical methods may involve the transmission of Information either directly to us or to a third party authorized by us to collect Information on our behalf. Our Services may use retargeting pixels from Google, Facebook, and other ad networks. We may also use web beacons in HTML emails that we send to determine whether the recipients have opened those emails and/or clicked on links in those emails.
- Analytics. Analytics are tools we use, such as Google Analytics and Shopify Analytics, to help provide us with information about traffic to our website and use of our Services, which Google or Shopify may share with other services and websites who use the collected data to contextualize and personalize the ads of its own advertising network. Learn more about Google's Privacy Policy here: https://policies.google.com/privacy?hl=en-US. You can opt-out of having your activity on our Services made available to Google Analytics by installing the Google Analytics opt-out add-on for your web browser by visiting: https://tools.google.com/dlpage/gaoptout for your web browser. Learn more about Shopify's Privacy Policy here: https://www.shopify.com/legal/privacy and Cookie Notice here: https://www.shopify.com/legal/cookies.
- Mobile Application Technologies. If you access our website and Services through a mobile device, we may automatically collect Information about your device, your phone number, and your physical location.
C. Information We May Receive from Third Parties
We may collect additional Information about you from third-party websites, social media platforms, such as, but not limited, to Facebook, Twitter, Instagram, YouTube, Tik-Tok ("Social Media Platforms"), and/or sources providing publicly-available information (e.g., from the U.S. postal service) to help us provide services to you, help prevent fraud, and for marketing and advertising purposes.
This Privacy Policy only applies to Information collected by our Services. We are not responsible for the privacy and security practices of those other websites or Social Media Platforms or the Information they may collect (which may include IP address). You should contact such third parties directly to determine their respective privacy policies. Links to any other website's or content do not constitute or imply an endorsement or recommendation by us of the linked website, Social Media Platform, and/or content.
II. HOW WE USE YOUR INFORMATION
A. Use and Purpose of Processing Your Information
We use and process your Information for things that may include, but are not limited to, the following:
- To respond to your inquiries and provide you with requested information and other communications, including by email;
- To process your product registration request;
- To send you our newsletter and other correspondence you request;
- To help you locate a dealer location near you;
- For general or targeted marketing and advertising purposes, including sending you promotional material or special offers on our behalf or on behalf of our marketing partners and/or their respective affiliates and subsidiaries and other third parties, provided that you have not already opted-out of receiving such communications;
- To fulfill your order;
- To manage, improve, and foster relationships with third-party service providers, including vendors, suppliers, and parents, affiliates, subsidiaries, and business partners;
- To maintain, improve, customize, or administer the Services, perform business analyses, or other internal purposes to improve the quality of our business, the Services, resolve technical problems, or improve security or develop other products and services;
- To comply with our Terms & Conditions;
- For analytics for business purposes and business intelligence;
- To comply with any applicable laws and regulations and respond to lawful requests; and/or
- For any other purposes disclosed to you at the time we collect your Information and/or pursuant to your consent.
B. Sharing Your Information
We use and process your Information for things that may include, but are not limited to, the following:
- Third-Party Service Providers. We may share your Information with third-party service providers or data processors that perform certain functions or services on our behalf (such as to host the Services, store or manage the data, perform analyses, process payments, provide customer service, or send communications for us). These third-party service providers will process this data only for purposes specified by Haro Bikes. In some instances, we may aggregate Information we collect so third parties do not have access to your identifiable Information to identify you individually.
- Disclosure of Information for Legal and Administrative Reasons. We may disclose your Information without notice: (i) when required to by law or to comply with a court order, subpoena, search warrant, or other legal process; (ii) to cooperate or undertake an internal or external investigation or audit; (iii) to comply with legal, regulatory, or administrative requirements of governmental authorities (including, without limitation, requests from the governmental agency authorities to view your Information); (iv) to protect and defend the rights, property, or safety of us, our subsidiaries and affiliates and any of their officers, directors, employees, attorneys, agents, contractors and partners, and the website Service users; (v) to enforce or apply our Terms & Conditions; and (vi) to verify the identity of the user of our Services.
- Business Transfers. Your Information may be transferred, sold, or otherwise conveyed ("Conveyances") to a third party where we: (i) merge with or are acquired by another business entity; (ii) sell all or substantially all of our assets; (iii) are adjudicated bankrupt; or (iv) are liquidated or otherwise reorganize. You agree to any and all such Conveyances of your Information.
- Aggregate and Deidentified Data. We may share general Information, aggregated data or publish information based on aggregated data. However, we will only do so in a way that your personal identity is protected.
- Online Communications. Any information you submit in a public forum (e.g., a blog or social network) may be read, collected, or used by us and other participants, and could be used to personalize your experience. You are responsible for the information you choose to submit in these instances.
- With Your Consent. We may share Information consistent with this Privacy Policy with your consent.
III. LINKS TO OTHER WEBSITES
Occasionally, at our discretion, we may link to third party sites or content on our Services, such as to help you locate a Haro Dealer near you ("Third-Party Websites"). We may do this for the convenience of you and other users of the Services, but we do not have control over the operation of these third-party websites. These third-party sites have separate and independent privacy notices. We, therefore, have no responsibility or liability for the content and activities of these linked sites.
In addition, from our Services you may be able to interact with social media sites ("Social Media Platforms"), for example, by "liking" us on Facebook. If you choose to click on a link to one of these Third-Party Websites or choose to interact with or through a Social Media Platform, your activities are not governed by this Privacy Policy and will be governed by the privacy policy on that Third-Party Website or Social Media Platform. Please review their privacy policies and terms of service before disclosing any Information there. Haro Bikes does not review, does not endorse, and is not responsible for the privacy practices of these Third-Party Websites and Social Media Platforms.
We may also maintain a Haro Bikes page on Facebook or other Social Media Platforms. Those pages and your interaction with them are governed by the privacy policies of Facebook or other relevant Social Media Platform, and not our Privacy Policy. As with other Third-Party Websites, Haro Bikes does not endorse and is not responsible for the privacy practices of these forums, although we may have a presence on them.
IV. INFORMATION SECURITY
We use commercially reasonable measures to provide our Services. However, you should assume that no data transmitted over the Internet or stored or maintained by us or our third-party service providers can be 100% secure. Therefore, although we believe the measures implemented by us reduce the likelihood of security problems to a level appropriate to the type of data involved, we do not promise or guarantee, and you should not expect, that your Information or private communications will always remain private or secure. We do not guarantee that your Information will not be misused by third parties. We are not responsible for the circumvention of any privacy settings or security features. You agree that we will not have any liability for misuse, access, acquisition, deletion, or disclosure of your Information.
If you believe that your Information has been accessed or acquired by an unauthorized person, you shall promptly How to Contact Us so that necessary measures can quickly be taken.
V. DATA RETENTION
We will retain your Information for as long as needed to provide you Services. If you wish to request that we no longer use your Information to provide you Services, please contact us at privacy@harobikes.com. We will retain and use your Information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. In accordance with our routine record keeping, we may delete certain records that contain Information you have submitted to us. We are under no obligation to store such Information indefinitely and disclaim any liability arising out of, or related to, the destruction of such Information.
VI. YOUR CHOICES
- Email. By using our Services, you agree that we may contact you by email as set forth herein. If you do not want to receive marketing and promotional emails from us, you may click on the "unsubscribe" link in the email to unsubscribe and opt-out of marketing email communications or How to Contact Us.
- Cookies. If you want to delete any cookies that are already on your computer, please refer to your file management software to locate the file or directory that stores cookies. Other information on deleting or controlling cookies is available at www.allaboutcookies.org. Please note that by deleting cookies or disabling future cookies, you may not be able to access certain areas or features of our Services.
- Opting Out of Direct Marketing. To exercise choices regarding the marketing information you receive, you may also review the following links:
- You may opt-out of tracking and receiving tailored advertisements on your mobile device by some mobile advertising companies and other similar entities by downloading the App Choices app at www.aboutads.info/appchoices.
- You may opt-out of receiving permissible targeted advertisements by using the NAI Opt-out tool available at https://optout.networkadvertising.org/?c=1 or visiting About Ads at https://optout.aboutads.info.
- You can opt-out of having your activity on our Services made available to Google Analytics by installing the Google Analytics opt-out add-on for your web browser by visiting: https://tools.google.com/dlpage/gaoptout for your web browser.
VII. NOTICE TO CALIFORNIA RESIDENTS
To the extent any California data privacy law applies to the collection of your Information, this supplemental section of our Privacy Policy outlines how California residents can receive their Personal Information and what you can receive and applies solely to California residents. We provide the supplemental selection below to comply with the California Consumer Privacy Act of 2018 ("CCPA"), and any terms defined in the CCPA have the same meaning when used below.
A. Access to Specific Information and Data Portability Rights
California residents have the right to request that Haro Bikes disclose certain information to you about Haro Bikes' collection and use of your personal Information over the past twelve (12) months. Once Haro Bikes receives and confirms a verifiable consumer request from you, Haro Bikes will disclose to you, to the extent permitted by law:
- The categories of personal Information Haro Bikes collected about you.
- The categories of sources for your personal Information Haro Bikes collected about you.
- Haro Bikes' business or commercial purpose for collecting your personal Information.
- The categories of third parties with whom Haro Bikes shares your personal Information.
- If we disclosed your personal Information for a business purpose, the personal Information categories that each category of recipient obtained.
You shall have the right to request that the Information described above be provided to you in a portable and readily usable format, to the extent technically feasible ("data portability").
Haro Bikes does not sell your personal Information.
B. Deletion Request Rights
You have the right to request that Haro Bikes delete certain of your personal Information that Haro Bikes collected from and/or related to you and retained, subject to certain exceptions.
To the extent that Haro Bikes can delete your personal Information, once Haro Bikes receives and confirms your verifiable consumer request, Haro Bikes will delete (and direct our service providers to delete) your personal Information, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service providers to:
- Complete the transaction for which we collected your personal Information, provide a good or service that you requested, or take actions reasonably anticipated within the context of our ongoing business relationship with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
C. Exercising Your Access, Data Portability, and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to Haro Bikes by either:
Contacting us at privacy@harobikes.com; or
Calling Haro Bikes, at 1-800-289-4276
Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal Information. You may also make a verifiable consumer request on behalf of your minor child.
You may only make a verifiable consumer request for access or data portability twice within a twelve (12) month period. The verifiable consumer request must:
- Provide sufficient information that allows Haro Bikes to reasonably verify you are the person about whom Haro Bikes collected personal Information or an authorized representative.
- Describe your request with sufficient detail that allows Haro Bikes to properly understand, evaluate, and respond to it.
D. Non-Discrimination
We may not, and will not, treat you differently because you of your Data Subject Request activity. As a result of your Data Subject Request activity, we may not and will not deny goods or services to you, charge different rates for goods or services, provide a different level quality of goods or services, or suggest any of the preceding will occur. However, we can and may charge you a different rate, or provide a different level of quality, if the difference is reasonably related to the value provided by your personal Information.
E. Verifying Requests
To help protect your privacy and maintain security, if you request access to or deletion of your personal Information, we will take steps and may require you to provide certain information to verify your identity before granting you access to your personal Information or complying with your request. In addition, if you ask us to provide you with specific pieces of personal Information, we may require you to sign a declaration under penalty of perjury that you are the consumer whose personal Information is the subject of the request. If you designate an authorized agent to make a request on your behalf, we may require you to provide the authorized agent written permission to do so and to verify your own identity directly with us (as described above).
F. Authorized Agents
You may use an authorized agent to submit an access or deletion request. If you elect to use an authorized agent, you must provide the authorized agent with written authorization. In addition, you may be required to verify your identity directly with us. We may deny a request from an agent that does not provide written proof of authorization or if the agent fails to provide sufficient information needed to verify your identity. Such requirements shall not apply you provide the authorized agent with power of attorney, pursuant to Cal. Prob. Code Sections 4000 to 4465.
G. Shine the Light Requests
California Civil Code Section 1798.83 permits you to opt out of the disclosure of your personal Information by Haro Bikes to third parties for the third parties' direct marketing purposes. To make an opt-out request of such disclosures, please send an email to privacy@harobikes.com.
H. Additional Information
To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request. This Statement is available in alternative formats upon request by contacting us at privacy@harobikes.com.
VIII. NOTICE TO INDIVIDUALS IN THE EUROPEAN ECONOMIC AREA OR OUTSIDE THE EEA, SWITZERLAND, AND THE UK
This Section is included in this Privacy Policy to comply with the requirements of European Data Protection Legislation and certain Non-European Data Protection Legislation. It applies only to individuals coming to our Services from within the European Economic Area (EEA) or outside the EEA, Switzerland, and the UK and only if we collect through the Services any Personal Data as defined in such laws (which may include some or all of your Information as defined in this Privacy Policy).
A. Controller
Haro Bikes is the controller for the Information (as defined above in Section II) we process, unless otherwise stated.
Email: privacy@harobikes.com
Call us: 1-800-289-4276
Write us: Haro Bikes
1230 Avenida Chelsea
Vista, CA 92081
B. Your Data Protection Rights
To the extent any European Data Protection Legislation and certain Non-European Data Protection Legislation apply, and we hold such personal data in our capacity as a data controller as defined under those laws, you may request that we:
- Restrict the way that we process and share your personal data;
- Transfer your personal data to a third party;
- Revoke your consent for processing of your personal data;
- Provide you with access to your personal data;
- Remove your personal data if no longer necessary for the purposes collected;
- Update your personal data so it is correct and not out of date; and/or
- Object to our processing of your personal data.
If you wish to object to the use and processing of your personal data or withdraw consent to this Privacy Policy, you can contact us in the following ways:
Email: privacy@harobikes.com
Call us: 1-800-289-4276
Write us: Haro Bikes
1230 Avenida Chelsea
Vista, CA 92081
The requests above will be considered and responded to in the time-period stated by applicable law. Note, certain Information may be exempt from such requests. We may require additional information from you to confirm your identity in responding to such requests. You have the right to lodge a complaint with the supervisory authorities applicable to you and your situation, although we invite you to contact us with any concern as we would be happy to try and resolve it directly. Please contact us at:
Email: privacy@harobikes.com
Call us: 1-800-289-4276
Write us: Haro Bikes
1230 Avenida Chelsea
Vista, CA 92081
C. Lawful Basis for Processing Your Information
As described throughout this Privacy Policy, we believe the foregoing handling of your Information, which may include your personal data, furthers our legitimate interests in commercial activities that are not overridden by the interest or fundamental rights and freedoms of the individuals at issue. Depending on what personal data we collect from you and how we collect it, we rely on various grounds for processing your personal data, including the following reasons:
- To administer our contractual relationship, including setting up any services you may request;
- Because it is in our legitimate interest to effectively and efficiently operate our business and provide you with the services offered through the Services and other useful content and for other marketing, design, and advertising purposes;
- To process employee data, prevent against fraud, provide technology security, and other necessary operational matters;
- In order to fulfill any legal obligations, we may have to collect this Information from you; and/or
- Because you have provided your consent for us to do so.
If the processing of your Information is based on your consent, European Data Protection Legislation and certain Non-European Data Protection Legislation also allows users the right to access, revoke or modify your consent at any time. Please see the How to Contact Us section, below, to review or modify your consents.
D. Consent to Transfer
Haro Bikes is operated in the United States and we may use service providers based in the United States to operate our business and our relationship with you. Please be aware that Information, including your Personal Data, that we collect will be transferred to, stored, and processed in the United States, a jurisdiction in which the privacy laws may not be as comprehensive as those in the country where you reside and/or are a citizen. We collect and transfer to the U.S. only Information, including Personal Data: with your consent; to perform a contract with you; or to fulfill a compelling legitimate interest of Haro Bikes in a manner that does not outweigh your rights and freedoms. We endeavor to apply suitable safeguards to protect the privacy and security of your personal data and to use it only consistent with your relationship with us and the practices described in this Privacy Policy. We also enter into data processing agreements and model clauses with vendors whenever feasible and appropriate
IX. GEOGRAPHIC LOCATION OF DATA STORAGE AND PROCESSING
Our Services are operated in the United States. However, we may collect, process, and store that Information in databases located outside of the United States. As such, we may store and process Information on servers located outside of the country where you originally deposited the data. If you are visiting the Services from a country outside the United States, you should be aware that you may transfer personally identifiable information about yourself to the United States, and that the data protection laws of the United States may not be as comprehensive as those in your own country. We collect and transfer to the U.S. only Information, including personal data: with your consent; to perform a contract with you; or to fulfill a compelling legitimate interest of Haro Bikes in a manner that does not outweigh your rights and freedoms. We endeavor to apply suitable safeguards to protect the privacy and security of your personal data and to use it only consistent with your relationship with us and the practices described in this Privacy Policy. We also enter into data processing agreements and model clauses with vendors whenever feasible and appropriate. By visiting our Services and submitting Information you consent to the transfer of such Information to the United States.
X. ACCESSING, CORRECTING, OR DELETING YOUR INFORMATION
To the extent other state laws provide users with additional data subject rights, those rights may be honored by the Company following proper authentication and verification. Please see the How to Contact Us section below for more information.
XI. CHILDREN'S INFORMATION
The Services are intended only for users over the age of eighteen (18). If we become aware that a user is under thirteen (13) (or a higher age threshold where applicable) and has provided us with Information, we will take steps to comply with any applicable legal requirement to remove such Information. Contact us if you believe that we have mistakenly or unintentionally collected Information from a child under the age of thirteen (13).
XII. CHANGES TO THIS PRIVACY POLICY
We reserve the right to change, modify or amend this Privacy Policy at any time to reflect changes in our products and service offerings, accommodate new technologies, regulatory requirements, or other purposes. If we modify our Privacy Policy, we will update the "Last Updated" date below and such changes will be effective upon posting. It is your obligation to check our current Privacy Policy for any changes.
XIII. HOW TO CONTACT US
If you have any questions about this Privacy Policy or the Information we have collected about you, please contact us at the following:
Email: privacy@harobikes.com
Call us: 1-800-289-4276
Write us: Haro Bikes
1230 Avenida Chelsea
Vista, CA 92081
Last Updated: June 15, 2021