Privacy Policy

Privacy Policy

Privacy Policy

At Pandora's Way, we believe in Privacy by Design. We do our very best to protect you and your family's privacy. We only collect what we need to provide you the best service. And we don't sell your data.

Last Updated: May 7, 2025

PANDORA’S WAY LTD. (the “Corporation”, “we” or “us”) respects your privacy and is committed to protecting it through our compliance with this website privacy policy (this “Privacy Policy”).

This Privacy Policy describes the types of information that We may collect from you or that you may provide when you visit the website: pandorasway.com (our “Website”) and our practices for collecting, using, maintaining, transmitting, protecting, and disclosing such information.

This Privacy Policy applies to information We collect:

  • in email, text, and other electronic messages between you and the Corporation or through links to our Website;

  • through mobile and desktop applications you download from our Website, which provide dedicated non-browser-based interaction between you and our Website;

  • through social media pages controlled by Us or that We interact with; and

  • when you interact with our advertising and applications on our Website or on third-party websites and services if those applications or advertising include links to this Privacy Policy; 

This Privacy Policy shall not apply to information collected by:

  • Us offline or through any other means including, without limitation, on any other website other than our Website operated by the Corporation or any third party; or

  • Any third party, including information collected by any third party through any application or content that may link to or be accessible from or on our Website.

PLEASE READ THIS PRIVACY POLICY CAREFULLY TO UNDERSTAND OUR POLICIES AND PRACTICES REGARDING YOUR INFORMATION AND HOW WE WILL TREAT IT. IF YOU DO NOT AGREE WITH OUR POLICIES AND PRACTICES, YOU DO NOT HAVE OUR PERMISSION TO USE OUR WEBSITE. BY ACCESSING OR USING OUR WEBSITE, YOU AGREE TO THIS PRIVACY POLICY. WE MAY UPDATE, REVISE OR MODIFY ALL OR A PORTION OF THIS PRIVACY POLICY FROM TIME TO TIME (SEE SECTION 3, ENTITLED CHANGES TO OUR PRIVACY POLICY). YOUR CONTINUED USE OF OUR WEBSITE AFTER WE MAKE SUCH UPDATES, REVISIONS OR MODIFICATIONS IS DEEMED TO BE ACCEPTANCE OF SUCH UPDATES, REVISIONS OR MODIFICATIONS; SO, IT IS IMPERATIVE THAT YOU CONSULT THIS PRIVACY POLICY PERIODICALLY FOR UPDATES.

  1. This Privacy Policy explains:

    1. Websites Covered by This Privacy Policy

    2. Changes to Our Privacy Policy

    3. Contact Information

    4. Types of Information We Collect

    5. How We Use Your Information and Who We May Share It With

    6. Third-Party Links & Content

    7. Security and Data Location

    8. WHAT ARE YOUR PRIVACY RIGHTS?

  2. Websites Covered by This Privacy Policy.

    1. Our Website may from time-to-time link to third-party websites for your convenience and to provide easy access to additional useful information.  Should you select such a link you will leave our Website.  We do not control those sites nor their privacy practices, which may differ from our practices and policies.  Any personal data you choose to provide to or that is collected by such third parties is not in any way covered by this Privacy Policy.  We recommend that you read over such website’s privacy policy before providing any Personal Information.  A link to another website from Us does not constitute an endorsement or representation about the value, quality, or usefulness of anything found on that third-party website.

    2. Social Media Pages” are the official social media pages We operate on Facebook, X (formerly known as Twitter), Instagram, LinkedIn, Youtube, TikTok and other social media platforms. The term “Platform” means, collectively, our Website and Social Media Pages. 

    3. PLEASE BE AWARE THAT IF YOU ELECT TO HAVE US SHARE YOUR INFORMATION WITH THIRD PARTIES, THOSE ELECTIONS TO HAVE YOUR INFORMATION SHARED WILL SUPERSEDE ANYTHING TO THE CONTRARY IN THIS PRIVACY POLICY.

  3. Changes to Our Privacy Policy.

    1. We reserve the right to amend this Privacy Policy at our discretion and at any time.  It is our policy to post any changes We make to this Privacy Policy with a notice that this Privacy Policy has been updated on our Website home page.  If We make material changes to how We treat our users’ Personal Information, We will notify you by email to the primary email address specified in your account and/or through a notice on our Website home page.  The date this Privacy Policy was last revised is identified at the top of the page.  You are responsible for ensuring We have an active, up-to-date, and deliverable email address for you, and for periodically visiting our Website and this Privacy Policy to check for any changes.  Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.

    2. PLEASE NOTE THAT FOR CALIFORNIA RESIDENTS THE CALIFORNIA CONSUMER PRIVACY ACT (“CCPA”) AS REVISED BY THE CALIFORNIA PRIVACY RIGHTS ACT (“CPRA”) WILL GOVERN OUR USE AND YOUR RIGHTS WITH REGARD TO YOUR PERSONAL INFORMATION.

  4. Contact Information.  You have the right to request information with respect to the types of Personal Information We share with third parties and the identities of the third parties with whom We have shared such information during the immediately preceding calendar year. To obtain this information, please submit a request via email to privacy@pandorasway.com.;  Please allow up to thirty (30) days for a response.

  5. Types of Information We Collect.

    1. When you access our Website, We collect several types of information from and about users of our Website, depending on the context of your interactions with Us and our Website (“Personal Information”), including information:

      1. by which you may be personally identified, such as: name, e-mail address, telephone number, gender, ZIP code/postal code, or other additional information supplied by you, by which you may be contacted online or offline 

      2. necessary to process your payment if you make purchases, including payment details such as your payment instrument number (i.e., a credit card number), and the security code associated with your payment instrument, collected in connection with an order, a return, a promotion, contest, or fundraising event.  All payment data is stored after tokenizing your account, or collected in connection with your shopping history with Us, including the items you purchase);

      3. If you email, text, or chat with Us, We may keep records of those conversations.

    2. We collect this information:

      1. directly from you when you provide it to Us;

      2. automatically as you navigate through the site, or use our services.  Information collected automatically may include usage details, IP addresses, and information collected through cookies.

  6. Information You Provide to Us.

    1. The information We collect on or through our Website may include, but is not limited to:

      1. information that you provide by filling in forms on our Website.  This includes information provided at the time of registering to use our Website, and services requested; and

      2. records and copies of your correspondence (including email addresses and related contact information) if you contact Us;

    2. We may take your Personal Information and de-identify it so as to make it non-personally identifiable, either by combining it with information about other individuals and/or by hashing the information or otherwise removing characteristics that make the information personally identifiable directly to you.  We will treat de-identified information as non-personal to the fullest extent allowed by applicable law.

  7. Community Forums and User Submission. 

    1. Through our communication functionality and interactive features (“Community Forums”), you may have the opportunity to submit information to us.  Any and all information and content that you submit or post to the Community Forums, including, without limitation, photos, audio, video, messages, text, files, reviews, or other content you provide us and as further described in our Terms of Use shall be classified as User Submissions (“User Submissions”).  Your User Submissions may be subject to additional terms as provided in our Terms of Use, located at [LINK] which We ask that you review as your use of and submission of information to Us is deemed as an acceptance of our Terms of Use. Additionally, some features, such as user review, may be operated by a third party and your postings also may be subject to the third party’s privacy policy and terms of use. 

    2. Please note that certain information, such as your name and/or place of residence, may be publicly displayed on our Website along with your User Submissions.  Your use of any Community Forum is subject to our Terms of Use, including without limitation the “User Submissions” section.  Note that anything you submit through a public-facing Community Forum may be made public – others will have access to your User Submission and may use it or share it with third parties.  We are not responsible for the actions of third parties, and the use of your information and other User Submissions by such third parties is not subject to the protections of this Privacy Policy.

    3. Social Networking Features. Functionality on the Website may permit interactions between the Website and a third-party service such as Facebook or Instagram (“Social Networking Features”).  Examples of Social Networking Features include enabling you to “Like” or “Share” content from the Website or to “Like” or “Share” our page on a third-party service; to automatically or selectively show your social media posts on the Website; and to otherwise connect the Website to a third-party service.  If you choose to share content or to otherwise post information through our Website to a third-party service, or vice versa, that information may be publicly displayed.  Similarly, if you post information on a third-party service that references us (for example, by using a hashtag associated with us in your post), your post may be published on the Website or otherwise in accordance with the terms of that third party.  Also, both We and the third party may have access to certain information about you and your use of the Website and the third-party service.  These third-party social networking companies may collect information about your visit to a Platform through the Social Networking Features we have integrated into the Platform, and - if you are signed into your account with such a third-party social networking company – it may collect additional information in accordance with the terms of your agreement with that company.  In addition, we may receive information about you if other users of a third-party service give us access to their profiles and you are one of their “Connections” or information about you is otherwise accessible through your profile or similar page on a social networking or other third-party service.  The information we collect in connection with Social Networking Features is subject to this Privacy Policy.  The information collected and stored by the third party remains subject to the third party’s privacy practices, including whether the third party continues to share information with Us, the types of information shared, and your choices with regard to what is visible to others on that third-party service.

    4. We may make available on the Platforms a “Send-to-a-Friend,” “Refer a Friend,” “Wish List” or similar function that permits you to send Platform content directly to a third party through the Platforms.  If you send a friend a communication using such functionality, the information you provide about your friend (e.g., name and e-mail address) is used to facilitate the communication and is not used for any other marketing purpose unless We obtain consent from that person.  If you disclose any personal information relating to other people, you represent that you have the authority to do so and to permit Us to use the information in accordance with this Privacy Policy.

    5. All personal information that you provide to Us must be true, complete, and accurate, and you must notify Us of any changes to such personal information.

    6. Employment Applications. If you apply for a job through the Website, We or our service provider(s) may ask you to provide self-identifying information (such as veteran status, gender, and ethnicity) in conjunction with laws and regulations enforced by, as applicable, the Equal Employment Opportunity Commission and other federal, state, provincial/territorial, and local regulatory agencies.  Providing such self-identifying information is voluntary, but if you do provide such information, We and/or our service provider may submit that information to the appropriate government or regulatory agencies to fulfill reporting requirements and use that information to defend against employment-related complaints.

  8. Information We Collect Through Automatic Data Collection Technologies.

    1. As you navigate through and interact with our Website, We may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:

      1. details of your visits to our Website, including traffic data, location data, logs, and other communication data, and the resources that you access and use on our Website; and

      2. information about your device and internet connection, including your IP address, operating system, and browser type.

    2. The information We collect automatically is only statistical data and does not include Personal Information, but We may maintain it or associate it with the Personal Information that We collect in other ways or receive from third parties.  It helps Us to improve our Website and to deliver a better and more personalized service, including by enabling Us to:

      1. estimate our audience size and usage patterns; and

      2. to protect our Services.  We may use your information as part of our efforts to keep our Website safe and secure (e.g., for fraud monitoring and prevention).

    3. The technologies We use for this automatic data collection may include:

      1. Cookies (or browser cookies).  A cookie is a small file placed on the hard drive of your computer.  You may refuse to accept browser cookies by activating the appropriate setting on your browser.  However, if you select this setting, you may be unable to access certain parts of our Website.  Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website.  These technologies are able to store a unique identifier for a device to allow a certain internet site to recognize the device whenever the device is used to visit the site.  These technologies may be used for many purposes by Us and our third-party service providers, such as automatically collecting usage information, enabling features, remembering your preferences, and providing you with targeted advertising elsewhere online.  If you do not want to accept cookies, you can block them by adjusting the settings on your internet browser.  You can find more information about cookies and how they work at www.allaboutcookies.org.

      2. Web Beacons.  Pages of our Website may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Corporation, for example, to count users who have visited those pages and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

      3. Web Browsers.  Certain browsers, or browser add-ons, may provide additional local data storage mechanisms that are used in a manner similar to cookies, and some of the content included on our Website may make use of this local storage.

      4. Embedded Scripts.  An embedded script is programming code that is designed to collect information about your interactions with our Website, such as the links you click on.  The code is temporarily downloaded onto your device from our server or a third-party service provider, is active only while you are connected and is deactivated or deleted thereafter.

We do not collect Personal Information automatically, but We may tie this Personal Information to personal information about you that We collect from other sources, or you provide to us.

  1. Third-Party Use of Cookies and Other Tracking Technologies.

    1. Some content or applications on our Website are served by third parties, including, without limitation, advertisers, advertising networks and servers, content providers, and application providers (each, a “Third-Party Data Collector”).  The Third-Party Data Collector may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our Website.  The information a Third-Party Data Collector collects may be associated with your personal information, or your online activities over time, across external websites and other online services.  A Third-Party Data Collector may use this information to provide you with interest-based (behavioral) advertising or other targeted content.

    2. We do not control the tracking technologies of any Third-Party Data Collector nor how information collected by any Third-Party Data Collector may be used.  If you have any questions about an advertisement or other targeted content, you should contact the relevant Third-Party Data Collector directly.

    3. We also contract with third party advertising, analytics companies or other service providers to perform certain services on our behalf, such as online ads on other websites, hosting the Platforms or Platform features, delivering packages, processing credit card payments, processing transactions and fulfilling orders, removing repetitive information from customer lists, providing customer service, providing website usage analytics, providing search results and links (including paid listings and links), providing targeted advertising, sending email, direct mail or other communications, providing marketing assistance and data analysis or enhancement, or performing other administrative services.  These companies use cookies or similar technologies to collect information about your interactions with our Platforms and interactions with other websites.  These advertising companies may use and share the information gathered to deliver ads more tailored to your interests.  We receive aggregate information from these third parties to understand our advertising effectiveness.  Any information collected by Us or by third parties through the use of cookies or similar technologies may be linked with other information We collect about you.  We may give these service providers access to your information (or allow them to collect information from or about you) so that they can carry out the services they are performing for you or for the Corporation.  These third parties share information they have collected with Us.  Your information may also be collected and processed by third parties, such as the payment providers you select, who will process your information independently in accordance with their own privacy notices.  Your information may also be shared with Us by others, such as your friends and family, when they use a service on our Platforms; for example, by sending you an E-Gift Card or shipping an order to your address.  If someone else has provided Us with your information, We will only process your information for the applicable purpose(s) as described below in this Policy.

  1. Do We Collect Information From Minors?  Our Platforms are general audience points of contact and are not directed at children under the age of thirteen (13). Further, We do not knowingly solicit data from nor market to children under eighteen (18) years of age.  By using our Website, you represent that you are at least eighteen (18) years of age or that you are the parent or guardian of such a minor and have consented to such child’s direct use of our Website.

  2. What Categories of Personal Information Do We Collect?

    1. We have collected the following categories of personal information in the past twelve (12) months:

      1. Identifiers.  Contact details, such as real name, alias, postal address, telephone or mobile contact number, unique personal identifier, online identifier, device identifier, date of birth (or partial DOB such as birth day and month), Internet Protocol (IP) address, email address and account name; or other similar identifiers.

      2. Personal information.  This may include, your name, signature, contact information, address, or telephone number.

      3. Financial Information.  This may include credit card number, debit card number, and other financial information.

      4. Protected Classification Characteristics Under Federal Law.  The classification characteristics include: age, ethnicity or national origin, religion or creed, marital status, physical or mental disability, sex (including gender, gender identity, or gender expression), pregnancy or childbirth.

      5. Internet or Other Similar Network Activities.  This includes browsing history, search history, online behavior, interest data, and interactions with our and other websites, applications, systems, and advertisements.  This category includes: the hardware model, browser, and operating system you are using; the URL or advertisement that referred you to the Platform you are visiting; all of the areas within the Platforms that you visit; devices you have used to access the Platforms; login information (such as your last login); your time zone; location information based off your IP address; and mobile network (if applicable).

      6. Inferences Drawn From Other Personal Information.  Inferences drawn from any of the collected personal information listed above to create a profile or summary about, for example, an individual’s preferences and characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitude.

    2. Personal Information does not include: Publicly available information from government records, deidentified or aggregated consumer information.

    3. We may also collect other personal information outside of the specified categories in instances where you interact with Us in-person, online, or by phone or mail in the context of:

      1. Receiving help through our customer support Platforms; and

      2. Facilitation in the delivery of our services and to respond to your inquiries.

  3. How We Use Your Information.

    1. General Use.

      1. The information We collect about you or that you provide to Us, including any Personal Information, is used to comprehensively understand your needs and interests, and permit Us to deliver a more consistent and personalized experience.  For example, We may use your information:

        1. To present our Website and its contents to you;

        2. To provide you with information or services that you request from us;

        3. To carry out our obligations and enforce our rights arising from any contracts entered into between you and Us, including for billing and collection;

        4. To notify you about changes to our Website or any services We offer or provide though it;

        5. To allow you to participate in interactive features on our Website;

        6. To provide personalized promotional offers and select content to be communicated to you; 

        7. To detect, prevent and remediate fraud or other potentially prohibited or illegal activities; and/or

        8. For any other purposes with your consent.

      2. We may also use your information to contact you about our own and third-parties’ goods and services that may be of interest to you.  If you do not want Us to use your information in this way, please adjust your user preferences in your account profile.  

    2. We may use the information We collect for the following business purposes:

      1. Understanding You.  Analyzing your activity with Us (including your interactions with our websites, emails or other forms of communication) and monitoring the effectiveness of our communications.

      2. Communications.  Communicating with you, including responding to your requests and asking for feedback.

      3. Your Experience.  Serving content on our Website, developing our services, better understanding your needs and preferences, and constantly improving your experience.

    3. Credit Cards/Electronic Payments.  Credit card and electronic payment information is used solely for payment processing and fraud prevention efforts.  Credit card information, and other sensitive personal information required to process a credit decision, is not used for any other purposes by Us or our financial services providers, and will not be retained any longer than necessary to provide your services.

  4. With Whom We Share Your Data and How It is Used.

    1. Consent.  We may process your data if you have given Us specific consent to use your Personal Information for a specific purpose.

    2. Legitimate Interests.  We may process your data when it is reasonably necessary to achieve our legitimate business interests.

    3. Performance of a Contract.  Where We have entered into a contract with you, We may process your Personal Information to fulfill the terms of our contract.

    4. Legal Obligations.  We may disclose your information where We are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).

    5. Vital Interests.  We may disclose your information where We believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which We are involved.

    6. More specifically, We may need to process your data or share your Personal Information in the following situations:

      1. Business Transfers.  We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

      2. Marketing Providers.  We partner with third parties to assist with the advertising and marketing of our business.  We may share with them the types of information described in Section 11, entitled How We Use Your Information.  We may also receive information collected by these third parties and combine it with the information We have collected.

      3. Other Third Parties.  We will disclose information about you, including to government bodies or law enforcement agencies, when We believe it to be necessary for compliance with the law or to protect the users of our Website.

  5. Third-Party Links & Content.

    1. The Website may link to or incorporate websites, advertising or content hosted and served by third parties over which We have no control, and which are governed by the privacy policies and business practices of those third parties.  We are not responsible for the privacy practices or business practices of any third party.

    2. We may work with network advertisers, ad agencies, analytics service providers, and other vendors to serve our advertisements on our Website and third-party websites, apps, and elsewhere online and to provide Us with information regarding use of and traffic on our Website (including without limitation the pages viewed and the actions users take when visiting our Website) and the effectiveness of our advertisements.  For example, if you click on a specific advertisement for a specific third party, our service provider(s) may be able to tell Us the advertisement you clicked on and where you were viewing the advertisement.  The advertisements you see may be served by Us or one or more third parties, who may use information about your activities on our Website, and other websites and services you visit across the various devices you use, to provide you targeted content and advertising.  Our service providers may collect certain information about your visits to and activity on our Website and other websites and services and may use this information to target advertising to you.

    3. Third parties may set and access their own tracking technologies on your device (including without limitation cookies and web beacons) and may otherwise collect or have access to information about you (such as usage information and device identifier).  Some of these parties may collect personal information over time when you visit our Website or other online websites and services.  Cookies and web beacons, including without limitation those set by third-party network advertisers, may be used to (among other things): target advertisements, prevent you from seeing the same advertisements too many times, and conduct research regarding the usefulness of certain advertisements to you.  We may share certain information such as device identifiers, usage information, hashed information, records of transactions you conduct on our Platforms or offline, and other types of de-identified information with third-party advertising companies, analytics providers, and other vendors for advertising and analytics purposes.  In addition, We and our third-party service providers may use this information to perform matching with third-party cookies in order to provide targeted online marketing.

    4. We use Google Analytics and Posthog, which use cookies and similar technologies to collect and analyze information about use of the Platforms and report on activities and trends.  This service may also collect information regarding the use of other websites, apps, and online resources.  You can learn about Google’s practices by going to google.com/policies/privacy/partners, and opt out of them by downloading the Google Analytics opt-out browser add-on, available at tools.google.com/dlpage/gaoptout.  You can learn about Posthog’s practices by going to https://posthog.com/privacy.

  6. Security and Data Location.

    1. Security Measures.

      1. We have implemented appropriate technical and organizational security measures designed to protect and secure your Personal Information from accidental loss and from unauthorized access, use, alteration, and disclosure.  All information you provide to Us is stored on our secure servers behind firewalls.  Any payment will be encrypted using SSL technology.

      2. However, despite our safeguards and efforts to secure your information, no electronic transmission over the internet or information storage technology can be guaranteed to be one hundred percent (100%) secure.  Although We do our best to protect your Personal Information, We cannot guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security, and improperly collect, access, steal, or modify your information transmitted to our Website.  Although We will do our best to protect your personal information, any transmission of Personal Information is at your own risk.  We are not responsible for circumvention of any privacy settings or security measures contained on our Website.  You should only access our Website within a secure environment.

    2. Cookies.  To facilitate and customize your experience with our Website, We may store cookies on your computer.  A cookie is a small text file that is stored on a user’s computer for record-keeping purposes which contains information about that user.  We use cookies to save you time while using our Website, remind Us who you are, and track and target user interests in order to provide a customized experience.  Cookies also allow Us to collect information from you, like which pages you visited and what links you clicked on.  Use of this information helps Us to create a more user-friendly experience for all visitors.  In addition, We may use third party advertising companies to display advertisements on our services.  As part of their service, they may place separate cookies on your computer.  We also contract with third party advertising or analytics companies to serve you online ads on other websites.  These companies use cookies or similar technologies to collect information about your interactions with our Platforms and interactions with other websites.  These advertising companies may use and share the information gathered to deliver ads more tailored to your interests.  We receive aggregate information from these third parties to understand our advertising effectiveness.  Any information collected by Us or by third parties through the use of cookies or similar technologies may be linked with other information We collect about you.  We have no access to or control over these cookies.  This Privacy Policy covers the use of cookies by our Website only and does not cover the use of cookies by any advertiser or other third party.  Most browsers automatically accept cookies by default, but, if you prefer, you may be able to modify your browser settings to remove cookies and to reject cookies.  Users may choose to set their web browser to refuse cookies, or to alert you when cookies are being sent.  If you choose to remove cookies or reject cookies, this could affect certain features or services of our Website.  To opt-out of interest-based advertising by advertisers on our Website visit http://www.aboutads.info/choices/.

    3. Analytics.  Visitors to this Website who have JavaScript enabled are tracked using Google Analytics and Posthog.  Google Analytics and/or Posthog may collect some or all of the following types of information from you: type of user agent (web browser) used, software manufacture and version number; type of operating system; color processing ability of your screen; JavaScript support; Flash version; screen resolution; network location; IP address; country, city, state, region, county, or any other geographic data; hostname; bandwidth (internet connection speed); time of visit; pages visited; time spent on each page of our Website; referring site statistics; the website URL you came through in order to arrive at our Website; or search engine query used to find our Website.  This data is primarily used to optimize our Website for our visitors and for internal marketing purposes.

    4. Other Tracking Devices.  We may use other industry standard technologies like pixel tags and web beacons to track your use of our Website pages and promotions, or We may allow our third-party service providers to use these devices on our behalf.  Pixel tags and web beacons are tiny graphic images placed on certain pages on our Website, or in our emails that allow Us to determine whether you have performed a specific action.  When you access these pages or open or click an email, pixel tags, and web beacons generate a notice of that action.  Pixel tags allow Us to measure and improve our understanding of visitor traffic and behavior on our Website, as well as give Us a way to measure our promotions and performance.  We may also utilize pixel tags and web beacons provided by our affiliates and/or partners for the same purposes.

    5. Timing.

      1. We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements).  No purpose in this notice will require Us keeping your personal information for longer than six (6) months past the termination of the user’s account.

      2. When We have no ongoing legitimate business need to process your personal information, We will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then We will securely store your personal information and isolate it from any further processing until deletion is possible.

  7. Additional US State Privacy Rights. 

    1. Some states in the US have passed state-specific privacy laws. This section supplements this Privacy Policy by explaining your privacy rights if you are a resident in one of these states, provides certain mandated disclosures about our treatment of Personal Information, and includes:

      1. Colorado, Connecticut, Utah and Virginia specific disclosures and rights;

      2. California specific disclosures and rights; 

      3. Opt-outs for sale or sharing of personal information; and

      4. Metrics on consumers exercising their rights

    2. Colorado, Connecticut, Utah and Virginia

      1. If you are a resident of Colorado, Connecticut, Utah, or Virginia, We have certain obligations, and you have certain rights with respect to your personal information, including:

        1. Right to confirm whether the controller is processing the consumer’s personal information and the right to access such information;

        2. Right to correct inaccuracies in personal information;

        3. Right to delete personal information;

        4. Right of data portability;

        5. Right to opt out from targeted advertising; and

        6. Right to opt out from the sale of personal information.

      2. In certain states, you also have the right to opt out from profiling in furtherance of decisions that produce legal or similarly significant effects on the consumer (such as Virginia, Colorado, and Connecticut) and appeal a decision regarding a request to exercise your rights.

      3. If you wish to exercise one or more of these rights, please review Section 17. If you would like to opt out of targeted advertising or the selling or sharing of personal information, please see the instructions below.

    3. California

      1. The California Consumer Privacy Act of 2018 (“CCPA”), as amended by the California Privacy Rights Act of 2021 (“CPRA”) requires Us to provide California consumers with some additional information related to how We collect, use, retain, and disclose personal information as well as describe additional rights.  If you are a resident of the State of California, please see our California Privacy Rights Notice annexed hereto as Exhibit A, regarding additional rights you have, including how to exercise your rights.

  8. What Are Your Other Privacy Rights If Located Outside the United States?

    1. If you are using our U.S.-based Platforms while located outside the United States, this Privacy Policy may apply to you.  Any information We collect from you could be stored on servers and shared with third parties located in the United States or other countries.  The rules and laws that apply to the collection and use of personal data in the United States or other countries may differ from those in your country.

    2. If you believe We are unlawfully processing your personal information, you have the right to complain to your local data protection supervisory authority.

    3. If you have questions or comments about your privacy rights, you may email Us at privacy@pandorasway.com.

  9. Your Privacy Choices.

    1. You can control the information We collect and use in the following ways:

      1. Location Information.  You can disable location-based services on your mobile device or web browser by adjusting the settings on your device or browser.  This will prevent our Website from accessing your location information.

      2. Emails.  You can unsubscribe from our marketing email list at any time by clicking on the unsubscribe link in the emails that We send or by contacting Us using the details provided below.  You will then be removed from the marketing email list — however, We may still communicate with you, for example to send you service-related emails that are necessary for the administration and use of your account, to respond to service requests, or for other non-marketing purposes.  To otherwise opt-out, you may contact Us using the contact information provided.

      3. Online Advertising.  For information about opting out of third party advertising, visit: NAI Opt-Out (http://www.aboutads.info/choices/) and DAA Opt-Out (http://optout.networkadvertising.org/?c=1) (you will leave this Website for a separately managed online site where you can specify your preference under those programs).  You can also click on the icon that may appear on some of our advertising served through these technologies.  We may use more than one third party company for placing this advertising, which would require you to opt out of each company.

    2. Controls For Do-Not-Track Features.  Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected.  The Company does not track your online browsing activity on other online services over time and we do not permit third-party services to track your activity on our site. Because we do not share this kind of data with third party services or permit this kind of third party data collection for any of our users, and we do not track our users on third-party websites ourselves, we do not need to respond differently to an individual browser's Do Not Track setting.

    3. Based on the applicable laws of your country, you may have the right to request access to the personal information We collect from you, change that information, or delete it in some circumstances.  To request to review, update, or delete your personal information, please email Us at privacy@pandorasway.com.

    4. If you are a resident of the State of California, you can learn more about your privacy rights below in our California Privacy Rights Notice annexed hereto as Exhibit A.

EXHIBIT A

CALIFORNIA PRIVACY RIGHTS NOTICE

Additional Notice for California Residents

This Privacy Notice (this “Notice”) for California Residents supplements the information contained in the Privacy Policy, and applies solely to all visitors, users, and others who reside in the State of California (“Consumers” or “You”).  We adopt this Notice to comply with the California Consumer Privacy Act of 2018 (“CCPA”), as amended by the California Privacy Rights Act of 2023 (“CPRA”) and any capitalized terms not defined herein shall have the meanings ascribed to same in the CCPA and CPRA.

This Notice does not apply to workforce-related personal information collected from California-based employees, job applicants, contractors, or similar individuals.

Where noted in this Notice, the CCPA temporarily exempts personal information reflecting a written or verbal business-to-business communication (“B2B Personal Information”) from some its requirements.

The CCPA permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) We disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which We shared personal information in the immediately preceding calendar year.  If you are a California resident and would like to make such a request, please submit your request in writing to Us using the contact information provided below.

If you are under 18 years of age, reside in California, and have a registered account with our Website, you have the right to request removal of unwanted data that you publicly post on our Website.  To request removal of such data, please contact Us using the contact information provided below, and include the email address associated with your account and a statement that you reside in California.  We will make sure the data is not publicly displayed on our Website, but please be aware that the data may not be completely or comprehensively removed from all our systems (e.g., backups, etc.).

  1. Definition of “Resident”.

  1. The California Code of Regulations defines a “Resident” as:

  1. every individual who is in the State of California for other than a temporary or transitory purpose; and

  2. every individual who is domiciled in the State of California who is outside the State of California for a temporary or transitory purpose.

  1. All other individuals are defined as “Non-Residents.”

  2. If this definition of “Resident” applies to you, We must adhere to certain rights and obligations regarding your personal information.

  1. Sharing Personal Information.

  1. We may disclose your personal information to a third party for a business purpose.  When We disclose personal information for a business purpose, We require the recipient to both keep that personal information confidential and not use it for any purpose except for use in connection with performing the services on our behalf.  The CCPA prohibits third parties who obtain the personal information We hold from reselling it unless you have received explicit notice and an opportunity to opt-out of further sales.  We may disclose your personal information with our service providers pursuant to a written contract between Us and each service provider.  Each service provider is a for-profit entity that processes the information on our behalf.

  2. We may use your personal information for our own business purposes.  This is not considered to be “Selling” of your personal data.

  3. We may use or disclose the personal information We collect for one or more of our business purposes in this Privacy Policy or as otherwise set forth in the CCPA.  We will not collect additional categories of personal information or use the personal information We collected for materially different, unrelated, or incompatible purposes without providing you notice.

  4. The Corporation discloses the following categories of personal information for a business purpose:

  1. Identifiers.

  2. California Customer Records

  3. Personal Information Categories.

  4. Commercial information.

  5. Internet or other Electronic Network Activity Information (i.e., browsing history and information regarding a consumer’s interaction with our Website).

  6. Geolocation data.

  1. We disclose your personal information for a business purpose to the following categories of third parties:

  1. Our affiliates; 

  2. Service Recipients; and

  3. Third parties to whom you authorize Us to disclose your personal information in connection with the products or services We provide to you.

  1. CCPA Rights.  The CCPA provides consumers who are California residents with specific rights regarding their personal information.  This section describes your CCPA rights and explains how to exercise those rights:

  1. Access to Specific Information and Data Portability Rights.  You have the right to request that We disclose certain information to you about our collection and use of your personal information over the past twelve (12) months.  Once We receive and confirm your verifiable consumer request (see Exercising Access, Data Portability, and Deletion Rights), We will disclose to you:

  1. The categories of personal information We collected about you;

  2. The categories of sources for the personal information We collected about you;

  3. Our business or commercial purpose for collecting or selling that personal information;

  4. The categories of third parties with whom We share that personal information;

  5. The specific pieces of personal information We collected about you (also called a data portability request);

  6. If We sold or disclosed your personal information for a business purpose, two separate lists disclosing:

  1. Sales.  Identifying the personal information categories that each category of recipient purchased; and

  2. Disclosures for a business purpose.  Identifying the personal information categories that each category of recipient obtained.  We do not provide these access and data portability rights for B2B personal information.

  1. Deletion Request Rights.  You have the right to request that We delete any of your personal information that We collected from you and retained, subject to certain exceptions.  Once We receive and confirm your verifiable consumer request (see Exercising Access, Data Portability, and Deletion Rights), We will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.  We may deny your deletion request if retaining the information is necessary for Us or our service provider(s) to:

  1. Complete the transaction for which We collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you;

  2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;

  3. Debug products to identify and repair errors that impair existing intended functionality;

  4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;

  5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.);

  6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement if you previously provided informed consent;

  7. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;

  8. Comply with a legal obligation; and

  9. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

  1. Exercising Access, Data Portability, and Deletion Rights.

  1. To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to Us by either:

  1. Calling Us at – (929) 344-1412‬; or‬‬‬‬

  2. Emailing Us at privacy@pandorasway.com.

  1. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information.  You may also make a verifiable consumer request on behalf of your minor child.  You may only make a verifiable consumer request for access or data portability twice within a twelve (12) month period.

  2. The verifiable consumer request must:

  1. Provide sufficient information that allows Us to reasonably verify you are the person about whom We collected personal information or an authorized representative.

  2. Describe your request with sufficient detail that allows Us to properly understand, evaluate, and respond to it.  We cannot respond to your request or provide you with personal information if We cannot verify your identity or authority to make the request and confirm the personal information relates to you.  You do not need to create an account with Us to submit a request to know or delete.  However, We do consider requests made through your password protected account sufficiently verified when the request relates to personal information associated with that specific account.  We will only use personal information provided in the request to verify the requestor’s identity or authority to make it.  If, however, We cannot verify your identity from the information already maintained by us, We may request that you provide additional information for the purposes of verifying your identity, and for security or fraud-prevention purposes.  We will delete such additionally provided information as soon as We finish verifying you.  For instructions on exercising your sale opt-out or opt-in rights, see Section 4(e) below, entitled Personal Information Sales Opt-Out and Opt-In Rights.

  1. Response Timing and Format.  We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt.  If We require more time (up to ninety (90) days), We will inform you of the reason and extension period in writing.  If you have an account with us, We will deliver our written response to that account.  If you do not have an account with us, We will deliver our written response by mail or electronically, at your option.  Any disclosures We provide will only cover the twelve (12) month period preceding the verifiable consumer request’s receipt.  The response We provide will also explain the reasons We cannot comply with a request, if applicable.  For data portability requests, We will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.  We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded.  If We determine that the request warrants a fee, We will tell you why We made that decision and provide you with a cost estimate before completing your request.

  2. Personal Information Sales Opt-Out and Opt-In Rights.  If you are sixteen (16) years of age or older, you have the right to direct Us not to sell your personal information at any time (the “Right to Opt-Out”).  We do not sell the personal information of consumers We actually know are less than sixteen (16) years of age, unless We receive affirmative authorization (the “Right to Opt-In”) from either the consumer who is at least thirteen (13) but not yet sixteen (16) years of age, or the parent or guardian of a consumer less than thirteen (13) years of age.  Consumers who opt-in to personal information sales may opt-out of future sales at any time.  To exercise the right to opt-out, you (or your authorized representative) must submit a request to Us by emailing Us at privacy@pandorasway.com.  Once you make an opt-out request, We will wait at least twelve (12) months from the date of receipt of such request before asking you to reauthorize personal information sales.  We will only use personal information provided in an opt-out request to review and comply with the request.

  3. In accordance with applicable law, We are not obligated to provide or delete consumer information that is de-identified in response to a consumer request or to re-identify individual data to verify a consumer request.

  1. Right to Non-Discrimination for the Exercise of a Consumer’s Privacy Rights.

  1. We will not discriminate against you for exercising any of your CCPA rights.  Unless permitted by the CCPA, We will not:

  1. Deny you goods or services;

  2. Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;

  3. Provide you a different level or quality of goods or services;

  4. Suggest that you may receive a different price or rate for goods or services or a different level or quality of services.

  1. However, We may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels.  Any CCPA-permitted financial incentive We offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects.  Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time.

  1. CCPA Rights Request Metrics.  Metrics regarding the consumer rights requests We received from California residents from January 1, 2024 to December 31, 2024 appear in the following chart:

Request Type: Right to Know, Right to Delete, Right to Opt-Out

Received: 0

Granted (in whole or in part) : 0

Denied: 0

Median Days to Respond: 0

Requests to Know: 0

Unverifiable: 0

Not by a California resident: 0

Called for information exempt
from disclosure: 0

Denied on other grounds: 0

Requests to Delete: 0

Requests to Opt-Out
of Personal Information Sales: 0

  1. Other California Privacy Rights.  California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes.  To make such a request, please send an email to privacy@pandorasway.com.

  2. Changes to Our Privacy Notice.  We reserve the right to amend this Notice at our discretion and at any time.  When We make changes to this Notice, We will post the updated notice on our Website and update the notice’s effective date.  Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.

Questions? Please reach out!

Our Data Privacy officer can be reached at privacy@pandorasway.com and will answer any questions or requests that you may have.

At Pandora's Way, we believe in Privacy by Design. We do our very best to protect you and your family's privacy. We only collect what we need to provide you the best service. And we don't sell your data.

Last Updated: May 7, 2025

PANDORA’S WAY LTD. (the “Corporation”, “we” or “us”) respects your privacy and is committed to protecting it through our compliance with this website privacy policy (this “Privacy Policy”).

This Privacy Policy describes the types of information that We may collect from you or that you may provide when you visit the website: pandorasway.com (our “Website”) and our practices for collecting, using, maintaining, transmitting, protecting, and disclosing such information.

This Privacy Policy applies to information We collect:

  • in email, text, and other electronic messages between you and the Corporation or through links to our Website;

  • through mobile and desktop applications you download from our Website, which provide dedicated non-browser-based interaction between you and our Website;

  • through social media pages controlled by Us or that We interact with; and

  • when you interact with our advertising and applications on our Website or on third-party websites and services if those applications or advertising include links to this Privacy Policy; 

This Privacy Policy shall not apply to information collected by:

  • Us offline or through any other means including, without limitation, on any other website other than our Website operated by the Corporation or any third party; or

  • Any third party, including information collected by any third party through any application or content that may link to or be accessible from or on our Website.

PLEASE READ THIS PRIVACY POLICY CAREFULLY TO UNDERSTAND OUR POLICIES AND PRACTICES REGARDING YOUR INFORMATION AND HOW WE WILL TREAT IT. IF YOU DO NOT AGREE WITH OUR POLICIES AND PRACTICES, YOU DO NOT HAVE OUR PERMISSION TO USE OUR WEBSITE. BY ACCESSING OR USING OUR WEBSITE, YOU AGREE TO THIS PRIVACY POLICY. WE MAY UPDATE, REVISE OR MODIFY ALL OR A PORTION OF THIS PRIVACY POLICY FROM TIME TO TIME (SEE SECTION 3, ENTITLED CHANGES TO OUR PRIVACY POLICY). YOUR CONTINUED USE OF OUR WEBSITE AFTER WE MAKE SUCH UPDATES, REVISIONS OR MODIFICATIONS IS DEEMED TO BE ACCEPTANCE OF SUCH UPDATES, REVISIONS OR MODIFICATIONS; SO, IT IS IMPERATIVE THAT YOU CONSULT THIS PRIVACY POLICY PERIODICALLY FOR UPDATES.

  1. This Privacy Policy explains:

    1. Websites Covered by This Privacy Policy

    2. Changes to Our Privacy Policy

    3. Contact Information

    4. Types of Information We Collect

    5. How We Use Your Information and Who We May Share It With

    6. Third-Party Links & Content

    7. Security and Data Location

    8. WHAT ARE YOUR PRIVACY RIGHTS?

  2. Websites Covered by This Privacy Policy.

    1. Our Website may from time-to-time link to third-party websites for your convenience and to provide easy access to additional useful information.  Should you select such a link you will leave our Website.  We do not control those sites nor their privacy practices, which may differ from our practices and policies.  Any personal data you choose to provide to or that is collected by such third parties is not in any way covered by this Privacy Policy.  We recommend that you read over such website’s privacy policy before providing any Personal Information.  A link to another website from Us does not constitute an endorsement or representation about the value, quality, or usefulness of anything found on that third-party website.

    2. Social Media Pages” are the official social media pages We operate on Facebook, X (formerly known as Twitter), Instagram, LinkedIn, Youtube, TikTok and other social media platforms. The term “Platform” means, collectively, our Website and Social Media Pages. 

    3. PLEASE BE AWARE THAT IF YOU ELECT TO HAVE US SHARE YOUR INFORMATION WITH THIRD PARTIES, THOSE ELECTIONS TO HAVE YOUR INFORMATION SHARED WILL SUPERSEDE ANYTHING TO THE CONTRARY IN THIS PRIVACY POLICY.

  3. Changes to Our Privacy Policy.

    1. We reserve the right to amend this Privacy Policy at our discretion and at any time.  It is our policy to post any changes We make to this Privacy Policy with a notice that this Privacy Policy has been updated on our Website home page.  If We make material changes to how We treat our users’ Personal Information, We will notify you by email to the primary email address specified in your account and/or through a notice on our Website home page.  The date this Privacy Policy was last revised is identified at the top of the page.  You are responsible for ensuring We have an active, up-to-date, and deliverable email address for you, and for periodically visiting our Website and this Privacy Policy to check for any changes.  Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.

    2. PLEASE NOTE THAT FOR CALIFORNIA RESIDENTS THE CALIFORNIA CONSUMER PRIVACY ACT (“CCPA”) AS REVISED BY THE CALIFORNIA PRIVACY RIGHTS ACT (“CPRA”) WILL GOVERN OUR USE AND YOUR RIGHTS WITH REGARD TO YOUR PERSONAL INFORMATION.

  4. Contact Information.  You have the right to request information with respect to the types of Personal Information We share with third parties and the identities of the third parties with whom We have shared such information during the immediately preceding calendar year. To obtain this information, please submit a request via email to privacy@pandorasway.com.;  Please allow up to thirty (30) days for a response.

  5. Types of Information We Collect.

    1. When you access our Website, We collect several types of information from and about users of our Website, depending on the context of your interactions with Us and our Website (“Personal Information”), including information:

      1. by which you may be personally identified, such as: name, e-mail address, telephone number, gender, ZIP code/postal code, or other additional information supplied by you, by which you may be contacted online or offline 

      2. necessary to process your payment if you make purchases, including payment details such as your payment instrument number (i.e., a credit card number), and the security code associated with your payment instrument, collected in connection with an order, a return, a promotion, contest, or fundraising event.  All payment data is stored after tokenizing your account, or collected in connection with your shopping history with Us, including the items you purchase);

      3. If you email, text, or chat with Us, We may keep records of those conversations.

    2. We collect this information:

      1. directly from you when you provide it to Us;

      2. automatically as you navigate through the site, or use our services.  Information collected automatically may include usage details, IP addresses, and information collected through cookies.

  6. Information You Provide to Us.

    1. The information We collect on or through our Website may include, but is not limited to:

      1. information that you provide by filling in forms on our Website.  This includes information provided at the time of registering to use our Website, and services requested; and

      2. records and copies of your correspondence (including email addresses and related contact information) if you contact Us;

    2. We may take your Personal Information and de-identify it so as to make it non-personally identifiable, either by combining it with information about other individuals and/or by hashing the information or otherwise removing characteristics that make the information personally identifiable directly to you.  We will treat de-identified information as non-personal to the fullest extent allowed by applicable law.

  7. Community Forums and User Submission. 

    1. Through our communication functionality and interactive features (“Community Forums”), you may have the opportunity to submit information to us.  Any and all information and content that you submit or post to the Community Forums, including, without limitation, photos, audio, video, messages, text, files, reviews, or other content you provide us and as further described in our Terms of Use shall be classified as User Submissions (“User Submissions”).  Your User Submissions may be subject to additional terms as provided in our Terms of Use, located at [LINK] which We ask that you review as your use of and submission of information to Us is deemed as an acceptance of our Terms of Use. Additionally, some features, such as user review, may be operated by a third party and your postings also may be subject to the third party’s privacy policy and terms of use. 

    2. Please note that certain information, such as your name and/or place of residence, may be publicly displayed on our Website along with your User Submissions.  Your use of any Community Forum is subject to our Terms of Use, including without limitation the “User Submissions” section.  Note that anything you submit through a public-facing Community Forum may be made public – others will have access to your User Submission and may use it or share it with third parties.  We are not responsible for the actions of third parties, and the use of your information and other User Submissions by such third parties is not subject to the protections of this Privacy Policy.

    3. Social Networking Features. Functionality on the Website may permit interactions between the Website and a third-party service such as Facebook or Instagram (“Social Networking Features”).  Examples of Social Networking Features include enabling you to “Like” or “Share” content from the Website or to “Like” or “Share” our page on a third-party service; to automatically or selectively show your social media posts on the Website; and to otherwise connect the Website to a third-party service.  If you choose to share content or to otherwise post information through our Website to a third-party service, or vice versa, that information may be publicly displayed.  Similarly, if you post information on a third-party service that references us (for example, by using a hashtag associated with us in your post), your post may be published on the Website or otherwise in accordance with the terms of that third party.  Also, both We and the third party may have access to certain information about you and your use of the Website and the third-party service.  These third-party social networking companies may collect information about your visit to a Platform through the Social Networking Features we have integrated into the Platform, and - if you are signed into your account with such a third-party social networking company – it may collect additional information in accordance with the terms of your agreement with that company.  In addition, we may receive information about you if other users of a third-party service give us access to their profiles and you are one of their “Connections” or information about you is otherwise accessible through your profile or similar page on a social networking or other third-party service.  The information we collect in connection with Social Networking Features is subject to this Privacy Policy.  The information collected and stored by the third party remains subject to the third party’s privacy practices, including whether the third party continues to share information with Us, the types of information shared, and your choices with regard to what is visible to others on that third-party service.

    4. We may make available on the Platforms a “Send-to-a-Friend,” “Refer a Friend,” “Wish List” or similar function that permits you to send Platform content directly to a third party through the Platforms.  If you send a friend a communication using such functionality, the information you provide about your friend (e.g., name and e-mail address) is used to facilitate the communication and is not used for any other marketing purpose unless We obtain consent from that person.  If you disclose any personal information relating to other people, you represent that you have the authority to do so and to permit Us to use the information in accordance with this Privacy Policy.

    5. All personal information that you provide to Us must be true, complete, and accurate, and you must notify Us of any changes to such personal information.

    6. Employment Applications. If you apply for a job through the Website, We or our service provider(s) may ask you to provide self-identifying information (such as veteran status, gender, and ethnicity) in conjunction with laws and regulations enforced by, as applicable, the Equal Employment Opportunity Commission and other federal, state, provincial/territorial, and local regulatory agencies.  Providing such self-identifying information is voluntary, but if you do provide such information, We and/or our service provider may submit that information to the appropriate government or regulatory agencies to fulfill reporting requirements and use that information to defend against employment-related complaints.

  8. Information We Collect Through Automatic Data Collection Technologies.

    1. As you navigate through and interact with our Website, We may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:

      1. details of your visits to our Website, including traffic data, location data, logs, and other communication data, and the resources that you access and use on our Website; and

      2. information about your device and internet connection, including your IP address, operating system, and browser type.

    2. The information We collect automatically is only statistical data and does not include Personal Information, but We may maintain it or associate it with the Personal Information that We collect in other ways or receive from third parties.  It helps Us to improve our Website and to deliver a better and more personalized service, including by enabling Us to:

      1. estimate our audience size and usage patterns; and

      2. to protect our Services.  We may use your information as part of our efforts to keep our Website safe and secure (e.g., for fraud monitoring and prevention).

    3. The technologies We use for this automatic data collection may include:

      1. Cookies (or browser cookies).  A cookie is a small file placed on the hard drive of your computer.  You may refuse to accept browser cookies by activating the appropriate setting on your browser.  However, if you select this setting, you may be unable to access certain parts of our Website.  Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website.  These technologies are able to store a unique identifier for a device to allow a certain internet site to recognize the device whenever the device is used to visit the site.  These technologies may be used for many purposes by Us and our third-party service providers, such as automatically collecting usage information, enabling features, remembering your preferences, and providing you with targeted advertising elsewhere online.  If you do not want to accept cookies, you can block them by adjusting the settings on your internet browser.  You can find more information about cookies and how they work at www.allaboutcookies.org.

      2. Web Beacons.  Pages of our Website may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Corporation, for example, to count users who have visited those pages and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

      3. Web Browsers.  Certain browsers, or browser add-ons, may provide additional local data storage mechanisms that are used in a manner similar to cookies, and some of the content included on our Website may make use of this local storage.

      4. Embedded Scripts.  An embedded script is programming code that is designed to collect information about your interactions with our Website, such as the links you click on.  The code is temporarily downloaded onto your device from our server or a third-party service provider, is active only while you are connected and is deactivated or deleted thereafter.

We do not collect Personal Information automatically, but We may tie this Personal Information to personal information about you that We collect from other sources, or you provide to us.

  1. Third-Party Use of Cookies and Other Tracking Technologies.

    1. Some content or applications on our Website are served by third parties, including, without limitation, advertisers, advertising networks and servers, content providers, and application providers (each, a “Third-Party Data Collector”).  The Third-Party Data Collector may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our Website.  The information a Third-Party Data Collector collects may be associated with your personal information, or your online activities over time, across external websites and other online services.  A Third-Party Data Collector may use this information to provide you with interest-based (behavioral) advertising or other targeted content.

    2. We do not control the tracking technologies of any Third-Party Data Collector nor how information collected by any Third-Party Data Collector may be used.  If you have any questions about an advertisement or other targeted content, you should contact the relevant Third-Party Data Collector directly.

    3. We also contract with third party advertising, analytics companies or other service providers to perform certain services on our behalf, such as online ads on other websites, hosting the Platforms or Platform features, delivering packages, processing credit card payments, processing transactions and fulfilling orders, removing repetitive information from customer lists, providing customer service, providing website usage analytics, providing search results and links (including paid listings and links), providing targeted advertising, sending email, direct mail or other communications, providing marketing assistance and data analysis or enhancement, or performing other administrative services.  These companies use cookies or similar technologies to collect information about your interactions with our Platforms and interactions with other websites.  These advertising companies may use and share the information gathered to deliver ads more tailored to your interests.  We receive aggregate information from these third parties to understand our advertising effectiveness.  Any information collected by Us or by third parties through the use of cookies or similar technologies may be linked with other information We collect about you.  We may give these service providers access to your information (or allow them to collect information from or about you) so that they can carry out the services they are performing for you or for the Corporation.  These third parties share information they have collected with Us.  Your information may also be collected and processed by third parties, such as the payment providers you select, who will process your information independently in accordance with their own privacy notices.  Your information may also be shared with Us by others, such as your friends and family, when they use a service on our Platforms; for example, by sending you an E-Gift Card or shipping an order to your address.  If someone else has provided Us with your information, We will only process your information for the applicable purpose(s) as described below in this Policy.

  1. Do We Collect Information From Minors?  Our Platforms are general audience points of contact and are not directed at children under the age of thirteen (13). Further, We do not knowingly solicit data from nor market to children under eighteen (18) years of age.  By using our Website, you represent that you are at least eighteen (18) years of age or that you are the parent or guardian of such a minor and have consented to such child’s direct use of our Website.

  2. What Categories of Personal Information Do We Collect?

    1. We have collected the following categories of personal information in the past twelve (12) months:

      1. Identifiers.  Contact details, such as real name, alias, postal address, telephone or mobile contact number, unique personal identifier, online identifier, device identifier, date of birth (or partial DOB such as birth day and month), Internet Protocol (IP) address, email address and account name; or other similar identifiers.

      2. Personal information.  This may include, your name, signature, contact information, address, or telephone number.

      3. Financial Information.  This may include credit card number, debit card number, and other financial information.

      4. Protected Classification Characteristics Under Federal Law.  The classification characteristics include: age, ethnicity or national origin, religion or creed, marital status, physical or mental disability, sex (including gender, gender identity, or gender expression), pregnancy or childbirth.

      5. Internet or Other Similar Network Activities.  This includes browsing history, search history, online behavior, interest data, and interactions with our and other websites, applications, systems, and advertisements.  This category includes: the hardware model, browser, and operating system you are using; the URL or advertisement that referred you to the Platform you are visiting; all of the areas within the Platforms that you visit; devices you have used to access the Platforms; login information (such as your last login); your time zone; location information based off your IP address; and mobile network (if applicable).

      6. Inferences Drawn From Other Personal Information.  Inferences drawn from any of the collected personal information listed above to create a profile or summary about, for example, an individual’s preferences and characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitude.

    2. Personal Information does not include: Publicly available information from government records, deidentified or aggregated consumer information.

    3. We may also collect other personal information outside of the specified categories in instances where you interact with Us in-person, online, or by phone or mail in the context of:

      1. Receiving help through our customer support Platforms; and

      2. Facilitation in the delivery of our services and to respond to your inquiries.

  3. How We Use Your Information.

    1. General Use.

      1. The information We collect about you or that you provide to Us, including any Personal Information, is used to comprehensively understand your needs and interests, and permit Us to deliver a more consistent and personalized experience.  For example, We may use your information:

        1. To present our Website and its contents to you;

        2. To provide you with information or services that you request from us;

        3. To carry out our obligations and enforce our rights arising from any contracts entered into between you and Us, including for billing and collection;

        4. To notify you about changes to our Website or any services We offer or provide though it;

        5. To allow you to participate in interactive features on our Website;

        6. To provide personalized promotional offers and select content to be communicated to you; 

        7. To detect, prevent and remediate fraud or other potentially prohibited or illegal activities; and/or

        8. For any other purposes with your consent.

      2. We may also use your information to contact you about our own and third-parties’ goods and services that may be of interest to you.  If you do not want Us to use your information in this way, please adjust your user preferences in your account profile.  

    2. We may use the information We collect for the following business purposes:

      1. Understanding You.  Analyzing your activity with Us (including your interactions with our websites, emails or other forms of communication) and monitoring the effectiveness of our communications.

      2. Communications.  Communicating with you, including responding to your requests and asking for feedback.

      3. Your Experience.  Serving content on our Website, developing our services, better understanding your needs and preferences, and constantly improving your experience.

    3. Credit Cards/Electronic Payments.  Credit card and electronic payment information is used solely for payment processing and fraud prevention efforts.  Credit card information, and other sensitive personal information required to process a credit decision, is not used for any other purposes by Us or our financial services providers, and will not be retained any longer than necessary to provide your services.

  4. With Whom We Share Your Data and How It is Used.

    1. Consent.  We may process your data if you have given Us specific consent to use your Personal Information for a specific purpose.

    2. Legitimate Interests.  We may process your data when it is reasonably necessary to achieve our legitimate business interests.

    3. Performance of a Contract.  Where We have entered into a contract with you, We may process your Personal Information to fulfill the terms of our contract.

    4. Legal Obligations.  We may disclose your information where We are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).

    5. Vital Interests.  We may disclose your information where We believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which We are involved.

    6. More specifically, We may need to process your data or share your Personal Information in the following situations:

      1. Business Transfers.  We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

      2. Marketing Providers.  We partner with third parties to assist with the advertising and marketing of our business.  We may share with them the types of information described in Section 11, entitled How We Use Your Information.  We may also receive information collected by these third parties and combine it with the information We have collected.

      3. Other Third Parties.  We will disclose information about you, including to government bodies or law enforcement agencies, when We believe it to be necessary for compliance with the law or to protect the users of our Website.

  5. Third-Party Links & Content.

    1. The Website may link to or incorporate websites, advertising or content hosted and served by third parties over which We have no control, and which are governed by the privacy policies and business practices of those third parties.  We are not responsible for the privacy practices or business practices of any third party.

    2. We may work with network advertisers, ad agencies, analytics service providers, and other vendors to serve our advertisements on our Website and third-party websites, apps, and elsewhere online and to provide Us with information regarding use of and traffic on our Website (including without limitation the pages viewed and the actions users take when visiting our Website) and the effectiveness of our advertisements.  For example, if you click on a specific advertisement for a specific third party, our service provider(s) may be able to tell Us the advertisement you clicked on and where you were viewing the advertisement.  The advertisements you see may be served by Us or one or more third parties, who may use information about your activities on our Website, and other websites and services you visit across the various devices you use, to provide you targeted content and advertising.  Our service providers may collect certain information about your visits to and activity on our Website and other websites and services and may use this information to target advertising to you.

    3. Third parties may set and access their own tracking technologies on your device (including without limitation cookies and web beacons) and may otherwise collect or have access to information about you (such as usage information and device identifier).  Some of these parties may collect personal information over time when you visit our Website or other online websites and services.  Cookies and web beacons, including without limitation those set by third-party network advertisers, may be used to (among other things): target advertisements, prevent you from seeing the same advertisements too many times, and conduct research regarding the usefulness of certain advertisements to you.  We may share certain information such as device identifiers, usage information, hashed information, records of transactions you conduct on our Platforms or offline, and other types of de-identified information with third-party advertising companies, analytics providers, and other vendors for advertising and analytics purposes.  In addition, We and our third-party service providers may use this information to perform matching with third-party cookies in order to provide targeted online marketing.

    4. We use Google Analytics and Posthog, which use cookies and similar technologies to collect and analyze information about use of the Platforms and report on activities and trends.  This service may also collect information regarding the use of other websites, apps, and online resources.  You can learn about Google’s practices by going to google.com/policies/privacy/partners, and opt out of them by downloading the Google Analytics opt-out browser add-on, available at tools.google.com/dlpage/gaoptout.  You can learn about Posthog’s practices by going to https://posthog.com/privacy.

  6. Security and Data Location.

    1. Security Measures.

      1. We have implemented appropriate technical and organizational security measures designed to protect and secure your Personal Information from accidental loss and from unauthorized access, use, alteration, and disclosure.  All information you provide to Us is stored on our secure servers behind firewalls.  Any payment will be encrypted using SSL technology.

      2. However, despite our safeguards and efforts to secure your information, no electronic transmission over the internet or information storage technology can be guaranteed to be one hundred percent (100%) secure.  Although We do our best to protect your Personal Information, We cannot guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security, and improperly collect, access, steal, or modify your information transmitted to our Website.  Although We will do our best to protect your personal information, any transmission of Personal Information is at your own risk.  We are not responsible for circumvention of any privacy settings or security measures contained on our Website.  You should only access our Website within a secure environment.

    2. Cookies.  To facilitate and customize your experience with our Website, We may store cookies on your computer.  A cookie is a small text file that is stored on a user’s computer for record-keeping purposes which contains information about that user.  We use cookies to save you time while using our Website, remind Us who you are, and track and target user interests in order to provide a customized experience.  Cookies also allow Us to collect information from you, like which pages you visited and what links you clicked on.  Use of this information helps Us to create a more user-friendly experience for all visitors.  In addition, We may use third party advertising companies to display advertisements on our services.  As part of their service, they may place separate cookies on your computer.  We also contract with third party advertising or analytics companies to serve you online ads on other websites.  These companies use cookies or similar technologies to collect information about your interactions with our Platforms and interactions with other websites.  These advertising companies may use and share the information gathered to deliver ads more tailored to your interests.  We receive aggregate information from these third parties to understand our advertising effectiveness.  Any information collected by Us or by third parties through the use of cookies or similar technologies may be linked with other information We collect about you.  We have no access to or control over these cookies.  This Privacy Policy covers the use of cookies by our Website only and does not cover the use of cookies by any advertiser or other third party.  Most browsers automatically accept cookies by default, but, if you prefer, you may be able to modify your browser settings to remove cookies and to reject cookies.  Users may choose to set their web browser to refuse cookies, or to alert you when cookies are being sent.  If you choose to remove cookies or reject cookies, this could affect certain features or services of our Website.  To opt-out of interest-based advertising by advertisers on our Website visit http://www.aboutads.info/choices/.

    3. Analytics.  Visitors to this Website who have JavaScript enabled are tracked using Google Analytics and Posthog.  Google Analytics and/or Posthog may collect some or all of the following types of information from you: type of user agent (web browser) used, software manufacture and version number; type of operating system; color processing ability of your screen; JavaScript support; Flash version; screen resolution; network location; IP address; country, city, state, region, county, or any other geographic data; hostname; bandwidth (internet connection speed); time of visit; pages visited; time spent on each page of our Website; referring site statistics; the website URL you came through in order to arrive at our Website; or search engine query used to find our Website.  This data is primarily used to optimize our Website for our visitors and for internal marketing purposes.

    4. Other Tracking Devices.  We may use other industry standard technologies like pixel tags and web beacons to track your use of our Website pages and promotions, or We may allow our third-party service providers to use these devices on our behalf.  Pixel tags and web beacons are tiny graphic images placed on certain pages on our Website, or in our emails that allow Us to determine whether you have performed a specific action.  When you access these pages or open or click an email, pixel tags, and web beacons generate a notice of that action.  Pixel tags allow Us to measure and improve our understanding of visitor traffic and behavior on our Website, as well as give Us a way to measure our promotions and performance.  We may also utilize pixel tags and web beacons provided by our affiliates and/or partners for the same purposes.

    5. Timing.

      1. We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements).  No purpose in this notice will require Us keeping your personal information for longer than six (6) months past the termination of the user’s account.

      2. When We have no ongoing legitimate business need to process your personal information, We will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then We will securely store your personal information and isolate it from any further processing until deletion is possible.

  7. Additional US State Privacy Rights. 

    1. Some states in the US have passed state-specific privacy laws. This section supplements this Privacy Policy by explaining your privacy rights if you are a resident in one of these states, provides certain mandated disclosures about our treatment of Personal Information, and includes:

      1. Colorado, Connecticut, Utah and Virginia specific disclosures and rights;

      2. California specific disclosures and rights; 

      3. Opt-outs for sale or sharing of personal information; and

      4. Metrics on consumers exercising their rights

    2. Colorado, Connecticut, Utah and Virginia

      1. If you are a resident of Colorado, Connecticut, Utah, or Virginia, We have certain obligations, and you have certain rights with respect to your personal information, including:

        1. Right to confirm whether the controller is processing the consumer’s personal information and the right to access such information;

        2. Right to correct inaccuracies in personal information;

        3. Right to delete personal information;

        4. Right of data portability;

        5. Right to opt out from targeted advertising; and

        6. Right to opt out from the sale of personal information.

      2. In certain states, you also have the right to opt out from profiling in furtherance of decisions that produce legal or similarly significant effects on the consumer (such as Virginia, Colorado, and Connecticut) and appeal a decision regarding a request to exercise your rights.

      3. If you wish to exercise one or more of these rights, please review Section 17. If you would like to opt out of targeted advertising or the selling or sharing of personal information, please see the instructions below.

    3. California

      1. The California Consumer Privacy Act of 2018 (“CCPA”), as amended by the California Privacy Rights Act of 2021 (“CPRA”) requires Us to provide California consumers with some additional information related to how We collect, use, retain, and disclose personal information as well as describe additional rights.  If you are a resident of the State of California, please see our California Privacy Rights Notice annexed hereto as Exhibit A, regarding additional rights you have, including how to exercise your rights.

  8. What Are Your Other Privacy Rights If Located Outside the United States?

    1. If you are using our U.S.-based Platforms while located outside the United States, this Privacy Policy may apply to you.  Any information We collect from you could be stored on servers and shared with third parties located in the United States or other countries.  The rules and laws that apply to the collection and use of personal data in the United States or other countries may differ from those in your country.

    2. If you believe We are unlawfully processing your personal information, you have the right to complain to your local data protection supervisory authority.

    3. If you have questions or comments about your privacy rights, you may email Us at privacy@pandorasway.com.

  9. Your Privacy Choices.

    1. You can control the information We collect and use in the following ways:

      1. Location Information.  You can disable location-based services on your mobile device or web browser by adjusting the settings on your device or browser.  This will prevent our Website from accessing your location information.

      2. Emails.  You can unsubscribe from our marketing email list at any time by clicking on the unsubscribe link in the emails that We send or by contacting Us using the details provided below.  You will then be removed from the marketing email list — however, We may still communicate with you, for example to send you service-related emails that are necessary for the administration and use of your account, to respond to service requests, or for other non-marketing purposes.  To otherwise opt-out, you may contact Us using the contact information provided.

      3. Online Advertising.  For information about opting out of third party advertising, visit: NAI Opt-Out (http://www.aboutads.info/choices/) and DAA Opt-Out (http://optout.networkadvertising.org/?c=1) (you will leave this Website for a separately managed online site where you can specify your preference under those programs).  You can also click on the icon that may appear on some of our advertising served through these technologies.  We may use more than one third party company for placing this advertising, which would require you to opt out of each company.

    2. Controls For Do-Not-Track Features.  Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected.  The Company does not track your online browsing activity on other online services over time and we do not permit third-party services to track your activity on our site. Because we do not share this kind of data with third party services or permit this kind of third party data collection for any of our users, and we do not track our users on third-party websites ourselves, we do not need to respond differently to an individual browser's Do Not Track setting.

    3. Based on the applicable laws of your country, you may have the right to request access to the personal information We collect from you, change that information, or delete it in some circumstances.  To request to review, update, or delete your personal information, please email Us at privacy@pandorasway.com.

    4. If you are a resident of the State of California, you can learn more about your privacy rights below in our California Privacy Rights Notice annexed hereto as Exhibit A.

EXHIBIT A

CALIFORNIA PRIVACY RIGHTS NOTICE

Additional Notice for California Residents

This Privacy Notice (this “Notice”) for California Residents supplements the information contained in the Privacy Policy, and applies solely to all visitors, users, and others who reside in the State of California (“Consumers” or “You”).  We adopt this Notice to comply with the California Consumer Privacy Act of 2018 (“CCPA”), as amended by the California Privacy Rights Act of 2023 (“CPRA”) and any capitalized terms not defined herein shall have the meanings ascribed to same in the CCPA and CPRA.

This Notice does not apply to workforce-related personal information collected from California-based employees, job applicants, contractors, or similar individuals.

Where noted in this Notice, the CCPA temporarily exempts personal information reflecting a written or verbal business-to-business communication (“B2B Personal Information”) from some its requirements.

The CCPA permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) We disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which We shared personal information in the immediately preceding calendar year.  If you are a California resident and would like to make such a request, please submit your request in writing to Us using the contact information provided below.

If you are under 18 years of age, reside in California, and have a registered account with our Website, you have the right to request removal of unwanted data that you publicly post on our Website.  To request removal of such data, please contact Us using the contact information provided below, and include the email address associated with your account and a statement that you reside in California.  We will make sure the data is not publicly displayed on our Website, but please be aware that the data may not be completely or comprehensively removed from all our systems (e.g., backups, etc.).

  1. Definition of “Resident”.

  1. The California Code of Regulations defines a “Resident” as:

  1. every individual who is in the State of California for other than a temporary or transitory purpose; and

  2. every individual who is domiciled in the State of California who is outside the State of California for a temporary or transitory purpose.

  1. All other individuals are defined as “Non-Residents.”

  2. If this definition of “Resident” applies to you, We must adhere to certain rights and obligations regarding your personal information.

  1. Sharing Personal Information.

  1. We may disclose your personal information to a third party for a business purpose.  When We disclose personal information for a business purpose, We require the recipient to both keep that personal information confidential and not use it for any purpose except for use in connection with performing the services on our behalf.  The CCPA prohibits third parties who obtain the personal information We hold from reselling it unless you have received explicit notice and an opportunity to opt-out of further sales.  We may disclose your personal information with our service providers pursuant to a written contract between Us and each service provider.  Each service provider is a for-profit entity that processes the information on our behalf.

  2. We may use your personal information for our own business purposes.  This is not considered to be “Selling” of your personal data.

  3. We may use or disclose the personal information We collect for one or more of our business purposes in this Privacy Policy or as otherwise set forth in the CCPA.  We will not collect additional categories of personal information or use the personal information We collected for materially different, unrelated, or incompatible purposes without providing you notice.

  4. The Corporation discloses the following categories of personal information for a business purpose:

  1. Identifiers.

  2. California Customer Records

  3. Personal Information Categories.

  4. Commercial information.

  5. Internet or other Electronic Network Activity Information (i.e., browsing history and information regarding a consumer’s interaction with our Website).

  6. Geolocation data.

  1. We disclose your personal information for a business purpose to the following categories of third parties:

  1. Our affiliates; 

  2. Service Recipients; and

  3. Third parties to whom you authorize Us to disclose your personal information in connection with the products or services We provide to you.

  1. CCPA Rights.  The CCPA provides consumers who are California residents with specific rights regarding their personal information.  This section describes your CCPA rights and explains how to exercise those rights:

  1. Access to Specific Information and Data Portability Rights.  You have the right to request that We disclose certain information to you about our collection and use of your personal information over the past twelve (12) months.  Once We receive and confirm your verifiable consumer request (see Exercising Access, Data Portability, and Deletion Rights), We will disclose to you:

  1. The categories of personal information We collected about you;

  2. The categories of sources for the personal information We collected about you;

  3. Our business or commercial purpose for collecting or selling that personal information;

  4. The categories of third parties with whom We share that personal information;

  5. The specific pieces of personal information We collected about you (also called a data portability request);

  6. If We sold or disclosed your personal information for a business purpose, two separate lists disclosing:

  1. Sales.  Identifying the personal information categories that each category of recipient purchased; and

  2. Disclosures for a business purpose.  Identifying the personal information categories that each category of recipient obtained.  We do not provide these access and data portability rights for B2B personal information.

  1. Deletion Request Rights.  You have the right to request that We delete any of your personal information that We collected from you and retained, subject to certain exceptions.  Once We receive and confirm your verifiable consumer request (see Exercising Access, Data Portability, and Deletion Rights), We will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.  We may deny your deletion request if retaining the information is necessary for Us or our service provider(s) to:

  1. Complete the transaction for which We collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you;

  2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;

  3. Debug products to identify and repair errors that impair existing intended functionality;

  4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;

  5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.);

  6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement if you previously provided informed consent;

  7. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;

  8. Comply with a legal obligation; and

  9. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

  1. Exercising Access, Data Portability, and Deletion Rights.

  1. To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to Us by either:

  1. Calling Us at – (929) 344-1412‬; or‬‬‬‬

  2. Emailing Us at privacy@pandorasway.com.

  1. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information.  You may also make a verifiable consumer request on behalf of your minor child.  You may only make a verifiable consumer request for access or data portability twice within a twelve (12) month period.

  2. The verifiable consumer request must:

  1. Provide sufficient information that allows Us to reasonably verify you are the person about whom We collected personal information or an authorized representative.

  2. Describe your request with sufficient detail that allows Us to properly understand, evaluate, and respond to it.  We cannot respond to your request or provide you with personal information if We cannot verify your identity or authority to make the request and confirm the personal information relates to you.  You do not need to create an account with Us to submit a request to know or delete.  However, We do consider requests made through your password protected account sufficiently verified when the request relates to personal information associated with that specific account.  We will only use personal information provided in the request to verify the requestor’s identity or authority to make it.  If, however, We cannot verify your identity from the information already maintained by us, We may request that you provide additional information for the purposes of verifying your identity, and for security or fraud-prevention purposes.  We will delete such additionally provided information as soon as We finish verifying you.  For instructions on exercising your sale opt-out or opt-in rights, see Section 4(e) below, entitled Personal Information Sales Opt-Out and Opt-In Rights.

  1. Response Timing and Format.  We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt.  If We require more time (up to ninety (90) days), We will inform you of the reason and extension period in writing.  If you have an account with us, We will deliver our written response to that account.  If you do not have an account with us, We will deliver our written response by mail or electronically, at your option.  Any disclosures We provide will only cover the twelve (12) month period preceding the verifiable consumer request’s receipt.  The response We provide will also explain the reasons We cannot comply with a request, if applicable.  For data portability requests, We will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.  We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded.  If We determine that the request warrants a fee, We will tell you why We made that decision and provide you with a cost estimate before completing your request.

  2. Personal Information Sales Opt-Out and Opt-In Rights.  If you are sixteen (16) years of age or older, you have the right to direct Us not to sell your personal information at any time (the “Right to Opt-Out”).  We do not sell the personal information of consumers We actually know are less than sixteen (16) years of age, unless We receive affirmative authorization (the “Right to Opt-In”) from either the consumer who is at least thirteen (13) but not yet sixteen (16) years of age, or the parent or guardian of a consumer less than thirteen (13) years of age.  Consumers who opt-in to personal information sales may opt-out of future sales at any time.  To exercise the right to opt-out, you (or your authorized representative) must submit a request to Us by emailing Us at privacy@pandorasway.com.  Once you make an opt-out request, We will wait at least twelve (12) months from the date of receipt of such request before asking you to reauthorize personal information sales.  We will only use personal information provided in an opt-out request to review and comply with the request.

  3. In accordance with applicable law, We are not obligated to provide or delete consumer information that is de-identified in response to a consumer request or to re-identify individual data to verify a consumer request.

  1. Right to Non-Discrimination for the Exercise of a Consumer’s Privacy Rights.

  1. We will not discriminate against you for exercising any of your CCPA rights.  Unless permitted by the CCPA, We will not:

  1. Deny you goods or services;

  2. Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;

  3. Provide you a different level or quality of goods or services;

  4. Suggest that you may receive a different price or rate for goods or services or a different level or quality of services.

  1. However, We may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels.  Any CCPA-permitted financial incentive We offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects.  Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time.

  1. CCPA Rights Request Metrics.  Metrics regarding the consumer rights requests We received from California residents from January 1, 2024 to December 31, 2024 appear in the following chart:

Request Type: Right to Know, Right to Delete, Right to Opt-Out

Received: 0

Granted (in whole or in part) : 0

Denied: 0

Median Days to Respond: 0

Requests to Know: 0

Unverifiable: 0

Not by a California resident: 0

Called for information exempt
from disclosure: 0

Denied on other grounds: 0

Requests to Delete: 0

Requests to Opt-Out
of Personal Information Sales: 0

  1. Other California Privacy Rights.  California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes.  To make such a request, please send an email to privacy@pandorasway.com.

  2. Changes to Our Privacy Notice.  We reserve the right to amend this Notice at our discretion and at any time.  When We make changes to this Notice, We will post the updated notice on our Website and update the notice’s effective date.  Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.

Questions? Please reach out!

Our Data Privacy officer can be reached at privacy@pandorasway.com and will answer any questions or requests that you may have.

At Pandora's Way, we believe in Privacy by Design. We do our very best to protect you and your family's privacy. We only collect what we need to provide you the best service. And we don't sell your data.

Last Updated: May 7, 2025

PANDORA’S WAY LTD. (the “Corporation”, “we” or “us”) respects your privacy and is committed to protecting it through our compliance with this website privacy policy (this “Privacy Policy”).

This Privacy Policy describes the types of information that We may collect from you or that you may provide when you visit the website: pandorasway.com (our “Website”) and our practices for collecting, using, maintaining, transmitting, protecting, and disclosing such information.

This Privacy Policy applies to information We collect:

  • in email, text, and other electronic messages between you and the Corporation or through links to our Website;

  • through mobile and desktop applications you download from our Website, which provide dedicated non-browser-based interaction between you and our Website;

  • through social media pages controlled by Us or that We interact with; and

  • when you interact with our advertising and applications on our Website or on third-party websites and services if those applications or advertising include links to this Privacy Policy; 

This Privacy Policy shall not apply to information collected by:

  • Us offline or through any other means including, without limitation, on any other website other than our Website operated by the Corporation or any third party; or

  • Any third party, including information collected by any third party through any application or content that may link to or be accessible from or on our Website.

PLEASE READ THIS PRIVACY POLICY CAREFULLY TO UNDERSTAND OUR POLICIES AND PRACTICES REGARDING YOUR INFORMATION AND HOW WE WILL TREAT IT. IF YOU DO NOT AGREE WITH OUR POLICIES AND PRACTICES, YOU DO NOT HAVE OUR PERMISSION TO USE OUR WEBSITE. BY ACCESSING OR USING OUR WEBSITE, YOU AGREE TO THIS PRIVACY POLICY. WE MAY UPDATE, REVISE OR MODIFY ALL OR A PORTION OF THIS PRIVACY POLICY FROM TIME TO TIME (SEE SECTION 3, ENTITLED CHANGES TO OUR PRIVACY POLICY). YOUR CONTINUED USE OF OUR WEBSITE AFTER WE MAKE SUCH UPDATES, REVISIONS OR MODIFICATIONS IS DEEMED TO BE ACCEPTANCE OF SUCH UPDATES, REVISIONS OR MODIFICATIONS; SO, IT IS IMPERATIVE THAT YOU CONSULT THIS PRIVACY POLICY PERIODICALLY FOR UPDATES.

  1. This Privacy Policy explains:

    1. Websites Covered by This Privacy Policy

    2. Changes to Our Privacy Policy

    3. Contact Information

    4. Types of Information We Collect

    5. How We Use Your Information and Who We May Share It With

    6. Third-Party Links & Content

    7. Security and Data Location

    8. WHAT ARE YOUR PRIVACY RIGHTS?

  2. Websites Covered by This Privacy Policy.

    1. Our Website may from time-to-time link to third-party websites for your convenience and to provide easy access to additional useful information.  Should you select such a link you will leave our Website.  We do not control those sites nor their privacy practices, which may differ from our practices and policies.  Any personal data you choose to provide to or that is collected by such third parties is not in any way covered by this Privacy Policy.  We recommend that you read over such website’s privacy policy before providing any Personal Information.  A link to another website from Us does not constitute an endorsement or representation about the value, quality, or usefulness of anything found on that third-party website.

    2. Social Media Pages” are the official social media pages We operate on Facebook, X (formerly known as Twitter), Instagram, LinkedIn, Youtube, TikTok and other social media platforms. The term “Platform” means, collectively, our Website and Social Media Pages. 

    3. PLEASE BE AWARE THAT IF YOU ELECT TO HAVE US SHARE YOUR INFORMATION WITH THIRD PARTIES, THOSE ELECTIONS TO HAVE YOUR INFORMATION SHARED WILL SUPERSEDE ANYTHING TO THE CONTRARY IN THIS PRIVACY POLICY.

  3. Changes to Our Privacy Policy.

    1. We reserve the right to amend this Privacy Policy at our discretion and at any time.  It is our policy to post any changes We make to this Privacy Policy with a notice that this Privacy Policy has been updated on our Website home page.  If We make material changes to how We treat our users’ Personal Information, We will notify you by email to the primary email address specified in your account and/or through a notice on our Website home page.  The date this Privacy Policy was last revised is identified at the top of the page.  You are responsible for ensuring We have an active, up-to-date, and deliverable email address for you, and for periodically visiting our Website and this Privacy Policy to check for any changes.  Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.

    2. PLEASE NOTE THAT FOR CALIFORNIA RESIDENTS THE CALIFORNIA CONSUMER PRIVACY ACT (“CCPA”) AS REVISED BY THE CALIFORNIA PRIVACY RIGHTS ACT (“CPRA”) WILL GOVERN OUR USE AND YOUR RIGHTS WITH REGARD TO YOUR PERSONAL INFORMATION.

  4. Contact Information.  You have the right to request information with respect to the types of Personal Information We share with third parties and the identities of the third parties with whom We have shared such information during the immediately preceding calendar year. To obtain this information, please submit a request via email to privacy@pandorasway.com.;  Please allow up to thirty (30) days for a response.

  5. Types of Information We Collect.

    1. When you access our Website, We collect several types of information from and about users of our Website, depending on the context of your interactions with Us and our Website (“Personal Information”), including information:

      1. by which you may be personally identified, such as: name, e-mail address, telephone number, gender, ZIP code/postal code, or other additional information supplied by you, by which you may be contacted online or offline 

      2. necessary to process your payment if you make purchases, including payment details such as your payment instrument number (i.e., a credit card number), and the security code associated with your payment instrument, collected in connection with an order, a return, a promotion, contest, or fundraising event.  All payment data is stored after tokenizing your account, or collected in connection with your shopping history with Us, including the items you purchase);

      3. If you email, text, or chat with Us, We may keep records of those conversations.

    2. We collect this information:

      1. directly from you when you provide it to Us;

      2. automatically as you navigate through the site, or use our services.  Information collected automatically may include usage details, IP addresses, and information collected through cookies.

  6. Information You Provide to Us.

    1. The information We collect on or through our Website may include, but is not limited to:

      1. information that you provide by filling in forms on our Website.  This includes information provided at the time of registering to use our Website, and services requested; and

      2. records and copies of your correspondence (including email addresses and related contact information) if you contact Us;

    2. We may take your Personal Information and de-identify it so as to make it non-personally identifiable, either by combining it with information about other individuals and/or by hashing the information or otherwise removing characteristics that make the information personally identifiable directly to you.  We will treat de-identified information as non-personal to the fullest extent allowed by applicable law.

  7. Community Forums and User Submission. 

    1. Through our communication functionality and interactive features (“Community Forums”), you may have the opportunity to submit information to us.  Any and all information and content that you submit or post to the Community Forums, including, without limitation, photos, audio, video, messages, text, files, reviews, or other content you provide us and as further described in our Terms of Use shall be classified as User Submissions (“User Submissions”).  Your User Submissions may be subject to additional terms as provided in our Terms of Use, located at [LINK] which We ask that you review as your use of and submission of information to Us is deemed as an acceptance of our Terms of Use. Additionally, some features, such as user review, may be operated by a third party and your postings also may be subject to the third party’s privacy policy and terms of use. 

    2. Please note that certain information, such as your name and/or place of residence, may be publicly displayed on our Website along with your User Submissions.  Your use of any Community Forum is subject to our Terms of Use, including without limitation the “User Submissions” section.  Note that anything you submit through a public-facing Community Forum may be made public – others will have access to your User Submission and may use it or share it with third parties.  We are not responsible for the actions of third parties, and the use of your information and other User Submissions by such third parties is not subject to the protections of this Privacy Policy.

    3. Social Networking Features. Functionality on the Website may permit interactions between the Website and a third-party service such as Facebook or Instagram (“Social Networking Features”).  Examples of Social Networking Features include enabling you to “Like” or “Share” content from the Website or to “Like” or “Share” our page on a third-party service; to automatically or selectively show your social media posts on the Website; and to otherwise connect the Website to a third-party service.  If you choose to share content or to otherwise post information through our Website to a third-party service, or vice versa, that information may be publicly displayed.  Similarly, if you post information on a third-party service that references us (for example, by using a hashtag associated with us in your post), your post may be published on the Website or otherwise in accordance with the terms of that third party.  Also, both We and the third party may have access to certain information about you and your use of the Website and the third-party service.  These third-party social networking companies may collect information about your visit to a Platform through the Social Networking Features we have integrated into the Platform, and - if you are signed into your account with such a third-party social networking company – it may collect additional information in accordance with the terms of your agreement with that company.  In addition, we may receive information about you if other users of a third-party service give us access to their profiles and you are one of their “Connections” or information about you is otherwise accessible through your profile or similar page on a social networking or other third-party service.  The information we collect in connection with Social Networking Features is subject to this Privacy Policy.  The information collected and stored by the third party remains subject to the third party’s privacy practices, including whether the third party continues to share information with Us, the types of information shared, and your choices with regard to what is visible to others on that third-party service.

    4. We may make available on the Platforms a “Send-to-a-Friend,” “Refer a Friend,” “Wish List” or similar function that permits you to send Platform content directly to a third party through the Platforms.  If you send a friend a communication using such functionality, the information you provide about your friend (e.g., name and e-mail address) is used to facilitate the communication and is not used for any other marketing purpose unless We obtain consent from that person.  If you disclose any personal information relating to other people, you represent that you have the authority to do so and to permit Us to use the information in accordance with this Privacy Policy.

    5. All personal information that you provide to Us must be true, complete, and accurate, and you must notify Us of any changes to such personal information.

    6. Employment Applications. If you apply for a job through the Website, We or our service provider(s) may ask you to provide self-identifying information (such as veteran status, gender, and ethnicity) in conjunction with laws and regulations enforced by, as applicable, the Equal Employment Opportunity Commission and other federal, state, provincial/territorial, and local regulatory agencies.  Providing such self-identifying information is voluntary, but if you do provide such information, We and/or our service provider may submit that information to the appropriate government or regulatory agencies to fulfill reporting requirements and use that information to defend against employment-related complaints.

  8. Information We Collect Through Automatic Data Collection Technologies.

    1. As you navigate through and interact with our Website, We may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:

      1. details of your visits to our Website, including traffic data, location data, logs, and other communication data, and the resources that you access and use on our Website; and

      2. information about your device and internet connection, including your IP address, operating system, and browser type.

    2. The information We collect automatically is only statistical data and does not include Personal Information, but We may maintain it or associate it with the Personal Information that We collect in other ways or receive from third parties.  It helps Us to improve our Website and to deliver a better and more personalized service, including by enabling Us to:

      1. estimate our audience size and usage patterns; and

      2. to protect our Services.  We may use your information as part of our efforts to keep our Website safe and secure (e.g., for fraud monitoring and prevention).

    3. The technologies We use for this automatic data collection may include:

      1. Cookies (or browser cookies).  A cookie is a small file placed on the hard drive of your computer.  You may refuse to accept browser cookies by activating the appropriate setting on your browser.  However, if you select this setting, you may be unable to access certain parts of our Website.  Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website.  These technologies are able to store a unique identifier for a device to allow a certain internet site to recognize the device whenever the device is used to visit the site.  These technologies may be used for many purposes by Us and our third-party service providers, such as automatically collecting usage information, enabling features, remembering your preferences, and providing you with targeted advertising elsewhere online.  If you do not want to accept cookies, you can block them by adjusting the settings on your internet browser.  You can find more information about cookies and how they work at www.allaboutcookies.org.

      2. Web Beacons.  Pages of our Website may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Corporation, for example, to count users who have visited those pages and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

      3. Web Browsers.  Certain browsers, or browser add-ons, may provide additional local data storage mechanisms that are used in a manner similar to cookies, and some of the content included on our Website may make use of this local storage.

      4. Embedded Scripts.  An embedded script is programming code that is designed to collect information about your interactions with our Website, such as the links you click on.  The code is temporarily downloaded onto your device from our server or a third-party service provider, is active only while you are connected and is deactivated or deleted thereafter.

We do not collect Personal Information automatically, but We may tie this Personal Information to personal information about you that We collect from other sources, or you provide to us.

  1. Third-Party Use of Cookies and Other Tracking Technologies.

    1. Some content or applications on our Website are served by third parties, including, without limitation, advertisers, advertising networks and servers, content providers, and application providers (each, a “Third-Party Data Collector”).  The Third-Party Data Collector may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our Website.  The information a Third-Party Data Collector collects may be associated with your personal information, or your online activities over time, across external websites and other online services.  A Third-Party Data Collector may use this information to provide you with interest-based (behavioral) advertising or other targeted content.

    2. We do not control the tracking technologies of any Third-Party Data Collector nor how information collected by any Third-Party Data Collector may be used.  If you have any questions about an advertisement or other targeted content, you should contact the relevant Third-Party Data Collector directly.

    3. We also contract with third party advertising, analytics companies or other service providers to perform certain services on our behalf, such as online ads on other websites, hosting the Platforms or Platform features, delivering packages, processing credit card payments, processing transactions and fulfilling orders, removing repetitive information from customer lists, providing customer service, providing website usage analytics, providing search results and links (including paid listings and links), providing targeted advertising, sending email, direct mail or other communications, providing marketing assistance and data analysis or enhancement, or performing other administrative services.  These companies use cookies or similar technologies to collect information about your interactions with our Platforms and interactions with other websites.  These advertising companies may use and share the information gathered to deliver ads more tailored to your interests.  We receive aggregate information from these third parties to understand our advertising effectiveness.  Any information collected by Us or by third parties through the use of cookies or similar technologies may be linked with other information We collect about you.  We may give these service providers access to your information (or allow them to collect information from or about you) so that they can carry out the services they are performing for you or for the Corporation.  These third parties share information they have collected with Us.  Your information may also be collected and processed by third parties, such as the payment providers you select, who will process your information independently in accordance with their own privacy notices.  Your information may also be shared with Us by others, such as your friends and family, when they use a service on our Platforms; for example, by sending you an E-Gift Card or shipping an order to your address.  If someone else has provided Us with your information, We will only process your information for the applicable purpose(s) as described below in this Policy.

  1. Do We Collect Information From Minors?  Our Platforms are general audience points of contact and are not directed at children under the age of thirteen (13). Further, We do not knowingly solicit data from nor market to children under eighteen (18) years of age.  By using our Website, you represent that you are at least eighteen (18) years of age or that you are the parent or guardian of such a minor and have consented to such child’s direct use of our Website.

  2. What Categories of Personal Information Do We Collect?

    1. We have collected the following categories of personal information in the past twelve (12) months:

      1. Identifiers.  Contact details, such as real name, alias, postal address, telephone or mobile contact number, unique personal identifier, online identifier, device identifier, date of birth (or partial DOB such as birth day and month), Internet Protocol (IP) address, email address and account name; or other similar identifiers.

      2. Personal information.  This may include, your name, signature, contact information, address, or telephone number.

      3. Financial Information.  This may include credit card number, debit card number, and other financial information.

      4. Protected Classification Characteristics Under Federal Law.  The classification characteristics include: age, ethnicity or national origin, religion or creed, marital status, physical or mental disability, sex (including gender, gender identity, or gender expression), pregnancy or childbirth.

      5. Internet or Other Similar Network Activities.  This includes browsing history, search history, online behavior, interest data, and interactions with our and other websites, applications, systems, and advertisements.  This category includes: the hardware model, browser, and operating system you are using; the URL or advertisement that referred you to the Platform you are visiting; all of the areas within the Platforms that you visit; devices you have used to access the Platforms; login information (such as your last login); your time zone; location information based off your IP address; and mobile network (if applicable).

      6. Inferences Drawn From Other Personal Information.  Inferences drawn from any of the collected personal information listed above to create a profile or summary about, for example, an individual’s preferences and characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitude.

    2. Personal Information does not include: Publicly available information from government records, deidentified or aggregated consumer information.

    3. We may also collect other personal information outside of the specified categories in instances where you interact with Us in-person, online, or by phone or mail in the context of:

      1. Receiving help through our customer support Platforms; and

      2. Facilitation in the delivery of our services and to respond to your inquiries.

  3. How We Use Your Information.

    1. General Use.

      1. The information We collect about you or that you provide to Us, including any Personal Information, is used to comprehensively understand your needs and interests, and permit Us to deliver a more consistent and personalized experience.  For example, We may use your information:

        1. To present our Website and its contents to you;

        2. To provide you with information or services that you request from us;

        3. To carry out our obligations and enforce our rights arising from any contracts entered into between you and Us, including for billing and collection;

        4. To notify you about changes to our Website or any services We offer or provide though it;

        5. To allow you to participate in interactive features on our Website;

        6. To provide personalized promotional offers and select content to be communicated to you; 

        7. To detect, prevent and remediate fraud or other potentially prohibited or illegal activities; and/or

        8. For any other purposes with your consent.

      2. We may also use your information to contact you about our own and third-parties’ goods and services that may be of interest to you.  If you do not want Us to use your information in this way, please adjust your user preferences in your account profile.  

    2. We may use the information We collect for the following business purposes:

      1. Understanding You.  Analyzing your activity with Us (including your interactions with our websites, emails or other forms of communication) and monitoring the effectiveness of our communications.

      2. Communications.  Communicating with you, including responding to your requests and asking for feedback.

      3. Your Experience.  Serving content on our Website, developing our services, better understanding your needs and preferences, and constantly improving your experience.

    3. Credit Cards/Electronic Payments.  Credit card and electronic payment information is used solely for payment processing and fraud prevention efforts.  Credit card information, and other sensitive personal information required to process a credit decision, is not used for any other purposes by Us or our financial services providers, and will not be retained any longer than necessary to provide your services.

  4. With Whom We Share Your Data and How It is Used.

    1. Consent.  We may process your data if you have given Us specific consent to use your Personal Information for a specific purpose.

    2. Legitimate Interests.  We may process your data when it is reasonably necessary to achieve our legitimate business interests.

    3. Performance of a Contract.  Where We have entered into a contract with you, We may process your Personal Information to fulfill the terms of our contract.

    4. Legal Obligations.  We may disclose your information where We are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).

    5. Vital Interests.  We may disclose your information where We believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which We are involved.

    6. More specifically, We may need to process your data or share your Personal Information in the following situations:

      1. Business Transfers.  We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

      2. Marketing Providers.  We partner with third parties to assist with the advertising and marketing of our business.  We may share with them the types of information described in Section 11, entitled How We Use Your Information.  We may also receive information collected by these third parties and combine it with the information We have collected.

      3. Other Third Parties.  We will disclose information about you, including to government bodies or law enforcement agencies, when We believe it to be necessary for compliance with the law or to protect the users of our Website.

  5. Third-Party Links & Content.

    1. The Website may link to or incorporate websites, advertising or content hosted and served by third parties over which We have no control, and which are governed by the privacy policies and business practices of those third parties.  We are not responsible for the privacy practices or business practices of any third party.

    2. We may work with network advertisers, ad agencies, analytics service providers, and other vendors to serve our advertisements on our Website and third-party websites, apps, and elsewhere online and to provide Us with information regarding use of and traffic on our Website (including without limitation the pages viewed and the actions users take when visiting our Website) and the effectiveness of our advertisements.  For example, if you click on a specific advertisement for a specific third party, our service provider(s) may be able to tell Us the advertisement you clicked on and where you were viewing the advertisement.  The advertisements you see may be served by Us or one or more third parties, who may use information about your activities on our Website, and other websites and services you visit across the various devices you use, to provide you targeted content and advertising.  Our service providers may collect certain information about your visits to and activity on our Website and other websites and services and may use this information to target advertising to you.

    3. Third parties may set and access their own tracking technologies on your device (including without limitation cookies and web beacons) and may otherwise collect or have access to information about you (such as usage information and device identifier).  Some of these parties may collect personal information over time when you visit our Website or other online websites and services.  Cookies and web beacons, including without limitation those set by third-party network advertisers, may be used to (among other things): target advertisements, prevent you from seeing the same advertisements too many times, and conduct research regarding the usefulness of certain advertisements to you.  We may share certain information such as device identifiers, usage information, hashed information, records of transactions you conduct on our Platforms or offline, and other types of de-identified information with third-party advertising companies, analytics providers, and other vendors for advertising and analytics purposes.  In addition, We and our third-party service providers may use this information to perform matching with third-party cookies in order to provide targeted online marketing.

    4. We use Google Analytics and Posthog, which use cookies and similar technologies to collect and analyze information about use of the Platforms and report on activities and trends.  This service may also collect information regarding the use of other websites, apps, and online resources.  You can learn about Google’s practices by going to google.com/policies/privacy/partners, and opt out of them by downloading the Google Analytics opt-out browser add-on, available at tools.google.com/dlpage/gaoptout.  You can learn about Posthog’s practices by going to https://posthog.com/privacy.

  6. Security and Data Location.

    1. Security Measures.

      1. We have implemented appropriate technical and organizational security measures designed to protect and secure your Personal Information from accidental loss and from unauthorized access, use, alteration, and disclosure.  All information you provide to Us is stored on our secure servers behind firewalls.  Any payment will be encrypted using SSL technology.

      2. However, despite our safeguards and efforts to secure your information, no electronic transmission over the internet or information storage technology can be guaranteed to be one hundred percent (100%) secure.  Although We do our best to protect your Personal Information, We cannot guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security, and improperly collect, access, steal, or modify your information transmitted to our Website.  Although We will do our best to protect your personal information, any transmission of Personal Information is at your own risk.  We are not responsible for circumvention of any privacy settings or security measures contained on our Website.  You should only access our Website within a secure environment.

    2. Cookies.  To facilitate and customize your experience with our Website, We may store cookies on your computer.  A cookie is a small text file that is stored on a user’s computer for record-keeping purposes which contains information about that user.  We use cookies to save you time while using our Website, remind Us who you are, and track and target user interests in order to provide a customized experience.  Cookies also allow Us to collect information from you, like which pages you visited and what links you clicked on.  Use of this information helps Us to create a more user-friendly experience for all visitors.  In addition, We may use third party advertising companies to display advertisements on our services.  As part of their service, they may place separate cookies on your computer.  We also contract with third party advertising or analytics companies to serve you online ads on other websites.  These companies use cookies or similar technologies to collect information about your interactions with our Platforms and interactions with other websites.  These advertising companies may use and share the information gathered to deliver ads more tailored to your interests.  We receive aggregate information from these third parties to understand our advertising effectiveness.  Any information collected by Us or by third parties through the use of cookies or similar technologies may be linked with other information We collect about you.  We have no access to or control over these cookies.  This Privacy Policy covers the use of cookies by our Website only and does not cover the use of cookies by any advertiser or other third party.  Most browsers automatically accept cookies by default, but, if you prefer, you may be able to modify your browser settings to remove cookies and to reject cookies.  Users may choose to set their web browser to refuse cookies, or to alert you when cookies are being sent.  If you choose to remove cookies or reject cookies, this could affect certain features or services of our Website.  To opt-out of interest-based advertising by advertisers on our Website visit http://www.aboutads.info/choices/.

    3. Analytics.  Visitors to this Website who have JavaScript enabled are tracked using Google Analytics and Posthog.  Google Analytics and/or Posthog may collect some or all of the following types of information from you: type of user agent (web browser) used, software manufacture and version number; type of operating system; color processing ability of your screen; JavaScript support; Flash version; screen resolution; network location; IP address; country, city, state, region, county, or any other geographic data; hostname; bandwidth (internet connection speed); time of visit; pages visited; time spent on each page of our Website; referring site statistics; the website URL you came through in order to arrive at our Website; or search engine query used to find our Website.  This data is primarily used to optimize our Website for our visitors and for internal marketing purposes.

    4. Other Tracking Devices.  We may use other industry standard technologies like pixel tags and web beacons to track your use of our Website pages and promotions, or We may allow our third-party service providers to use these devices on our behalf.  Pixel tags and web beacons are tiny graphic images placed on certain pages on our Website, or in our emails that allow Us to determine whether you have performed a specific action.  When you access these pages or open or click an email, pixel tags, and web beacons generate a notice of that action.  Pixel tags allow Us to measure and improve our understanding of visitor traffic and behavior on our Website, as well as give Us a way to measure our promotions and performance.  We may also utilize pixel tags and web beacons provided by our affiliates and/or partners for the same purposes.

    5. Timing.

      1. We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements).  No purpose in this notice will require Us keeping your personal information for longer than six (6) months past the termination of the user’s account.

      2. When We have no ongoing legitimate business need to process your personal information, We will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then We will securely store your personal information and isolate it from any further processing until deletion is possible.

  7. Additional US State Privacy Rights. 

    1. Some states in the US have passed state-specific privacy laws. This section supplements this Privacy Policy by explaining your privacy rights if you are a resident in one of these states, provides certain mandated disclosures about our treatment of Personal Information, and includes:

      1. Colorado, Connecticut, Utah and Virginia specific disclosures and rights;

      2. California specific disclosures and rights; 

      3. Opt-outs for sale or sharing of personal information; and

      4. Metrics on consumers exercising their rights

    2. Colorado, Connecticut, Utah and Virginia

      1. If you are a resident of Colorado, Connecticut, Utah, or Virginia, We have certain obligations, and you have certain rights with respect to your personal information, including:

        1. Right to confirm whether the controller is processing the consumer’s personal information and the right to access such information;

        2. Right to correct inaccuracies in personal information;

        3. Right to delete personal information;

        4. Right of data portability;

        5. Right to opt out from targeted advertising; and

        6. Right to opt out from the sale of personal information.

      2. In certain states, you also have the right to opt out from profiling in furtherance of decisions that produce legal or similarly significant effects on the consumer (such as Virginia, Colorado, and Connecticut) and appeal a decision regarding a request to exercise your rights.

      3. If you wish to exercise one or more of these rights, please review Section 17. If you would like to opt out of targeted advertising or the selling or sharing of personal information, please see the instructions below.

    3. California

      1. The California Consumer Privacy Act of 2018 (“CCPA”), as amended by the California Privacy Rights Act of 2021 (“CPRA”) requires Us to provide California consumers with some additional information related to how We collect, use, retain, and disclose personal information as well as describe additional rights.  If you are a resident of the State of California, please see our California Privacy Rights Notice annexed hereto as Exhibit A, regarding additional rights you have, including how to exercise your rights.

  8. What Are Your Other Privacy Rights If Located Outside the United States?

    1. If you are using our U.S.-based Platforms while located outside the United States, this Privacy Policy may apply to you.  Any information We collect from you could be stored on servers and shared with third parties located in the United States or other countries.  The rules and laws that apply to the collection and use of personal data in the United States or other countries may differ from those in your country.

    2. If you believe We are unlawfully processing your personal information, you have the right to complain to your local data protection supervisory authority.

    3. If you have questions or comments about your privacy rights, you may email Us at privacy@pandorasway.com.

  9. Your Privacy Choices.

    1. You can control the information We collect and use in the following ways:

      1. Location Information.  You can disable location-based services on your mobile device or web browser by adjusting the settings on your device or browser.  This will prevent our Website from accessing your location information.

      2. Emails.  You can unsubscribe from our marketing email list at any time by clicking on the unsubscribe link in the emails that We send or by contacting Us using the details provided below.  You will then be removed from the marketing email list — however, We may still communicate with you, for example to send you service-related emails that are necessary for the administration and use of your account, to respond to service requests, or for other non-marketing purposes.  To otherwise opt-out, you may contact Us using the contact information provided.

      3. Online Advertising.  For information about opting out of third party advertising, visit: NAI Opt-Out (http://www.aboutads.info/choices/) and DAA Opt-Out (http://optout.networkadvertising.org/?c=1) (you will leave this Website for a separately managed online site where you can specify your preference under those programs).  You can also click on the icon that may appear on some of our advertising served through these technologies.  We may use more than one third party company for placing this advertising, which would require you to opt out of each company.

    2. Controls For Do-Not-Track Features.  Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected.  The Company does not track your online browsing activity on other online services over time and we do not permit third-party services to track your activity on our site. Because we do not share this kind of data with third party services or permit this kind of third party data collection for any of our users, and we do not track our users on third-party websites ourselves, we do not need to respond differently to an individual browser's Do Not Track setting.

    3. Based on the applicable laws of your country, you may have the right to request access to the personal information We collect from you, change that information, or delete it in some circumstances.  To request to review, update, or delete your personal information, please email Us at privacy@pandorasway.com.

    4. If you are a resident of the State of California, you can learn more about your privacy rights below in our California Privacy Rights Notice annexed hereto as Exhibit A.

EXHIBIT A

CALIFORNIA PRIVACY RIGHTS NOTICE

Additional Notice for California Residents

This Privacy Notice (this “Notice”) for California Residents supplements the information contained in the Privacy Policy, and applies solely to all visitors, users, and others who reside in the State of California (“Consumers” or “You”).  We adopt this Notice to comply with the California Consumer Privacy Act of 2018 (“CCPA”), as amended by the California Privacy Rights Act of 2023 (“CPRA”) and any capitalized terms not defined herein shall have the meanings ascribed to same in the CCPA and CPRA.

This Notice does not apply to workforce-related personal information collected from California-based employees, job applicants, contractors, or similar individuals.

Where noted in this Notice, the CCPA temporarily exempts personal information reflecting a written or verbal business-to-business communication (“B2B Personal Information”) from some its requirements.

The CCPA permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) We disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which We shared personal information in the immediately preceding calendar year.  If you are a California resident and would like to make such a request, please submit your request in writing to Us using the contact information provided below.

If you are under 18 years of age, reside in California, and have a registered account with our Website, you have the right to request removal of unwanted data that you publicly post on our Website.  To request removal of such data, please contact Us using the contact information provided below, and include the email address associated with your account and a statement that you reside in California.  We will make sure the data is not publicly displayed on our Website, but please be aware that the data may not be completely or comprehensively removed from all our systems (e.g., backups, etc.).

  1. Definition of “Resident”.

  1. The California Code of Regulations defines a “Resident” as:

  1. every individual who is in the State of California for other than a temporary or transitory purpose; and

  2. every individual who is domiciled in the State of California who is outside the State of California for a temporary or transitory purpose.

  1. All other individuals are defined as “Non-Residents.”

  2. If this definition of “Resident” applies to you, We must adhere to certain rights and obligations regarding your personal information.

  1. Sharing Personal Information.

  1. We may disclose your personal information to a third party for a business purpose.  When We disclose personal information for a business purpose, We require the recipient to both keep that personal information confidential and not use it for any purpose except for use in connection with performing the services on our behalf.  The CCPA prohibits third parties who obtain the personal information We hold from reselling it unless you have received explicit notice and an opportunity to opt-out of further sales.  We may disclose your personal information with our service providers pursuant to a written contract between Us and each service provider.  Each service provider is a for-profit entity that processes the information on our behalf.

  2. We may use your personal information for our own business purposes.  This is not considered to be “Selling” of your personal data.

  3. We may use or disclose the personal information We collect for one or more of our business purposes in this Privacy Policy or as otherwise set forth in the CCPA.  We will not collect additional categories of personal information or use the personal information We collected for materially different, unrelated, or incompatible purposes without providing you notice.

  4. The Corporation discloses the following categories of personal information for a business purpose:

  1. Identifiers.

  2. California Customer Records

  3. Personal Information Categories.

  4. Commercial information.

  5. Internet or other Electronic Network Activity Information (i.e., browsing history and information regarding a consumer’s interaction with our Website).

  6. Geolocation data.

  1. We disclose your personal information for a business purpose to the following categories of third parties:

  1. Our affiliates; 

  2. Service Recipients; and

  3. Third parties to whom you authorize Us to disclose your personal information in connection with the products or services We provide to you.

  1. CCPA Rights.  The CCPA provides consumers who are California residents with specific rights regarding their personal information.  This section describes your CCPA rights and explains how to exercise those rights:

  1. Access to Specific Information and Data Portability Rights.  You have the right to request that We disclose certain information to you about our collection and use of your personal information over the past twelve (12) months.  Once We receive and confirm your verifiable consumer request (see Exercising Access, Data Portability, and Deletion Rights), We will disclose to you:

  1. The categories of personal information We collected about you;

  2. The categories of sources for the personal information We collected about you;

  3. Our business or commercial purpose for collecting or selling that personal information;

  4. The categories of third parties with whom We share that personal information;

  5. The specific pieces of personal information We collected about you (also called a data portability request);

  6. If We sold or disclosed your personal information for a business purpose, two separate lists disclosing:

  1. Sales.  Identifying the personal information categories that each category of recipient purchased; and

  2. Disclosures for a business purpose.  Identifying the personal information categories that each category of recipient obtained.  We do not provide these access and data portability rights for B2B personal information.

  1. Deletion Request Rights.  You have the right to request that We delete any of your personal information that We collected from you and retained, subject to certain exceptions.  Once We receive and confirm your verifiable consumer request (see Exercising Access, Data Portability, and Deletion Rights), We will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.  We may deny your deletion request if retaining the information is necessary for Us or our service provider(s) to:

  1. Complete the transaction for which We collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you;

  2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;

  3. Debug products to identify and repair errors that impair existing intended functionality;

  4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;

  5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.);

  6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement if you previously provided informed consent;

  7. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;

  8. Comply with a legal obligation; and

  9. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

  1. Exercising Access, Data Portability, and Deletion Rights.

  1. To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to Us by either:

  1. Calling Us at – (929) 344-1412‬; or‬‬‬‬

  2. Emailing Us at privacy@pandorasway.com.

  1. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information.  You may also make a verifiable consumer request on behalf of your minor child.  You may only make a verifiable consumer request for access or data portability twice within a twelve (12) month period.

  2. The verifiable consumer request must:

  1. Provide sufficient information that allows Us to reasonably verify you are the person about whom We collected personal information or an authorized representative.

  2. Describe your request with sufficient detail that allows Us to properly understand, evaluate, and respond to it.  We cannot respond to your request or provide you with personal information if We cannot verify your identity or authority to make the request and confirm the personal information relates to you.  You do not need to create an account with Us to submit a request to know or delete.  However, We do consider requests made through your password protected account sufficiently verified when the request relates to personal information associated with that specific account.  We will only use personal information provided in the request to verify the requestor’s identity or authority to make it.  If, however, We cannot verify your identity from the information already maintained by us, We may request that you provide additional information for the purposes of verifying your identity, and for security or fraud-prevention purposes.  We will delete such additionally provided information as soon as We finish verifying you.  For instructions on exercising your sale opt-out or opt-in rights, see Section 4(e) below, entitled Personal Information Sales Opt-Out and Opt-In Rights.

  1. Response Timing and Format.  We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt.  If We require more time (up to ninety (90) days), We will inform you of the reason and extension period in writing.  If you have an account with us, We will deliver our written response to that account.  If you do not have an account with us, We will deliver our written response by mail or electronically, at your option.  Any disclosures We provide will only cover the twelve (12) month period preceding the verifiable consumer request’s receipt.  The response We provide will also explain the reasons We cannot comply with a request, if applicable.  For data portability requests, We will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.  We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded.  If We determine that the request warrants a fee, We will tell you why We made that decision and provide you with a cost estimate before completing your request.

  2. Personal Information Sales Opt-Out and Opt-In Rights.  If you are sixteen (16) years of age or older, you have the right to direct Us not to sell your personal information at any time (the “Right to Opt-Out”).  We do not sell the personal information of consumers We actually know are less than sixteen (16) years of age, unless We receive affirmative authorization (the “Right to Opt-In”) from either the consumer who is at least thirteen (13) but not yet sixteen (16) years of age, or the parent or guardian of a consumer less than thirteen (13) years of age.  Consumers who opt-in to personal information sales may opt-out of future sales at any time.  To exercise the right to opt-out, you (or your authorized representative) must submit a request to Us by emailing Us at privacy@pandorasway.com.  Once you make an opt-out request, We will wait at least twelve (12) months from the date of receipt of such request before asking you to reauthorize personal information sales.  We will only use personal information provided in an opt-out request to review and comply with the request.

  3. In accordance with applicable law, We are not obligated to provide or delete consumer information that is de-identified in response to a consumer request or to re-identify individual data to verify a consumer request.

  1. Right to Non-Discrimination for the Exercise of a Consumer’s Privacy Rights.

  1. We will not discriminate against you for exercising any of your CCPA rights.  Unless permitted by the CCPA, We will not:

  1. Deny you goods or services;

  2. Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;

  3. Provide you a different level or quality of goods or services;

  4. Suggest that you may receive a different price or rate for goods or services or a different level or quality of services.

  1. However, We may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels.  Any CCPA-permitted financial incentive We offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects.  Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time.

  1. CCPA Rights Request Metrics.  Metrics regarding the consumer rights requests We received from California residents from January 1, 2024 to December 31, 2024 appear in the following chart:

Request Type: Right to Know, Right to Delete, Right to Opt-Out

Received: 0

Granted (in whole or in part) : 0

Denied: 0

Median Days to Respond: 0

Requests to Know: 0

Unverifiable: 0

Not by a California resident: 0

Called for information exempt
from disclosure: 0

Denied on other grounds: 0

Requests to Delete: 0

Requests to Opt-Out
of Personal Information Sales: 0

  1. Other California Privacy Rights.  California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes.  To make such a request, please send an email to privacy@pandorasway.com.

  2. Changes to Our Privacy Notice.  We reserve the right to amend this Notice at our discretion and at any time.  When We make changes to this Notice, We will post the updated notice on our Website and update the notice’s effective date.  Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.

Questions? Please reach out!

Our Data Privacy officer can be reached at privacy@pandorasway.com and will answer any questions or requests that you may have.