Privacy Policy

Last updated: December 15, 2020

GDPR Data Protection Officer: Ryan Cwynar
Email: [email protected]

ParOne, Inc. (“ParOne”) operates ParOne.com. ParOne respects your privacy regarding any information we may collect while operating our websites.

GPDR Notice

IMPORTANT NOTE TO RESIDENTS OF THE EUROPEAN UNION AND THE UNITED KINGDOM: This privacy policy contains important information about your rights under the General Data Protection Regulation of the European Union and the equivalent laws of the United Kingdom (the “GDPR”). Please see our GDPR Notice below for more information about these rights. This PRIVACY POLICY (this “Policy”) describes the kinds of information that Par One, Inc., a Delaware corporation doing business as Par One, or ParOne or ParOne, Inc, together with all of its employees, contractors and subcontractors, affiliated parties such as parents, subsidiaries, officers, directors, executives, and shareholders, and other related parties (“we;” “us;” “our;” the “Company;”) collects about our users (“you”).

You are a Data Subject as to information that you receive from any person and transmit via the Website as further defined below, and a Data Subject as to your own information that you transmit via any of our digital properties, including our social media channels, of any kind whatsoever and as further defined below, within the meaning of the GDPR. By using the Website, any of its related or affiliated domains, webpages, or sub-domains, or any other website that we own or operate, together with any native features thereof including our chat functions and other inter-user communication tools (or communication tools between you and the Company), or document upload/download functions, and all other such functionality whether native to your browser or via an app, including video content that you purchase or stream from us (collectively, the “Website”), you agree to this Policy. Your acceptance of each term and condition of this Policy is deemed a continuing acceptance, meaning that each time you access the Website, you accept the then-current version of this Privacy Policy, which was last updated December 4, 2020.

The purpose of this policy is to explain how we ensure your privacy, what steps we take to prevent and mitigate the compromise of private information, what kinds of information we collect from you, what we do with that information, and how you may exercise certain of your rights under applicable data privacy laws related to that information. This policy identifies our data protection officer, and provides you with the information that you may need to contact our data protection officer.

All terms of this Policy and our Terms of Use apply whether you log in via a browser or through an app native to a mobile device or any other device. When using a native login, you sign up and enter login credentials directly into your browser. This Policy, and our Terms of Use, make no distinctions between browser-based (whether desktop or mobile browsers) and app-based logins except where expressly stated herein. Browser-based logins may be further subject to the terms of service (however styled) of your chosen browser. When using a browser-based login, your browser is a third-party within the meaning of the GDPR. We do not and cannot collect or store information that you submit to your web browser but not to us (for example, if you enter text into a text field on a browser-based login page, but do not click the Submit button or otherwise execute a command to send that information to us).

Who is responsible for the Company’s data privacy compliance, and how do I contact that person?

The Company’s GDPR Data Protection Officer is Ryan Cwynar, an authorized representative of the Company (the “Chief Technology Officer”). The Chief Technology Officer may be contacted via email at [email protected], or by writing to us at:

ParOne, Inc.
245 8th Ave #1003
New York, NY 10011

You may complain to the GDPR Protection Officer if you think there is a problem with the way we are handling your data. You may also contact the GDPR Protection Officer in order to exercise any of your rights, including your “right to be forgotten,” under the GDPR.

What kinds of information do we collect about you?.

Any information that you enter into any text field on the Website will be collected by the Company for internal use except where noted otherwise in this notice. Any text, reviews, images, video, links, files of any type, or any other content, including communications that you make to us via email or any other means, and including requests made to us to erase certain of your data or complaints to the Protection Officer (which requests we are required to keep, even after we have deleted the data described in requests to delete data) (collectively, and without limiting the generality of the foregoing, “Content”) that you post onto the Website will be collected for internal purposes only and not distributed to third parties except for our marketing tools (“Third- Party Platforms”). Certain pseudonymous information about you (which means information, like your IP address, that cannot be used to identify you specifically, but which is unique to you) may be collected by our web host and used for internal purposes only. Our web host is a Third-Party Platform within the meaning of this Privacy Policy. Content that is transmitted via Third-Party Platforms is collected and processed as further described below.

Content that you input to the Website or transmit via the Website in any form may be collected. Content that you post to the Website, such as blog comments, may be visible to all or some other users, and to the Company.

We also collect, store, and process any information, whether or not constituting Content, that you submit to the Company in any form, including via email. We collect, store, and process any information that is sent to our GDPR Compliance Officer, as further defined below, for purposes of complying with the actual or stated intent of any requests received that are within the responsibilities of the GDPR Compliance Officer, and for internal purposes including tracking the frequency of different GDPR requests and ensuring the suitability of internal compliance protocols.

Information that you enter into the Website at the point of account creation will be stored by us and used to create a customer profile for you, except that we do not store passwords locally. If you lose your password, you may request a password reset. We cannot provide you with your current password because we do not know it.

Information that we request at the time of account creation may include an email address and other contact information, your name, and a display name. The Company maintains records of its customer profiles to facilitate quick or automatic logins by customers, for purposes of counting the number of its customer profiles, and so that the Website and the Company can remember this information for future visits to the website. Please see our Cookie Policy below for more information about what information we collect and use to expedite Website functions.

If you delete your account, the company may retain your profile information for future use, including for counting the number of customer accounts that have been deactivated.

We also collect information about your uses of the Website. For example, our web host will note the dates and times that your account is accessed, and will note the approximate physical location from which your account is accessed based upon the IP address of the device that logged into the Website. This information is “pseudonymous” within the meaning of the GDPR, and is subject to deletion at your request the same as any personal identifying information.

We also collect information about the Content that you view while using the Website. We collect information about how long you use the Website. We may collect certain non-personal information about your Website usage, such as an IP address or similar information. Please see below for more information about the kinds of non-personal information that we collect about you.

If you make any purchases through the Website or purchase any of our products or services, we will collect your payment information for purposes of completing that transaction and maintaining a customer profile for you. We do not save credit card information. If your browser prompts you to store payment information, that information is stored by your browser and is subject to your browser’s terms of service and not ours. We have no control over data that is stored by your browser, except as specifically set forth in our Cookie Policy (since we direct your browser as to the content of Cookies).

We also collect information about inputs that you make to the Website other than Content. For example, if you receive and accept internal messages or other information from us via the Website, we will collect information about transmitted information, and your engagement with that information, to ensure that Content you choose to share or transmit to others complies with our Terms of Use.

If we choose to display promotional content or advertisements, we may use information about the kinds of Content that you view, and your own Content, to determine the advertising experience that is most relevant to your interests.

What kinds of non-personal information do we collect about you?

The Company collects certain non-personal information about you. By “non-personal information,” we mean information about you that cannot be used, and is not stored, in a way that can identify you personally. This information may also be known as “pseudonymous” information.

The Website will collect information about your location based on your IP address. An IP address is a user-supplied identifier that allows the Company to know, in general terms, where its users are located. An IP address is not the same as a physical address, and is not the same as either your shipping address or your billing address, if applicable.

The Company uses your IP address for internal purposes such as knowing which countries provide certain percentages of its users. The Company does not distribute your IP address to any other person. The Company does not verify your IP address or connect it to your shipping or billing address for purposes of checkout if you purchase any products or services from us. Your IP address is not and cannot be used by the Company to identify you personally. The Company’s web host will also know your IP address for purposes of logging visits to the Website from your IP address and for preventing distributed denial-of-service attacks, which are disruptive attacks on websites caused by very large numbers of simultaneous visits to the Website.

The Company collects information about users such as the number of users visiting the Website at any given time, the times during which visitors visit the Website, the length of time that users use the Website, which pages they visit, which products they order, and what other actions they take while using the Website. This information is collected by the Website and is provided in an anonymized form to the Company's data analytics provider, which is Google Analytics (the “Data Analytics Provider”). This information is used by the Company to track the engagement, general geographic origin, and headcount of its users. This information is combined together to provide general demographic information on the Website's users. This information is not and cannot be used to identify you specifically.

The Data Analytics Provider is a third-party processor for purposes of the GDPR.

What does the Company do with payment information?

The Company’s Third-Party Platforms may include payment processing tools or merchant services providers (all such payment platforms, without limiting the generality of the foregoing, “Merchants"). The use of any Merchant is subject to the terms of service and privacy policies of that Merchant. The Company does not collect or store payment information except for the express and limited purpose of verifying submitted payment information to enable checkout. The Company does not store your credit card information or other information, including any of your native login credentials to a Merchant.

Any payment information that is transmitted to us through the Website is transmitted via a token system. Payment information is reduced to a pseudonymous token, transmitted to the Merchant, who confirms to us whether or not payment is successful. The Company collects and processes information related to the success or failure of payments for the purpose of effectuating fulfillment of any order or purchase, and where applicable, will also collect and process information related to your shipping or billing address for the express and limited purpose of verifying successful payment and effectuating fulfillment of any order or purchase (such information shall be deemed Content hereunder). The Company cannot remind you of lost or forgotten payment information because the Company does not know it.

How is your information shared?

Content that you post to the ParOne Platform (such as videos) is shared with other users. We also share Content and other information internally. We may review Content internally to determine that Content does not violate this Privacy Policy or our Terms of Use.

If we elect to provide promotional content or advertising, we may share information about the kinds of Content that you post and use, information related to your general geographic location as we infer it from your IP address, and other information that you supply to the Website to ensure that promotional content or advertisements are relevant to your interests.

We do not share your information with third-parties except to the express and limited extent that your use of a Third-Party Platform, via an API or otherwise, may necessitate the sharing of certain of your information (such as your IP address) via the Third-Party Platform’s API. We will also respond to a valid subpoena or other valid governmental requests for information. If we receive a valid subpoena or other valid governmental request for information about you, we may not disclose this request to you.

If we elect to provide for integration with other third-party apps or other services with the Website, we may share your Content or other information with those third-party apps or other services depending on their own terms and conditions. We will not share your information with any third-party apps or other services without first informing you.

If we have a good-faith belief that a user has posted Content or otherwise used the ParOne Platform in a way that makes us believe that a user has engaged, or is about to engage, in criminal activity or other serious wrongdoing, we may share that information with the relevant authorities. If we do so, we may not inform you when we share that information.

The Website uses cookies. Cookies are small files that the Website places in your browser in order to track your activity across multiple separate pages within the same instance of the Website. For example, if you navigate to a sub-page of the Website with a fillable form that you then submit, a cookie will be used to connect the browser activity that filled that form with the browser activity that acknowledges our receipt of the same form. Cookies are used to maintain

consistency across a session of Website use. Please contact us at [email protected] for more information about our Cookie policy and for information about our Cookie Policy. You may instruct your browser not to accept, or to delete, Cookies. The Website may become unstable or suffer diminished functionality if you delete or prevent the use of Cookies.

NOTICE TO RESIDENTS OF THE EUROPEAN UNION AND THE UNITED KINGDOM

Nothing in this notice should be construed as amending, modifying, replacing, or otherwise affecting the terms and conditions of any transactions between you and the Company, except that to the extent any such terms and conditions are inconsistent with the General Data Protection Regulations of the European Union and the equivalent rules of the United Kingdom and any other applicable jurisdiction (altogether, the “GDPR”) those terms and conditions are VOID.

Instructions For Exercising Your Right To Instruct Us To Forget Your Information

The GDPR provides a generalized “right to be forgotten,” meaning that you have the right to instruct us to delete any and all information that the Company, the Website, or any of the third parties collects about you. Please contact us by email at [email protected], by phone at in order to instruct us to forget any or all of the information that the Company, the Website, or any of the third parties collects about you. You may delete your profile entirely in the settings. This withdraws your consent from our policies. Per the GDPR, we may take up to 24 hours to process any withdrawn consent. You may download a copy of the personal data you have provided through the controller in the settings. Any further subject access requests must be directed via email to [email protected].

The Model GDPR Clauses Apply to this Policy.

Except where expressly stated to the contrary, the Model Clauses of the GDPR apply to this Privacy Policy. We will follow instructions received from our you pertaining to your rights under the GDPR or any other similar law. You are a “Data Controller” within the meaning of the GDPR. With respect to personal data, we follow instructions that we receive from you, including your instruction to provide you with a machine-readable copy of all information about you that we store or process, and including your instruction to us to “forget” such information, unless those instructions are (i) legally prohibited or (ii) require material changes to the Software. In addition, we will reasonably support any Data Controller in addressing requests from other Data Controllers or regulatory authorities regarding our processing of personal data. If we cannot comply with an instruction or if there is a user-billable cost to comply with the instruction, we will promptly notify you.

To process personal data, we and our sub-processors will only use personnel who are bound to observe data secrecy under the Data Protection Law. We will use the appropriate technical and organizational measures to meet this objective.

At signup, each user will be prompted to consent to this policy, which has been customized by each client in the Admin Settings. We record the date/time when the consent was given, and for

TOS/Privacy consent we restrict any access unless consent was given. The option to withdraw consent is entailed in the option to delete the user profile.

YOUR CALIFORNIA PRIVACY RIGHTS

This Privacy Policy describes how we may share your information for marketing purposes. You may contact us with any questions and, to the extent applicable, to request a list of third parties to whom we may disclose information for marketing purposes and the categories of information we may disclose. Users under the age of 13 who are subject to the laws of the State of California may not use the Website. If you are under the age of 13, or if you are contacting us on behalf of someone who is under the age of 13, please contact us at [email protected].