Privacy Notice

Privacy Notice

Soteria Shops is committed to protecting your privacy and all data on our servers. Please find the Soteria Shops Privacy Notice below. If you have any questions about data security, or if you believe you have discovered an issue, please contact us immediately via email at privacy@soteriashops.com – Subject line: My Data Security.

Soteria Shops, LLC (“Soteria”) is committed to protecting your privacy. We have prepared this Privacy Notice (or “Notice”) to describe to you our practices regarding our collection and use of your personal data (as defined below). This Privacy Notice provides information about the types of information we collect from our Services and website and what we may do with that information.

In this Notice, we will outline and describe the following with respect to the personal data that we collect:

What information we collect
How we collect it
How we use it
With whom we share your information
What we disclose internationally
How long we keep your information
Your rights under the law
The security of your information
Our data Privacy Officer
Our policy regarding children
Information for California Residents

You will note that throughout this Notice we use words that are capitalized. These are special terms that are defined. Those definitions are set forth at the end of this Notice, in Section XII.

1. What information we collect

A. Information you provide:

If you are just browsing our website, we do not ask you to enter any personal information about yourself unless you complete a form of any kind. If you wish to take action in any campaigns related to our website, the personal information that you provide may include your name, title, physical address (including zip code), email address, and phone number. We also collect information in the form of the content that you submit during your use of our platform, which may include photos, your personal comments and positions on topics, which could include political information and other information of a sensitive nature that you choose to submit. We may also collect your username/handle from social media platforms you interact with when you connect to us from them or wish to connect to them from us. We may also combine information you provide with personal data we collect automatically (as further described in Part I, Section B below) and with data we receive from third-parties. We may also associate information you provide with information we collect about you from different devices, browsers and platforms.

B. Information collected automatically:

Certain information that identifies you may be passively collected and stored on our or our service providers’ server logs, including your Internet Protocol (“IP”) address, browser type, operating system and information regarding what website pages you accessed and when. An IP address is a number that is automatically assigned to your computer when you use the Internet. In some cases your IP address stays the same from browser session to browser session; but if you use a consumer Internet access provider, your IP address may vary from session to session. We also use cookies and navigational data like Uniform Resource Locators (“URL”) to gather information regarding the date and time of your visit to our website or access to our Platform through a campaign, and the information for which you searched and viewed. This type of information is collected to make our services more useful to you and our clients, and to tailor the experience with us to meet your special interests and needs.

“Cookies” are small pieces of information that a website sends to your devices while you are viewing a website. We may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer until you delete them) to provide you with a better experience with our Platform. Persistent cookies can be removed by following your Internet browser directions. If you choose to disable Cookies, some aspects of our services may perform differently, for instance, you will need to re-enter your information each time you return to use the services.

We do not offer third-party advertising on our website, therefore we do not respond to “do not track signals” or other mechanisms that might enable website visitors to opt out of tracking on the Soteria Shops site.

By using our website and agreeing to this policy, you consent to our use of cookies in accordance with the terms of this policy.

C. Information collected from third-parties:

In addition to the information that we collect as described above, we also collect information about you from our third-party integrators and vendors. These parties are used by us to run our Platform and integrate our services with our customers and clients, so that you can take action and participate in campaigns through our platform. The information that we collect through these channels includes your geo location data, derived from the address that you submit, legislative data, such as your legislative or political district, candidate and elected official information, voter registration and polling location.

2. How we collect your information

We collect your personal data in a number of ways, and this section will describe those methods.

A. Your direct interaction with us: We collect your personal data when you interact directly with us by coming to our website to browse or to enter information in a campaign that uses our platform.

B. From our clients: Another way we collect your personal data is from our clients who contract with us to use Soteria services. If you provide your information via a campaign that uses our Platform, we will collect the information you provide on the form such as name, e-mail address and the full content of your message, including attached files, and other information you provide. This method of personal data submission to us could occur (i), for instance if you complete a form created by a client but powered by Soteria Shops, or (ii) where the client captures the data you enter and then transmits that data to us.

C. From Third-Party Technologies and Social Network Sites:

We may receive personal data about you from other sources with which you have interacted, such as through third-party technologies that are integrated into the Services like Alexa, which is owned by Amazon, or through social networks like Facebook or Twitter when you grant us permission to access these technologies to further use Soteria services. Further, we may associate this personal data obtained from these sources with the other personal data we have collected about you from other sources as described in this Notice. We do not control or supervise how these third-parties process your personal data, and any information request that you have regarding the disclosure of your personal data from them to us should be made directly to those third-parties.

D. Third-party analytics:

Third-parties who provide us with analytics services for our Platform and Services may collect some of the information described in Section I, including, for example, IP address, access times, browser type and language, device type, device identifiers and Wi-Fi information. For instance, we use Google Analytics and similar services to perform certain analytical tasks about our web user’s activities. We use the User-ID feature of Google Analytics to combine behavioral information across devices and sessions (including authenticated and unauthenticated sessions).

3. How we use your information and the Legal Basis for sharing it

We may use your information to:

Process information you have submitted on a form either through one of our client’s campaign forms on a Soteria Shops website form; via text message, voice recognition, conversational messaging system, or via phone call.

Seek your views or comments on the services we provide;

Send you marketing materials and information about other Soterial products or services with your consent;

Carry out our obligations arising from our website’s terms of use, or arising from any contracts entered into by us with our clients or customers;

Provide, create and maintain a trusted and safer environment and comply with our legal obligations.

Applicable laws require us to have a “legal basis” for using and sharing your information. These legal bases include the following:

Your consent – to fulfill your express requests.

To carry out our legitimate interests on our website. “Legitimate interests” is a concept in data protection law which essentially means we have a good and fair reason to use your personal data and we do so only if our interests are not overridden by your fundamental rights and freedoms. We sometimes require your data to pursue our legitimate interests in a way that might reasonably be expected as part of running our business and that does not materially impact your rights, freedom or interests.

To fulfill our obligations with you when the processing is necessary to perform a contract with you, like the Terms of Service.

To measure the adequate performance of our interactions with you, and to comply with applicable laws.

To promote the safety and security of the Services, our users, and other parties. For example, we may use the information to protect against fraud and abuse, respond to a legal request or claim, conduct audits, and enforce our terms and policies.

4. How we share your information

A. With your consent:

Where you have provided express and unambiguous consent, we share your personal data as described at the time of consent. This form of consent is also given when you take action on a client campaign or when you sign a petition. We do not otherwise share any of your personal data that identifies you, except as instructed by you.

The specific ways in which you consent to share personal data that you provide to us is when we enable you to send individual emails and related messages to lawmakers, regulatory agencies, and other organizations and leaders that are the target of a campaign through our Platform. These messages may include your full name, e-mail address, mailing address and other contact information you may have provided as part of the submission. You are solely responsible for the specific message(s) you send using our Services.

For certain campaigns that you completed some of your information may be made public, including without limitation your name, city, and state (“Public Petition Information”). All other information you have been asked to provide will not be made public.

Based on our legitimate interest to operate and promote our Platform we may display parts of the Platform (e.g., a campaign web form and your postings on it) on sites operated by our clients, using technologies such as widgets or via APIs. If your postings are displayed on a client’s site, information from your posting may also be displayed.

Information you share publicly through our Platform may be indexed through third party search engines, such as Google or Bing. We do not control the practices of third party search engines, and they may use caches containing your outdated information. You acknowledge that personal data that you submit when you take action on our Platform through our website or Services may be available, via the internet, around the world. We cannot prevent the use (or misuse) of such personal data by others.

B. Third-Party Sub-Processors:

We use third-party Sub-Processors (including contractors and service providers) to provide the Services and to help with our operations, which may require that these Sub-Processors have access to and use your personal data. For example, we may use a third-party to communicate with you (via telephone, email, or SMS) to provide customer support, to receive additional data about you, and to perform analytics and other work that we may need to outsource. The Sub-Processors are bound by law and/or contract to protect the confidentiality and security of personal data, and to only process your personal data to provide requested services and only act on our documented instructions.

C. Third-Party websites:

We may provide links to other websites, such as social network sites (Facebook, Twitter) and other websites may provide links to our website. Third-party websites operate according to their own terms of use and privacy policies. Soteria Shops has no control over such third-party websites, and by using our Platform and Services, you acknowledge and agree that we are not responsible for the availability of such third-party sites, and do not endorse and are not responsible or liable for any content, advertising, products or other materials on or available from such sites. You further acknowledge and agree that Soteria Shops will not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any content, advertising, products, or other materials on or available from such sites.

D. De-identified information about you:

We may also share aggregated or de-identified information (i.e., information that does not personally identify you directly), or statistical information about you, including statistical data and historical use data, with others for a variety of purposes, including for their own uses, for example, for improving their services for you and others, or for educational purposes. Your personal data will not be shared on an individual, identifiable basis under these circumstances, nor can you ask us to restrict this type of sharing, since it does not identify you.

E. As required by law or legitimate business interest:

In addition, we may disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person. Likewise, we may disclose your personal data to our professional advisers as reasonably necessary for the purposes of managing risks, obtaining professional advice, or the establishment, exercise or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. Also, we may share some or all of your personal data in connection with or during negotiation of any merger or similar transaction involving sale or transfer of some or all of our business or assets. If another company acquires our company or assets, that company will possess the personal data collected by us and will assume the rights and obligations regarding your personal data as described in this Privacy Notice.

5. We disclose your personal data internationally

 A. Our Headquarters:

Our headquarters are in Alachua County State of Florida, United States. Whether or not you live in the United States, information we collect from you will be processed in the United States.

If You Live In Brazil

Joining the global trend originating in Europe with the General Data Protection Regulation (GDPR), Brazil recently enacted its own omnibus law governing the use of personal data, the Lei Geral de Proteção de Dados (LGPD), or General Law for the Protection of Privacy. Similar to the EU’s GDPR and California’s Consumer Privacy Act (CCPA), LGPD is intended to regulate the processing of personal data. The stated purpose of the law is to protect “the fundamental rights of freedom and privacy and the free development of the personality of the natural person.” When called upon or compelled to, You give us permission to and We have the right to disclose Your personal information to any branch of the Brazilian government which requests it as it concerns carrying out our responsibilities to you as Our customer or to any authorized government agency in fulfilling their responsibilities to their respective governing laws as it concerns You doing business with Soteria.

If You Live in the European Union

The United States has not sought nor received a finding of “adequacy” from foreign officials, including the European Union under Article 45 of the GDPR. We rely on derogations for specific situations as set forth in Article 49 of the GDPR. In particular, for EEA residents, if you choose to use our website for educational purposes, we collect and transfer to the U.S. personal data only: (i) with your consent; (ii) to perform a contract with you; (iii) to conclude or perform a contract with another person in the furtherance of your or our legal interests (such as with a client); (iv) or to fulfill a compelling legitimate interest of ours in a manner that does not outweigh your rights and freedoms. We strive to apply suitable safeguards to protect the privacy and security of your personal data and to use it only consistent with your relationship with Soteria and the practices described in this Privacy Notice.

B. Third-Parties:

While many of our third party Sub-Processors are global companies with operations in the EEA, Some of the third-party Sub-Processors with whom we share personal data are located outside of the EEA. Certain third countries have been officially recognized by the European Commission as providing an adequate level of protection. You can find the list of these countries at the following address: Data Policy

Transfers to third-parties located in other third countries outside the EEA take place using an acceptable data transfer mechanism, such as the Privacy Shield for transfers to self-certified US organizations, the EU Standard Contractual Clauses, Binding Corporate Rules, approved Codes of Conduct and Certifications or in exceptional circumstances on the basis of permissible statutory derogations.

Please contact our data Privacy Officer at the address or phone number listed below, in Section IX, if you want to receive further information about these Sub-Processors.

6. How long we keep your personal data

Your personal data is stored by us on the servers of the cloud-based database management services that we engage, located in the United States. We retain your personal data collected as reasonably necessary to fulfill the purposes for which we collected it, and to comply with our legal obligations, personal data of Brazilian or EEA residents that remain inactive. Inactive shall be defined as you not taking any action or making any contact with Soteria in any form for one (1) years time. After one year, Your information will be deleted.

In no event will we keep your personal data for longer than is strictly necessary for the purposes defined in this Notice. For more information on where and how long your personal data is stored, please contact our data Privacy Officer at the address or phone number listed below, in Section IX.

7. Your rights in relation to your personal data

A. For United States Residents and others not living in the EEA:

You have the rights provided under the laws applicable to where you live. Additionally, you can ask us questions about the personal data that we have relating to you, ask us to correct any of that personal data if it is wrong and you can verify that with us.

B. For Residents of the EEA:

If you reside within the EEA, the GDPR applies. This law provides certain rights for data Subjects. Under the conditions set by this law, you may be able to exercise the following rights regarding your personal data, subject to the exceptions provided by the GDPR (see also Section IX on who to contact to exercise those rights):

8. Access:

You have the right to access your personal data. You can obtain from us confirmation if personal data is being Processed, the purpose of Processing, the categories of data, the legal basis of the Processing, information on recipients of the data and the non-EU countries in which they are located, and the safeguards put in place for the transfer of data to non-EU countries. If you have chosen to connect to a social network like Facebook or Twitter, you can remove permission for the app by changing your account settings with them. You are responsible for keeping your personal information up-to-date.

9. Rectification:

You have the right to request us to correct inaccurate personal data and to have incomplete data completed, but only to the extent that the data is still under our control and has not yet been transmitted to a campaign or petition target.

10. Objection:

You have the right to object to the Processing of your personal data for compelling and legitimate reasons relating to your particular situation, except in cases where legal provisions expressly provide for that Processing, or when upon your initial request, the personal data has already been transmitted by us to a target of a campaign or petition identified by you.

11. Portability:

You may request your personal data that you have provided to us and which is still retained by us, in a structured, commonly used and machine-readable format, and you have the right to request that we transmit it to other data controllers or processors without hindrance. This right only exists if the Processing is based on your consent or on a contract between us, and the Processing is carried out by automated means.

12. Restriction:

You may request to restrict Processing of your personal data if: (i) you contest the accuracy of it – for a period we need to verify your request; (ii) the processing is unlawful and you oppose the erasure of it and request restriction instead; (iii) we no longer need it, but you tell us you need it to establish, exercise or defend a legal claim; or (iv) you object to Processing based on public or legitimate interest – for a period we need to verify your request. Please note that this right is limited to the extent that the data is still under our control and does not apply to any data that has already been transmitted to a campaign or petition target at the time of your request.

13. Erasure:

You may request to have your personal data erased if: (i) it is no longer necessary for the purposes for which we have collected it, (ii) you have withdrawn your consent and no other legal ground for the Processing exists, (iii) you objected and no overriding legitimate grounds for the Processing exist, (iv) the Processing is unlawful, or (v) erasure is required to comply with a legal obligation. Please note that this right is limited to the extent that the data is still under our control and does not apply to any data that has already been transmitted to a campaign or petition target at the time of your request.

14. Right to lodge a complaint:

You also have the right to lodge a complaint with a supervisory authority, in particular in the EEA member state of your residence, place of employment, or the location where the issue that is the subject of the complaint occurred.

15. Right to refuse or withdraw consent:

Please note that in case we ask for your consent to certain Processing, you are free to refuse to give the consent and you can withdraw your consent at any time without any adverse negative consequences. For example, if you withdraw your consent to the use of Cookies, we cannot deny your use of the website; however, as explained above in Section 1. B., if you choose to disable Cookies, some aspects of our Services may perform differently, for instance, you will need to re-enter your information each time you return to use the Services. The lawfulness of any Processing of your personal data that occurred prior to the withdrawal of your consent will not be affected.

16. Security of your information

To help protect the privacy of your personal data collected by us, we maintain physical, technical and administrative safeguards. We update and test our security technology on an ongoing basis. We restrict access to your personal data to those employees who need to know that information to provide the Services. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of personal data processed by the services. We commit to taking appropriate disciplinary measures to enforce our employees’ privacy responsibilities.

17. Questions, concerns or complaints – Contact Details

The contact information for our data Privacy Officer is:

Soteria Global DBA Soteria Shops

Attn: Privacy Officer

2603 NW 13th Street, Suite 264

Gainesville, FL 32609