Privacy Policy

Last Updated July 1, 2024

This Privacy Policy (this “Policy”) describes the privacy practices of BLUE JAY BEACH, INC., a Delaware corporation (“Birdy Grey”, “Company,” “we”, or “us”), with respect to personal information we collect when you sign up for, use, access or otherwise interact with birdygrey.com (the “Site” or “store”) as well as any applications, services, programs, and products of Birdy Grey developed from time to time (collectively, the “Services”), in connection with certain of our marketing activities, and in other settings where we reference this Policy, and how we use, share and store such information.

By using the Services or providing Personal Information to us you agree to be bound by the terms of this Policy. If you do not agree with any part of this Policy or our Terms and Conditions, please do not access or continue to use any of the Services or otherwise provide your Personal Information.

Birdy Grey is located in the United States, and we primarily store your information in the United States. By using our website and/or providing us with information, you understand that your personal information may be transferred to and stored in the United States. For customers outside the United States, see the “Region-Specific Disclosures” section below for more details on our processing of your personal information and your rights. At times, we may transfer your personal information outside of the United States, in which case we take reasonable steps to make sure your personal information continues to be appropriately protected. However, no data transfer system is completely secure.

We may change this Policy from time to time by. Generally, we will notify you of any changes by revising the date at the top of this Policy and such changes will become effective upon the publication thereof. In some cases, we may provide you with notice of Policy changes by sending you an email notification or other communication. We encourage you to review the Policy whenever you interact with the Services to stay informed about our personal information practices and the choices available to you.

Section 1: Personal Information We Collect

We collect Personal Information in a number of ways and for various purposes. "Personal Information" herein means information that relates to an identifiable or reasonably identifiable person or as otherwise defined under applicable law. Examples of Personal Information are a name, an online identifier, a contact address, social media reviews and ratings, and geolocation data. The types of Personal Information we collect would depend on the manner and context of your interaction with us.

We collect Personal Information as follows:

Profile Data and Demographic Data. We may collect Personal Information about you such as: name, address, phone number, email address, Services usernames and passwords and other security information for authentication and access, social media user names, date of birth, gender, age, inferences, physical characteristics (such as your size, height, weight, or other information relevant to your apparel preferences), and preferences or other unique identifiers. Such data may include Personal Information you may provide about a third party: name, surname, address and contact details of recipient for delivery of goods or services (such as sending a gift or virtual gift card), if different from yours. If you are engaging with us as a candidate for employment, we may collect information about your employment status or history, or your professional information.

Usage and Activity Data. When you use or browse the Site or Services, we collect information about your activity on the Site or Services. Examples of such data include Site access dates and times, pages viewed, how long you spent on a page, searches you perform on the Services, information about your activity on a page, and other system activity, your use of any hyperlinks available within our Services, information about your interactions with our emails, your Internet service provider (ISP), Mobile Advertising ID, and MAC address. We collect information about your geolocation information in accordance with your device permissions. Location information may include the presence of the device, its signal strength and mobile network information, its manufacturer (Apple, Samsung, etc.) and model, and information about the device's interaction with the Services or business services. We may associate such browsing or device information to an account you have registered with us and combine it with information relating to all interactions with us.

When you browse our Services, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system. We (and third parties we choose to work with) may also place cookies on your browser and use pixels and other web-tracking technologies for the purposes of targeting advertising .

Transaction Data. We collect transaction information related to the products and services you purchase from us. For example, we may collect payment amounts and methods, payment card information (card issuer and card type, credit or debit card number, expiration date, and CVV code), billing and shipping information, returns and other transaction information). If you make a purchase, we work with third-party payment processors to collect and process your payment information.

Communications Data. We collect Personal Information when you communicate with us (such as your phone, email or chat communications in connection with technical or product customer support, online services, product information or to any other communication you initiate) and sign up for promotional campaigns or to receive other marketing or informational materials via email, text message, push notifications or other media. Where consistent with applicable law we record and store telephone calls and chat transcripts for a period of time when you interact with our customer or technical support personnel, or if you provide us feedback about our Services.

If you participate in or utilize or sign up for, as applicable, contests, sweepstakes, loyalty programs, surveys, referral programs, trial programs, discounts, research activities or initiatives or promotional sales ("Surveys or Promotions") being offered by the Company, we may collect contact, demographic and eligibility information or other Personal Information. Promotions may also be run by a Company service provider or co-branded with one of our business partners. In such instances, Personal Information may be collected directly by and/or shared with the Company, the service provider and/or business partner, including for marketing purposes. Personal Information associated with a Survey or Promotion may be shared with partners that sponsored or were involved with the Survey or Promotion. To the extent a Survey or Promotion collects information from you about your physical characteristics or preferences, such information will be used to help us better understand your needs and provide you with additional information that you can incorporate into your evaluation of Company products and services and for purposes reasonably related to the Survey or Promotion and as otherwise described herein or the privacy notice governing such Survey or Promotion and only to the extent permitted by applicable law.

User Content. We may collect your Personal Information when you click submit content, make reviews, contribute to message boards, comment fields, blogs, and other media forums sponsored by or affiliated with us. Examples of such data may include your contact information, the date and time of your content submission, online identifiers, social media profile, and the content of your submission

Section 2: Sources We Use to Obtain Personal Information

In addition to collecting Personal Information directly from you we may obtain Personal Information from the following sources:

Third Parties. We collect your personal information from third parties, such as social media sites (e.g., if you are accessing third-party products and services that we have made available to you via the Services), data coops and other third-party data sources. If you are accessing third-party products and services that we have made available to you via the Services, we may collect Personal Information that the third-party service makes available to us in connection with your registration for or access to those products and services. Identifying information collected from social media platforms, such as your name, email address, age, gender, and location, is collected in accordance with their terms of use and privacy policies. We may also receive demographic information about you from third party data sources to make our service and marketing efforts more efficient and personalized for you. We may also receive legal information from third parties, such as fraud checks or flags raised about your transactions, payment card refusals, suspected crimes, complaints and/or claims.

We allow our ad partners to collect your information when you use our Services. These companies may collect information from you (e.g., subject of advertisements clicked or scrolled over) during your visits to the Services in order to provide advertisements about goods and services likely to be of interest to you. The ad partners that we engage are bound by confidentiality obligations and other restrictions with respect to their use and collection of your information.

Cookies and Similar Tracking Technologies. The Company and its partners use various technologies to collect information when you use our Services, including session replay, sending cookies to your device and using web beacons. By using the Services you consent to the use of such technologies, including cookies, advertising IDs, geolocation, screen capture technology and pixel tags, to collect information about you. These technologies help us personalize your use of our Sites and mobile applications, customize the Services, and mitigate risks and the potential for fraud. These technologies are also used by the Company and its advertising partners to deliver ads to you based on your interests and online activities. To the extent we use session replay technology (recording your journey through the Site, including the pages you visit, the movement of your mouse or pointer, and the keystrokes you type), we may collect on a real-time information on how you use and navigate the Services. This may include mouse movements and how you scroll through the Services. Some of our websites and Services may contain electronic images called "web beacons". Web beacons are objects embedded in a web page or email which are used to check if a user has accessed content. In addition to allowing us to count how many persons read our messages, web beacons allow us to develop statistical information about the activities and features that most interest our users in order to provide more personalized content.

Sensitive Personal Information. We (or our partners) may collect and process sensitive Personal Information. This may include information such as your race, ethnicity, or precise geolocation data. When we collect data that may be considered “sensitive” under applicable law, we (or our partners) will request your consent to process such sensitive personal information or provide other controls (like an opt-out of certain processing) when required by law.

Derived Information. We may derive Personal Information or draw or collect inferences about you based on the other types of Personal Information we collect. For example, we may infer your location based on your IP address, or that you are interested in purchasing a certain type of clothing based on your browsing behavior on our Services. We may use such information to create a profile about you to reflect your preferences, characteristics, behavior and attitude.

Section 3: How We Use Personal Information

We use the Personal Information we collect for various purposes, including the following:

Deliver Products and Services. Personal information is used to provide and improve the Services, fulfill the product orders you request or initiate, or that are reasonably anticipated within the context of our ongoing business relationship, complete transactions, perform our contractual obligations, manage your account(s) and send you related information, including confirmations and receipts. Such use includes processing or otherwise collecting your payment, arranging for shipping, providing you with any invoices or order confirmation information, provide benefits of any loyalty program made available to eligible users, and processing and deliver contest, promotion and sweepstakes entries and rewards. We also use Personal Information to personalize your online experience, present or advertise products and content tailored to you, your interests or location and for quality assurance and to monitor and improve customer support and the Services.

Communicate with You. We may use Personal Information to respond to your comments, questions and requests and provide customer service, to contact you the products or Services you have purchased or used and to notify you of products, offers, rewards, Surveys and Promotions and Services we think may be of interest to you. Irrespective of your privacy settings, we may send you technical notices, updates, security alerts and support and administrative messages, such as revision this Policy or other formal communications relating to products or Services you have purchased or use.

Marketing. We use Personal Information in connection with advertising and marketing campaigns and to provide you with information on the products and Services that may be relevant to you. We may also use personal information to create and identify audiences that are most likely to respond to ads based on information we have already collected or infer about your interests and preferences. You have the option to opt out of targeted advertising from us and our partners. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.

You can opt out of targeted advertising by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.

Ads are displayed on the platforms that we own or operate but we also use third-party ad partners to display ads for the Company on third party websites and apps (sometimes referred to as ‘retargeting’). Retargeting technologies analyze the information collected about your interactions with our Sites and information about you obtained from reputable third-party sources parties, and display advertisements intended to match your interests. For example, We may work with third parties (such as Facebook and Instagram) to serve ads to you as part of a customized campaign on their platforms. Generally, you can control the interest-based ads you see as a result of retargeting by changing the privacy settings of the device itself or changing the privacy settings of your browser. If you use “Do Not Track” features of your device or browser, we do not override these settings or options.

Our ad partners may use the data they collect from you, including (a) in conjunction with advertising that appears on other websites, (b) to determine the popularity of certain content and analyze and track website traffic, statistics, advertisement data and other interaction with ads and the websites on which they are served, and (c) to measure the effectiveness of web-based and email ads.

Internal Research and Services Improvement. We may use Personal Information to analyze trends and statistics and otherwise monitor usage and performance of the Services, assess the success of our marketing and advertising campaigns and conduct other internal research and development and make business decisions about current and future product and service offerings. We use Personal Information to repair errors in our products and Services and other activities to maintain and improve the quality and safety of our products and Services.

Legal, Safety or Security. Where required by law or where we believe it is necessary, we use the data we collect from you to protect our legal rights, legitimate interests and the interests of others. Such use includes detecting and preventing security incidents and illegal or unauthorized activities, investigating complaints and claims and providing other security protections, such as identity verification. It also includes using such information to comply with any applicable legal or regulatory requirements or other legal obligation, to assist in an investigation, to protect and defend our rights and property (such as by defending against or pursuing claims, disputes or litigation), or the rights or safety of third parties, to protect the integrity of our Services, employees and users, to identify and prevent error, negligence, and crime, for audit functions, to enforce our agreements (such as our Terms of Use, and this Privacy Policy), and to resolve disputes.

Augment Personal Information. We may combine Personal Information with information we receive from public databases, joint marketing partners, and publicly available information on social media platforms and other third parties, in order to give us better consumer insight into your needs, help us tailor our communications with you, deliver marketing messages to you and improve our business. For example, we may obtain updated contact information or third-party marketing data and address information and add it to our database to send you marketing materials, better direct our advertising and provide pertinent offers we think you are more likely to be interested in. You may opt out of us combining your personal information with the information lawfully collected from third parties by contacting us using the contact details set out below.

Section 4: Disclosure of Personal Information

The Company will share Personal Information with third parties in the following ways:

Affiliates. We may share Personal Information our current and future parent and subsidiary companies and other affiliated companies under common control and ownership.

Service Providers. We may share Personal Information with third party service providers, such as vendors, consultants, and contractors, who access Personal Information to provide the Services or Company products on our behalf (e.g., assist us with shipping and delivery, payment processing, fraud prevention, web site hosting, customer service, and advertising, etc.) or promote, support, improve or expand the Company’s business and products and services or enable those third parties to conduct research or carry out Surveys and Promotions, manage, analyze and enhance data, and deliver content or advertise the products and services of the Company. We may also share Personal Information with our lawyers and other professional advisors where necessary to obtain advice or otherwise protect and manage our business interests. Service providers may share Personal Information with subprocessors.

Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you. For more information on how Shopify handles and stores your information please refer the Shopify terms of service and privacy policy at https://www.shopify.com/legal/privacy.

Advertising and marketing providers. We may share your information with advertisers (such as advertising agencies, networks, and exchanges). marketing businesses, third-party data suppliers (such as data aggregators and data resellers), and other entities that help us to create, deliver, and assess our advertising and marketing campaigns and learn more about you and other users of our online services. These parties may combine your personal information with their own records (and records available from other sources) for their own purposes, including for their own and other third-party marketing. If you would like to opt out of our exchange of your information with other marketers, please let us know by writing to sup@birdygrey.com or otherwise contact in the “How To Contact Us” section of this policy. To learn more about third parties that are members of self-regulatory programs such as the Network Advertising Initiative, please visit the NAI's website (www.networkadvertising.org) which will allow you to opt out of interest-based advertising by one, or all, NAI member.

Third Party Websites. The Services may contain links to third-party websites or third-party plug-ins. Interactions with those links or plug-ins are subject to the privacy policy and terms of service of the third-party site, not ours. We are not responsible for the privacy practices or the content of such services. For example, if you choose to pay through a third-party mechanism offered on our website, the information you choose to share with that third-party will be treated in accordance with that third-party's privacy policy. We do not make any representations regarding the policies or practices of third parties. When you use third-party sites or services, their own terms and privacy policies will govern your use of those sites or services and we encourage you to read their privacy statements. If you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.

For Legal Compliance and Special Circumstances. We may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to where is necessary to protect our legal rights or property (such as enforcing or applying applicable terms and conditions and other agreements, including the Services' terms of service), or it is necessary to protect the legal rights or property or physical security of others, or for the prevention or detection of crime and such disclosure is lawful.

Your Public Postings. Content you post through the Services such as reviews, commentary or blogs, may be accessible by other users and companies and may appear on other websites or web searches, and therefore this information could be read, collected, and used by others. We cannot ensure the privacy of any Personal Information included in such user generated content and We do not necessarily verify, endorse, or agree with any content posted in discussion forums.

Please note that from time to time the Services may release customer features (such as in the “Bridal Studio” portion of our Site’s store) that enable members of your bridal party to view relevant details of your product purchases (e.g., dress style and color).

Business Transfers. Personal Information may be disclosed or transferred as part of, or during negotiations in connection with, a corporate transaction, such as if we, or some or all of our assets, are acquired by another entity, including through a sale in connection with bankruptcy or other forms of corporate change.

Deidentified Information. We may share deidentified information (e.g., aggregated or grouped information) which cannot reasonably be used to identify you.

With Your Consent or at Your Direction. We will share your Personal Information with other third parties we have your consent to do and when you intentionally direct us to do so or when you use our Services to intentionally interact with third parties.

Section 5: Text Marketing and Notifications

By providing your mobile number you agree that we may send you periodic SMS or MMS messages containing but not limited to important information, updates, deals, promotions and specials. We are using a text messaging platform, which is subject to the following terms and conditions. By opting-in for our text marketing and notifications in, you agree to these terms and conditions.

By entering your phone number in the checkout and initializing a purchase, subscribing via our subscription form or a keyword, you agree that we may send you text notifications (for your order, including abandoned cart reminders) and text marketing offers. You acknowledge that consent is not a condition for any purchase.

Your phone number, name, and purchase information will be shared with our SMS platform vendor (e.g., Klaviyo, Inc.). This data will be used for sending you targeted marketing messages and notifications. Upon sending the text messages, your phone number will be passed to a text messages operator to fulfill their delivery.

If you wish to unsubscribe from receiving text marketing messages and notifications reply with STOP to any mobile message sent from us or use the unsubscribe link we provided you within any of our messages. Message and data rates may apply.

For any questions please text "HELP" to the number you received the messages from. You can also contact us for more information. If you wish to opt-out please follow the procedures above.

You agree to notify us of any changes to your mobile number and update your account to reflect this change.

Section 6: Security and Retention

To protect your Personal Information, we take reasonable precautions and follow industry best practices to prevent unauthorized loss, misuse, access, disclosure, alteration or destruction.

Such measures include technological, physical and organizational safeguards that are appropriate given the sensitivity of the personal information, including maintaining controlled access to electronic and paper documents and files, and using appropriate technology safeguards such as passwords firewalls and encryption as well as non-disclosure or confidentiality agreements as we deem appropriate to protect your data. However, please note that the security measures may change or be unavailable from time to time and no data transmission over the Internet or any wireless network is 100% secure.

To the extent we transmit any payment information (such as to our payment processors (e.g., Shopify, Klarna or PayPal) we do so using industry standard encryption measures.

We retain Personal Information for as long as needed to fulfill the purposes for which the personal information was collected (as outlined in this Policy) or to fulfill our own obligations, such as preventing fraud, meeting regulatory requirements, resolving disputes, improving our services or maintaining security, and in each case, as consistent with applicable law. This means that we may keep your personal data for a reasonable time, including after you have stopped using the Services and/or have stopped using the Site. We may retain non-personal information that has been sufficiently aggregated or anonymized for a longer period.

Section 7: Cookies and Tracking Technologies

Types of Technologies. We currently use the cookies and other tracking technologies, such pixels, web beacons, and tags, session replay tools, embedded scripts and SDKs. We may use both first-party tracking technologies, which are set by us, and third-party tracking technologies, which are set by other parties. Some of the tracking technologies we use may last solely for your browsing session and are deleted when you close your browser, while others are persistent and stored after you close your browser.

The cookies we use typically fall into one of the following categories:

· Strictly Necessary or Essential Cookies. These cookies are necessary for the Services to function and cannot be switched off in our systems. They are usually only set in response to your interaction with us such as browsing our Services, requesting services, setting your privacy preferences, or logging in or filling in forms. You may be able to set your browser to block or alert you about these cookies, but some parts of the Services may not work.

· Functional Cookies. These cookies enable the website to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

· Performance Cookies. These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our Services. They help us to know which pages are the most and least popular and see how visitors move around the Services. If you do not allow these cookies we will not know when you have visited our Services, and will not be able to monitor their performance, Additional data may be collected though Google Analytics (and similar categories of solutions) to help evaluate the visitation and use of our Site. To learn more about Google Analytics, please visit https://policies.google.com/technologies/partner-sites and find information about opting-out here: https://tools.google.com/dlpage/gaoptout.

· Social Media Cookies. These cookies are set by a range of social media services that we have added to the Services to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

· Marketing Cookies. Marketing cookies may be set through our site by our advertising partners and may be used by those companies to build a profile of your interests and show you relevant advertisements on other sites. If you do not allow these cookies, you will experience less targeted advertising.

Types of Data. Categories of information we may collect include IP Address, location, Cookie ID, Device ID, Operating system, device type, device settings, browser type, browser history, search history, pages viewed and other data about your interaction with the Services.

Use of Data. We use cookies for a number of reasons, like helping us see which features are most popular, counting visitors to a page, improving our users’ experience, advertising and content personalization on the Services and those of third parties, tracking activity over time and across properties to develop a profile of your interests and advertise to you based on those interests (“interest-based advertising”), providing you with offers and online content that may be of interest to you, keeping our services secure and generally providing you with a better experience.

We may disclose data collected through tracking technologies to analytics providers, security providers, advertising networks, social media companies and other technology and business partners.

Your Choices. You have options to control or limit how we and our partners use cookies and other tracking technologies, including for advertising. Although most browsers and devices accept cookies by default, their settings usually allow you to clear or decline cookies. Note that while you can delete or block cookies, but if you do so, some features of the Services might not work as intended. To prevent your data from being used by Google Analytics, you can install Google’s opt-out browser add-on. For information on how our advertising partners allow you to opt out of receiving ads based on your web browsing history, please visit Opt Out of Ads. European users may opt out of receiving targeted advertising through the European Interactive Digital Advertising Alliance.

If you have any questions regarding our how we use tracking technologies, please contact us at sup@birdygrey.com.

Section 8: Age of Consent.

By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence, and you have given us your consent to allow any of your minor dependents to use this site.

The Services are intended for general audiences and is not directed to children. As a general matter, we usually do not knowingly collect or process personal information from children under the age of 16, unless a lower age is provided or allowed by local law. Where we do knowingly collect or process personal information from children under the age of 16 (or under an age stipulated by local law), we follow all applicable data protection laws. For example, in the U.S., we obtain verified parental consent as required by law when collecting personal information from children younger than 13 years of age.

Section 9: Privacy Rights.

Individual Rights. Depending on where you reside and in accordance with applicable law, you may have additional rights related to the personal information collected from and/or about you, subject to certain exceptions and limitations. If you are a resident of a state that provides these additional rights, you may exercise them in accordance with this section. If your personal information is subject to a consumer privacy law in your state or country of residence, you may have the following rights:

• The right to be Informed about how we process your information;

• The right to delete the personal information we have about you, subject to exceptions under applicable law;

• The right to access and receive a copy of your personal information and certain other information;

• The right to obtain and your personal information for your own purposes across different services and entities;

• The right to correct inaccuracies in your personal information, taking into account the nature of the personal information and the purposes of the processing;

• The right to object to certain types of processing, including direct marketing;

• The right to opt-out of;

o Use or processing of your personal information for profiling or targeted advertising

o The sale or sharing of your personal information

o Email marketing communications.

o SMS marketing communications (by texting “Stop” as directed in the marketing text messages).

o Postal marketing communications.

• The right not to be discriminated against (e.g., be denied goods or service, charged different prices or rates for goods or services, provided a different level of quality of goods or services) for exercising your legal rights. However, we may offer a different price, rate, level, quality or selection of goods or services to you if you opt-out (or stop sharing your data) and such difference is reasonably related to the value provided to us by your data.

• The right not to be subject to automated decision making (a decision that made solely via automated means and without any human intervention) including the automated processing of personal information for the purposes of profiling or of the evaluation of certain things about you that have legal or similar significant effects, as defined by applicable law. You also may have the right to request human involvement, obtain an explanation of the decision, or challenge such decision;

• The right to lodge a complaint with a regulatory authority pertaining to our processing of your personal information. Certain state laws may also provide you the right to appeal our decisions regarding your rights requests if we do not respond to your requests or do not take action regarding your requests. Additionally, if you are a resident of the state of California, you may have a right to pursue legal action for improper handling of your Personal Data. For more information, see Section 9 (“Region-Specific Disclosures”).

Submitting Requests. You can reach us with any questions or to exercise your rights (such as to opt-out of certain processing of your Personal Information) via the “How to Contact Us” section of this Policy. If you choose to submit your request in writing, please include “Privacy Rights Request” in the subject line and clearly provide us with the following information: what type of request you are making, your full name, email address (if available), and physical address.

Verifying Requests. To help protect your privacy and maintain security and comply law, we take steps to verify your identity before granting you access to your personal information or process certain requests. If you designate an authorized agent to make a request on your behalf, we may require you to (a) provide the authorized agent written permission to do so and to share such authorization with us when processing a rights request, or (b) verify your own identity directly with us.

Section 10: Region-Specific Disclosures

Depending on where you reside and in accordance with applicable law, you may have additional rights related to the personal information collected from and/or about you, subject to certain exceptions and limitations. If you are a resident of a jurisdiction that provides these additional rights, please review this section.

a. Residents of Virginia and Colorado

Virginia and Colorado residents are afforded certain rights under the Virginia Consumer Data Protection Act and Colorado Privacy Act (the “CPA”), respectively. Residents of such state, in addition to any other rights afforded to them, may exercise any of the rights below, including any appeal of our refusal to take action regarding your exercise of rights, by contacting us as described in the “How to Contact Us” section of this Policy.

· You have the rights to confirm whether we are processing your personal information and to access such personal information;

· You have the right to correct inaccuracies in your personal information (given the nature of the personal information and purpose of processing);

· You have the right to delete personal information provided by or obtained about you;

· You have the right to obtain a copy of your personal information that you provided to us in a portable format, readily usable format that allows you to transmit the data to another data controller (to the extent technically feasible)

· You have a right to opt-out of our: 1) processing for targeted advertising (whether the information was collected through online trackers or otherwise), 2) selling your personal information, or 3) profiling in a way that produces legal or otherwise significant effects concerning you.

· Colorado residents have the right to data portability (the right to take your information and move it to another company).

We do not sell personal information for monetary consideration without your consent, but you may opt-out of targeted advertising and certain other online tracking via the methods described in this Policy.

b. Residents of the European Economic Area (“EAA”), Switzerland, the United Kingdom and Canada

This sub-part (c) applies to you if you are a resident of the EEA (specifically, any country in the European Union, Liechtenstein, Norway, or Iceland), the United Kingdom ("UK"), Switzerland or Canada and it explains with respect to your personal information: legal bases for processing, international data transfers, automated decision making, as well the privacy rights you may exercise in relation to your personal information. Note that BLUEJAY BEACH INC. is the data controller for the Personal Information collected and processed through use of the Site and Services.

Legal Bases for Processing. When you access or use our Services, we collect, use, and otherwise process your personal information as described in this Policy. We rely on the following bases for the processing of personal information:

· Your consent - you have consented to the processing, such as for receiving marketing messages

· To perform a contract – we process your information as necessary to perform a contract with you or to take steps in preparation for a contract with you, including enabling you to make a purchase from us;

· To comply with law - we process your information as necessary to comply with a court order, regulatory requirement or other legal obligations or to exercise or defend legal claims;

· Our Legitimate interests – we process your information as necessary for the purposes of our or a third party’s legitimate interests;

· Vital interests - As necessary to protect your vital interests, or those of others.

Our legitimate interests for processing your personal information include (a) providing, customizing and improving the Services, (b) providing access to and improving our customer service, (c) detecting and preventing fraud and (d) protecting our Services and your data from unauthorized use, intellectual property infringement, crime, and security risks of all kinds.

Data Transfers. We may process your personal information in countries outside the EEA/UK, Switzerland and Canada that do not provide an adequate level of data protection as defined by EU/UK/Swiss/Canadian data protection laws. If personal information is transferred between countries, we take commercially reasonable efforts to protect such personal information (such as by entering into Standard Contractual Clauses as approved by the European Commission).

Automated Decision Making. We do not engage in any automated decision with a legally significant effect without your consent.

Rights Regarding Personal Information. You have the following rights in relation to your Personal Information:

· data access and portability (including the right to obtain a copy of your personal information and receive it in a structured, commonly used and machine-readable format);

· data correction (including the ability to update your personal information);

· data deletion (including the right to have the Company delete your personal information, except information we are required by law to retain, or as otherwise provided by applicable data protection laws);

· withdrawal of consent (when we rely on your consent to process your information, such as for our marketing emails, you are free to refuse to give it). If you have given your consent, you may withdraw it at any time without any adverse consequences;

· objection to processing (when our processing is based on legitimate interests; this includes, in limited circumstances, the right to ask the Company to stop processing your personal data);

· restrict processing of your personal information in certain circumstances; and

· file a complaint before the responsible data protection regulatory authority.

If you’re a Canadian resident, your consent for the use or sharing of your Personal Information for marketing purposes (as identified in the Policy), is optional and is not a condition for obtaining our Services.

To exercise your rights as set forth above, please contact us at sup@birdygrey.com or at the physical address listed below with your request and your place of residence. Requests to exercise data protection rights will be assessed on a case-by-case basis. There may be situations where we are not legally required to comply with the request because of exemptions provided for in data protection legislation. We do not charge you a fee for exercising any of your rights described above.

If you have a privacy or data use concern, please contact us.

c. Residents of California. This sub-part (d) applies solely to California consumers. Terms used in this sub-part will have the meaning assigned in the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020, including any regulations thereunder (the “CCPA”).

1. Personal Information collection and use. We may collect (and may have collected during the 12-month period prior) the following categories of personal (including sensitive) information about you:

Identifiers: identifiers such as a device or browser identifier; cookies, beacons, pixel tags, mobile ad identifiers and similar technology; customer number, IP address, online identifier, and other forms of persistent identifiers.
Additional Data Subject to Cal. Civ. Code § 1798.80(e): signature, physical characteristics or description, education, and financial or health information. Some personal information included in this category may overlap with other categories.
Protected Classifications: characteristics of protected classifications under California or federal law, such as race, color, national origin, religion, age, sex, gender, medical condition, disability, citizenship status, and military and veteran status.
Commercial Information: records of products or services purchased, obtained, or considered, and other purchasing or consuming histories.
Internet Activity: Internet and other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding your interaction with site.
Geolocation Data
Employment Information: professional or employment-related information.
Education Information: education information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. Sec. 1232g; 34 C.F.R. Part 99).
Inferences: inferences drawn from any of the information identified above to create a profile about you reflecting your preferences, characteristics, and behavior.

We may use (and may have used during the 12-month period prior) your personal information for the purposes described in this Policy and for the following business or commercial purposes specified in the CCPA:

Performing services, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing advertising or marketing services, providing analytics services, or providing similar services.
Auditing related to a current interaction with you and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance.
Short-term, transient use, including, but not limited to, the contextual customization of ads shown as part of the same interaction.
Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.
Debugging to identify and repair errors that impair existing intended functionality.
Undertaking internal research for technological development and demonstration.
Undertaking activities to verify or maintain the quality or safety of a service or product we provide, and to improve the services or products we provide.

2. Sources of Personal Information. During the 12-month period prior, we may have obtained personal information from the following categories of sources:

Directly from you, such as when you contact us with a question.
From your devices, such as when you visit our Services or mobile applications.
Your family or friends, such as when they provide us with your contact information so we can send information that may interest you.
Vendors who provide services on our behalf.
Our advertising and marketing partners.
Online advertising services and ad networks.
Government entities.
Social networks.

3. Selling / Sharing of Personal Information. We do not sell consumer’s Personal Information in exchange for money without your consent. However, there are instances where the Company shares Personal Information in order to personalize or customize our Services or offers, optimize our Services and to improve your shopping experiences through our Services. We may also share personal information with third-party marketing and advertising partners that may use personal information for marketing and commercial purposes and to manage their own platforms. Depending on the circumstances and the contractual obligations in place, this sharing may be considered a “sale” or “sharing” under California law and you may have the right to request that we stop such sharing.
During the 12-month period prior, we may have sold or shared the following categories of personal information:

Category of Personal Information

Category of Third Party

Identifiers

· Advertisers, ad platforms and networks, and social media platforms;

· Third parties whose cookie and tracking tools we use as described in Section 6 of this Policy (Cookies and Tracking Technologies);

· Commercial data partners to whom we make information available for their own marketing purposes; and

· Partners who work with us on promotional or sponsorship opportunities available through our Services, including co-branded products and services.

Commercial Information

· Advertisers, ad platforms and networks, and social media platforms;

· Third parties whose cookie and tracking tools we use as described in Section 6 of this Policy (Cookies and Tracking Technologies);

· Commercial data partners to whom we make information available for their own marketing purposes; and

· Partners who work with us on promotional or sponsorship opportunities available through our Services, including co-branded products and services.

Internet Activity

· Advertisers, ad platforms and networks, and social media platforms;

· Third parties whose cookie and tracking tools we use as described in Section 6 of this Policy (Cookies and Tracking Technologies)

Geolocation data

· Third parties whose cookie and tracking tools we use as described in Section 6 of this Policy (Cookies and Tracking Technologies)

Inferences

· Advertisers, ad platforms and networks, and social media platforms;

· Third parties whose cookie and tracking tools we use as described in Section 6 of this Policy (Cookies and Tracking Technologies)

We do not knowingly sell or share the personal information of minors under 16 years of age without affirmative authorization if we have actual knowledge of the individual’s age.

4. Disclosing Personal Information to third parties

During the prior 12-month period, we may have disclosed your personal information with certain categories of third parties and service providers, as listed below (in addition to any disclosures of selling/sharing as set forth in clause 3 above).

We may have disclosed the following categories of personal information listed below for the commercial and business purposes set forth in clause 2 (Personal Information Collection and Use) to the following categories of third parties:

Category of Personal Information

Category of Third Party

Identifiers