Last updated: December 26, 2019
Click https://www.privacyshield.gov to learn more.
We take the privacy of our customers and their downstream customers very seriously. We never share the information of our customer’s customers under any circumstances, unless it is required to complete the transaction contracted with our customer. In addition, we require our customers, where applicable, to undertake to respect all relevant data protection laws, including the European Union General Data Protection Regulation (“GDPR”), the California Consumer Privacy Act (“CCPA”) and the state and federal law of the United States. This Policy applies to all personal data collected, processed and stored by Stamps.com in relation to its staff, suppliers and service recipients in the course of its activities, as defined in GDPR and CCPA, and other relevant laws. Stamps.com makes no distinction between the rights of EU Data Subjects who are employees, and those who are not. All are treated equally under this policy.
2. WHAT WE DO WITH YOUR INFORMATION. We want to be clear about what information we collect and how we use it to deliver our Services to you, operate our business, and help make our Services useful, and work better for you.
We work with other companies or developers to offer you products and services and you may choose to sync, link or connect other third party services with your Stamps.com Service. Sometimes Stamps.com may let you know about the service or product, or another company may let you know about a Stamps.com service or product. If you choose to accept these services, providing your consent to either the third party or to us, we may exchange your information, including your Personal Information, as well as information about how you interact with each provider’s service or product. This exchange of information is necessary to maintain business operations and to provide the ongoing service that you have requested. By requesting or accepting these products or services, you are permitting us to provide your information, including your Personal Information, to the other party. Prior consent from European Union data subjects would be required prior to offering any information discussed in this section.
a. Updating Your Personal Information. In connection with your right to manage your Personal Information you provide to us, you may access, update, change, correct or request deletion of your information either through the Service or through our customer support. You can reach our customer support by using the contact information provided in the "How to Contact Us" section of this Policy. We will respond to your request within a reasonable timeframe.
b. Managing Marketing Communications From Us. We will honor your choices when it comes to receiving marketing communications from us.
You have the following choices if you have been receiving marketing communications from us that you no longer wish to receive:
- You may contact Stamps.com at any time to request that your information not be shared with third parties (other than the USPS) or set preferences when you register with Stamps.com.
- Access the opt-out link in any email communication from Stamps.com or by clicking here.
- Remember that even if you choose not to receive marketing communications from us, we will continue to send you mandatory service or transactional communications.
European Union data subjects will only receive marketing communications from Stamps.com or Third Parties, if they affirmatively opt-in to such communication, upon initiating service or at another time.
c. Cookies and Other Tracking Technologies. Generally we use these tracking technologies to:
- Fulfil your requests for products and services, and improve our services.
- Remind us of who you are on return visits in order to deliver to you a better and more personalized service. This cookie is set when you first visit the Stamps.com Site.
- Estimate our audience size and measure traffic patterns regarding usage of Stamps.com’s network of Sites. Each browser accessing Stamps.com is given a unique cookie which is then used to determine the extent of repeat usage and usage by a registered user versus by an unregistered user.
- Track the number of entries in our promotions.
- Customize the advertising and content you see.
We partner with third parties to either display advertising on our Web site or to manage our advertising on other sites. Our third party partners may use technologies such as cookies to gather information about your activities on this site and other sites in order to provide you advertising based upon your browsing activities and interests. If you do not wish to have this information used for the purpose of serving you interest-based ads, you may 1) clear your cache or 2) opt-out through a third-party service by clicking here. Please note this does not opt you out of being served ads. You will continue to receive generic ads.
European Union data subjects will only have cookies placed on their system if they affirmatively opt-in to such tracking. European Union data subjects may visit http://www.youronlinechoices.eu/ to understand more about Cookies and other tracking technologies in each European Union countries.
Customers in Canada may visit http://youradchoices.ca/ to understand more about Cookies and other tracking technologies in Canada.
Click here to opt out of targeted ads on Facebook.
Please note that even if you opt-out of such Cookies or otherwise opt-out of interest based advertising, you will still receive advertisements, they just won't be tailored to your interests. Also, if you opt-out and later delete your Cookies, use a different browser, or buy a new computer, you may need to renew your opt-out choices.
d. Do Not Track – California and Delaware Notice. Like most other companies, our Services are not currently configured to respond to browsers' "Do Not Track" signals because at this time no formal "Do Not Track" standard has been adopted. However, the practices of our partners and other third-party providers may change as a result of this feature being utilized. Click here for more information on "Do Not Track."
4. DATA RETENTION AND YOUR ACCESS RIGHTS
a. Data Retention. In accordance with and as permitted by applicable law and regulations, we will retain your information as long as necessary to serve you, to maintain your account for as long as your account is active, or as otherwise needed to operate our business. When you close your account, we may continue to communicate with you about our Services, give you important business updates that may affect you, and let you know about products and services that may interest you, unless you have opted out of receiving marketing communications. We may also continue to use some of your information for business purposes and to improve our offerings or in some cases to develop new ones. We will retain and use your information as required by applicable regulations and Stamps.com's records and information management policies to comply with our legal and reporting obligations, resolve disputes, enforce our agreements, complete any outstanding transactions and for the detection and prevention of fraud.
EU data subjects have certain rights to access Personal Information about them, and to limit use and disclosure of their Personal Information. With our Privacy Shield certification (discussed below), Stamps.com has committed to respect those rights. If you wish to request access, to limit use, or to limit disclosure, please contact us at firstname.lastname@example.org or the mailing address provided under "How to Contact Us" and please provide the name of the Stamps.com customer who submitted your Personal Information to our services.
5. SECURITY OF YOUR INFORMATION. Keeping your Information safe is important to us. You can find out more about keeping your personal information safe while on line from the U.S. government by clicking here. We provide reasonable and appropriate security measures in connection with securing Personal Information we collect. Though no method of transmission over the Internet, or method of electronic storage, is 100% secure.
For example, we:
- Consistently work to update our security practices to implement accepted best methods to protect your Personal Information, and review our security procedures carefully.
- Comply with applicable laws and security standards.
- Securely transmit your sensitive Personal Information.
- Transmit, store, protect and access all cardholder information in compliance with the Payment Card Industry’s Data Security Standards.
If you have any questions about the security of your personal information, you can contact us at email@example.com
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
7. International Data Transfers
In accordance with and as permitted by applicable law and regulations, we reserve the right to transfer your information, process and store it outside your country of residence to wherever we or our third party service providers operate. At this time any United States person’s data shall be stored and kept within the United States. European Union data subjects may have their data stored in the European Union or the United States, and such data may be transferred to the United States to allow for completion of the Services required. All data stored and transferred would be done so subject to the E.U. – U.S. Privacy Shield Framework.
8. EU-US PRIVACY SHIELD. Stamps.com complies with the E.U. - U.S. Privacy Shield Framework ("Privacy Shield").
Under the Privacy Shield, Stamps.com US collects, uses, and discloses EU and United Kingdom Personal Data for the purposes described in the Privacy Statement. The choices and means that we offer for limiting use and disclosure of EU Personal and United Kingdom Personal Data are described above in Section 3, and we provide access as described in Section 4. Stamps.com US is responsible for the processing of EU and United Kingdom Personal Data that it transfers to a third party acting as an agent on its behalf. We remain liable in accordance with the Privacy Shield Principles if third-party agents that we engage to process such personal data on our behalf do so in a manner inconsistent with the Privacy Shield Principles, unless we prove that we are not responsible for the event giving rise to the damage.
With respect to European and United Kingdom Personal Data received or transferred pursuant to the Privacy Shield, Stamps.com US is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Stamps.com US may be required to disclose European and United Kingdom Personal Data in response to lawful requests by public authorities, including meeting national security or law enforcement requirements.
Stamps.com has further committed to cooperate with the panel established by the EU and United Kingdom data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the E.U. and United Kingdom in the context of the employment relationship. E.U. and United Kingdom individuals with inquiries or complaints regarding HR data should first contact our Data Protection Officer at: firstname.lastname@example.org.
If you are a European or a resident of the European Economic Area and have an unresolved privacy or data use concern, you can contact our Data Protection Officer at email@example.com or you can contact us as specified below in "How to Contact Us." If you have any concerns that we have not addressed satisfactorily, you may also contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website, if you are a European Union or United Kingdom Data Subject, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
9. How To Contact Us