Privacy Policy
Last updated:
1. Who We Are (Data Controller)
Data Controller: Glare International Inc.
Registered Address: 5605 Riggins Court, Reno, NV 89502, USA.
Glare International Inc. is the primary controller for personal information collected via glare.com. Related entities may act as processors or in limited controller roles for local operations, but Website data accountability remains with Glare International Inc.
2. Scope
This Policy covers visitors and customers of the Website and Services worldwide. Where local laws require stricter protections, we apply those protections globally where feasible.
3. How to Contact Us
General & Privacy Inquiries
Email: info@glare.com
Phone: +1 (419) 735-1488
Address: 5605 Riggins Court, Reno, NV 89502, USA
EU/UK Representative
Placeholder: Insert the name and contact details of your designated EU/UK representative (GDPR Art. 27), if applicable.
4. Information We Collect
4.1 Information You Provide
- Identifiers: name, alias, postal address, email, phone.
- Account Data: username, (hashed) password, order history, support records.
- Commercial Information: products purchased, transaction details.
- Payment Metadata: limited details (e.g., last 4 digits) from payment processors for compliance/audit. Full card data is handled by processors.
4.2 Information Collected Automatically
- Internet/Network Activity: IP address, device/browser type, OS, referring URL, pages viewed, time on page, clicks/interactions.
- Approximate Geolocation: derived from IP address.
- Fraud/Abuse Monitoring Data: technical and behavioral signals (e.g., interaction patterns, user agent, IPs) to detect bots and invalid traffic.
4.3 CCPA/CPRA Categories (Past 12 Months)
| Category | Examples | Sources | Purposes |
|---|---|---|---|
| A. Identifiers | Name, alias, postal address, email, phone, device/cookie IDs, IP | Forms, device interactions, third-party tech | Accounts, orders, security, analytics, fraud prevention, ads (consent/opt-out dependent) |
| B. §1798.80(e) | Contact data; limited payment metadata | Customer records, payment providers | Transactions, support, compliance |
| C. Protected classifications | Not actively collected; may be inferred by platforms | Ad/analytics platforms | Targeting/measurement (with appropriate consent/opt-out) |
| D. Commercial information | Purchase history, product details | Transactions, account history | Fulfillment, warranty, auditing |
| F. Internet activity | Browsing history, clicks, ad interactions, mouse-tracking signals | Cookies/CMP, analytics, fraud tools | Optimization, security, advertising controls |
| G. Geolocation | Approximate location | IP lookup | Fraud prevention, logistics, localization |
| I. Sensory | Call audio (if support calls recorded with notice) | Customer service systems | Quality assurance, dispute resolution |
5. Purposes & Legal Bases (GDPR)
- Contract necessity: order processing/delivery; account management; service communications.
- Legitimate interests: site improvement/analytics (aggregated where possible); fraud/security (including invalid-traffic/click-fraud detection); internal operations and auditing.
- Consent: direct marketing emails; non-essential cookies/trackers (marketing, analytics, performance) where required; withdraw anytime.
- Legal obligations: tax/accounting retention, compliance, and lawful requests.
6. Cookies, Tracking & Consent
We use cookies and similar technologies (e.g., pixels, local storage):
- Essential: required for core functions (e.g., cart, security). Do not require consent.
- Non-essential: performance/analytics, functionality, and marketing/targeting. Consent required where applicable (e.g., EU/EEA/UK).
7. How We Share Information
7.1 Service Providers (Processors)
We share personal information with vetted providers under written data processing agreements, including:
- Fulfillment & logistics (shipping/warehousing)
- Payments & fraud screening
- Cloud hosting, customer support, email delivery, analytics
7.2 Legal & Business Transfers
We may disclose information to comply with law, protect rights, and in connection with corporate transactions (e.g., merger or sale). If ownership changes, we will notify you where required.
7.3 “Sale”/“Sharing” Under CCPA/CPRA
Certain ad/analytics uses may be considered “sharing” (cross-context behavioral advertising) or “sale” under California law. California residents can opt-out using the controls provided in this Policy and cookie preferences.
8. International Transfers
When transferring personal data outside the EEA/UK (e.g., to the United States or to affiliates/service providers in other countries), we implement appropriate safeguards such as EU Standard Contractual Clauses (and UK equivalents) and supplemental measures where required.
9. Your Privacy Rights
9.1 GDPR (Global Availability Where Feasible)
- Access / Know
- Rectification
- Erasure (“Right to be Forgotten”, subject to legal exceptions)
- Restriction
- Portability
- Object (including absolute right to object to direct marketing)
- Withdraw consent where processing is based on consent
9.2 CCPA/CPRA (California)
- Right to Opt-Out of sale/sharing of personal information
- Right to Limit use of Sensitive Personal Information (if collected)
- Right to Non-Discrimination
9.3 Submitting a Request
Contact info@glare.com to exercise your rights. You may also provide an online request form if you choose.
Verification: We will verify your identity to a reasonable degree before fulfilling requests, using information you provide matched against our records. Authorized agents may act on your behalf where permitted by law.
Timelines: We aim to respond within legally required time frames (e.g., 30 days under GDPR; 45 days under CCPA/CPRA, with permitted extensions).
10. Security
We use appropriate administrative, technical, and physical safeguards, including encryption in transit (TLS), encryption at rest where applicable, network protections, access controls, and monitoring. No method of transmission or storage is completely secure; we continuously improve our safeguards.
11. Retention
We retain personal information only as long as necessary for the purposes described above, including to meet legal, accounting, and reporting obligations. Illustrative schedules:
| Data Category | Purpose | Minimum Retention | Notes |
|---|---|---|---|
| Transactional records & invoices | Tax/audit/warranty | 7 years | From transaction or fiscal year end |
| Customer account data | Service history, support | Active account + 2 years | Unless earlier deletion is requested and permitted |
| Consent & opt-out logs | Compliance & audit trail | 5 years after revocation | Or longer where legally required |
| Aggregated browsing/usage (non-PII) | Analytics/UX | 1 year | Shortened where feasible |
| IP/click-fraud logs | Security/fraud prevention | 6–12 months | Based on necessity & minimization |
12. Changes to This Policy
We may update this Policy to reflect changes in laws or our practices. Material changes will be communicated via Website notices and/or email where required. Please review this page regularly.
13. Regional Notices
13.1 EU/EEA & UK
- Where consent is required (e.g., for non-essential cookies), we will seek it before activation.
- For transfers outside the EEA/UK, we rely on approved transfer mechanisms (see Section 8).
- You may lodge a complaint with your local supervisory authority; we welcome the opportunity to resolve concerns directly first.
13.2 California (CCPA/CPRA)
- Use the cookie preferences to opt-out of sale/sharing of personal information for cross-context behavioral advertising.
- We do not knowingly sell or share personal information of consumers under 16.
- If we collect Sensitive Personal Information, you may request that we limit its use to what is necessary to provide the requested services.
13.3 Children’s Privacy
The Website is not directed to children under the age required by local law (e.g., under 13 in the U.S.). We do not knowingly collect personal information from children. If you believe a child has provided personal information, please contact us to request deletion.