Avlis-co Inc. assumes the following responsibilities:
- Protecting all data generated by and provided to us by our users from being stolen, compromised, or used in violation with this policy.
- Never selling user-provided and user-generated data for financial gain or competitive advantage.
- Providing transparency for our users into what data we collect and what we do with it including what access third parties have to user data and for what purpose.
- Informing users if their data is compromised, either by failure to protect data or by order to surrender data to a legal authority, to the fullest extent we are lawfully able.
What We Know About You
If you register an account with Avlis-co Inc., we’ll have access to your e-mail address and any additional contact information you choose to provide us. If you place an order, we retain a record of the contents of the order, delivery and billing address information, and any communication you might have with our customer support team about the order. If you use features such as commenting, in-stock notifications, and comment reply notifications, we retain record of this fact.
If you browse www.avlis-co.com with or without a login, we know for a limited time that a user at your IP address has visited pages on the site.
We collect data on what products and content you browse in order to offer better value to you through personalized email, and to see which products/content are the most useful to you.
When and How We Send Email
We send email to users when orders are placed, paused, shipped, or ready for local pickup. We may be in contact when an order requires payment before shipping or if other issues prevent us from fulfilling an order. We will send you email to verify your email address or if you request a password reset. We may send you email to request reviews of our products or feedback on your experience with our website, products, or customer support.
We will notify users if we believe their privacy has been compromised, if it is within our power to do so. For example, if we discover a customer’s account user login information has been exposed elsewhere on the web, or if we are compelled to disclose information to law enforcement.
We offer a set of opt-in email subscriptions for things such as newsletters, in-stock notifications for products, and comment reply notifications. You can control your subscriptions (when logged into your account). All new customers are signed up to our main newsletter by default, and Avlis-co Inc. may at any time add all new and all existing customers to existing and new newsletters at our discretion.
We may occasionally send you an email that you did not request or trigger with an action of any kind in order to promote a certain aspect of our site, products, or services.
When you talk to our support teams
If you email us, chat with us, or call us on the telephone for support we can and most of the time will record the interaction. This is done so for training and audit purposes and the private conversations between customers and support staff are never sold to or shared with third parties (except when a third party tool, such as email or our chat service, is used to make the interaction possible).
Logging and Log Retention
In order to understand traffic to our sites and diagnose technical problems, we log individual web requests. These logs include time of request, individual IP address, referer, and user agent strings. We may retain these logs for up to 60 days, although individually-identifying information will be obscured after one week.
In order to prevent fraud and detect malicious behavior, we log IP addresses for specific actions, such as creating a customer account and placing an order. This information is automatically deleted after no more than 60 days.
Except in the case of malicious traffic, we will not share log data with any third party, unless compelled by legal process to do so.
Cookies, Tags, Tracking Pixels, and HTTPS
Our analytics software, Kickfire uses tags/tracking pixels to help keep track of how many unique visitors we’re getting, where they come from, and how they navigate our site, unless you’re browsing with Do Not Track enabled. We use this information to inform site improvements.
We do our best to serve all content securely over HTTPS.
Third Party Services
Do Not Track
Do Not Track is a standard for telling sites that you don’t want to be tracked. It’s aimed at sites you don’t visit directly, like advertisers and social media platforms.
Avlis-co Inc. supports the Do Not Track standard. While third party plugins with access to visitor browsing data are limited on Avlis-co Inc..com, all are disabled for visitors passing a Do Not Track HTTP header. This includes third party tools for analytics, live chat, and web optimization (described below).
We use Microsoft Outlook, and mail sent to or from Avlis-co Inc..com addresses generally passes through Google’s servers.
Shipping Providers and Export Control
We offer shipping through third parties: FedEx, UPS, and the United States Postal Service (via a service called Endicia). We pass delivery addresses, phone numbers, and invoices to these companies to the extent required for quoting shipping prices and successful delivery of orders.
We comply with United States export regulations and authorities. We use Visual Compliance to automatically screen billing and delivery addresses for potential export control violations. This entails transmission of customer billing and delivery address information to Visual Compliance servers.
Third Party Fulfillment Centers
The Third Party Fulfillment Center will only have access to info on your order's shipment. This may include your name, address, and contact information related to your order. We will not share your data that doesn't apply directly to orders, including but not limited to email, payment info, profile info, etc.
Credit Card payments are processed through Endicia. All credit card data including the cardholder name, credit card number, expiration date, CVV, and full billing address are sent to Endicia via an API for processing. Details regarding what products a customer is purchasing and other demographic information are not sent to Endicia.
Each transaction is logged by retaining the transaction amount, the cardholder name, the last four digits of the credit card, and the card expiration date. No other credit card data is stored at any point on Avlis-co Inc. servers.
PayPal is offered as a payment method. When using PayPal on Avlis-co Inc..com a user must provide their PayPal email address. The user will then be directed to paypal.com to complete their payment, after which they will be redirected to Avlis-co Inc..com to complete the order.
Avlis-co Inc. uses Kickfire to track aggregate behavior of visitors on Avlis-co Inc..com.
Avlis-co Inc. also utilizes Google Analytics Demographics and Interest Reporting. This means we combine personally identifiable information about your Avlis-co Inc. account, browsing, and shopping habits and merge it with Google's tracking cookies, all of which goes to Google. This is enabled by default for all visitors to Avlis-co Inc..com. You can opt out of this by enabling Do Not Track headers in your browser or installing and enabling the Google Analytics Opt-Out Browser Add-on.
Uses can choose to display a Gravatar associated with the email address on their account. This will expose a hash of the address to the public web and to Gravatar, which may be a privacy concern.
We maintain accounts on various social media platforms, including Facebook, Twitter, Google+, Pinterest, YouTube,Elloand Instagram, and Tumblr. While some of these platforms are themselves invasive of user privacy, we will do our best to apply the principles outlined in the rest of this policy to our use of social media.