© 2022 Zaffori Ventures, LLC. All rights reserved.
Effective: September 21, 2021
The terms “Zaffori”, “we”, “our”, and “us” refer to Zaffori Ventures, LLC, a Texas limited liability company. The terms “you” and “your” refer to you, our designer/vendor/retailer/seller who intends and/or is licensed to sell a selection of their goods through our Services, customer who purchases items marketed and/or sold through our Services, a visitor to our website, or other user of our Services.
Zaffori provides an online retail platform/marketplace on which approved designers/vendors/retailers/sellers of apparel and accessories can market and sell a selection of their luxury and designer goods and shoppers can view, review and purchase these goods from those sellers. Zaffori is not the designer, owner, manufacturer, or seller of these goods. Users of our platform may purchase the listed goods from those approved sellers through the use of our website and other Services and by use of a third-party payment service to process payments for the goods purchased. We are not the seller of those goods. We provide or facilitate the fulfillment services, including warehousing, packaging and shipping the orders using third-party delivery services chosen by the customers. We are not responsible for the quality or fitness of the goods.
We are not responsible for the content, privacy policies or practices of third parties or for third-party websites or apps. At the inception, our focus is to operate in the United States and to only process orders for shipment in the United States and Canada and we will use and otherwise process your information in the United States and other countries in which we operate. Please note that the laws protecting personal data and privacy, including your rights as to your personal data, may differ from those that apply in your country, state or jurisdiction of residence or from which you access our Services. We will transfer your data across jurisdictions only as necessary in our operations and to the extent permitted by applicable laws.
All trademarks, tradenames and other intellectual property associated with our Services are the property of Zaffori and its licensors. Reference to third party goods and services, including references to the third party payment processor who processes payments of customer orders on www.zaffori.com, are not meant to indicate any partnership, joint venture, or other relationships between Zaffori and those companies or any sponsorship of Zaffori or our Services by any of those companies.
2. Information we Collect or Receive and for what Purposes
Communications: If you provide a profile on our website or communicate with us via email or otherwise, you may provide us with your name and email address. We use this data to communicate with you. When you receive an email from us through our website or platform, you can select the unsubscribe option in said email and our system will stop sending you emails, except (a) to communicate or record the exercise of your option to unsubscribe, (b) for sellers pursuant to the Sellers Agreement, or (c) for other legally permitted purposes.
Processing in and outside the USA: We are based in the United States but provide Services internationally. Our developers, employees and contractors are located or may later be located in several countries and they will have access to the information we process at or from their locations. Generally, information that we collect in the United States will be processed primarily within the United States. We also utilize third-party tools and services, through which some of your information may be transmitted or otherwise processed within and outside the United States, including the following: (a) internet and other communications lines and facilities for transmission of data; (b) cloud-based storage services whose servers may be located in multiple countries, for storage, access and other processing; (c) email and document file hosting services whose servers may be located in multiple countries; and (d) vendors and service providers to manage, support, maintain and upgrade our websites, platform and other systems and to provide payment processing services and delivery and other fulfillment services.
Information we do not Collect: We do not knowingly collect or otherwise process personal information of children.
Marketing: Except for use of sellers personal information pursuant to the Sellers Agreement, in the event we use any of your personal information to market our Services to you, we will secure your consent for such use where required and you will also have the opportunity to opt out of our use of your personal information for marketing purposes.
3. Cookies and Tracking Technologies
4. Information Protections and Risks
Protections: We have committed to maintaining reasonable technical, organizational and physical safeguards to protect your personally identifiable information that we collect and use, against unauthorized access, use, reproduction, alteration, disclosure, dissemination and destruction, taking into account the nature of the data, our use of the data and the threats posed.
Risks: Unfortunately, no data transmission over the Internet, no electronic storage of data and no website, system or facility is fully secure or immune from cyberattack or compromise. You understand that any message or information you send to us may be read or intercepted by others. Accordingly, and despite our efforts to protect your information, we cannot guarantee or warrant absolute security of your information.
5. How Long do we Keep your Information
6. Consent & Parental Responsibility
Children & Parental Responsibility: We do not knowingly permit persons under thirteen (13) years of age to use our Site or platform. We do not knowingly collect or otherwise process personal information of children. Do not provide your consent or personal information if you are under thirteen (13) years of age. In any event, we have no obligation and we do not intend or desire to contract with you unless you are of the age set by applicable law for you to be bound by a contract with us. Minors (under eighteen (18) years of age, but not younger than thirteen (13) years of age) or persons who otherwise do not have the legal capacity to contract to use our Services may only use our Services through an account owned by their parent or legal guardian and/or with said parent or legal guardian’s consent and direct supervision. Said parent or legal guardian is responsible for any and all activity on our website or platform conducted by a minor or persons who otherwise do not have the legal capacity to contract.
7. California Residents
8. Nevada Residents
9. Virginia Residents
10. European Residents Subject to GDPR
The European Union General Data Protection Regulation (“GDPR”) imposes certain obligations upon certain companies conducting business in the EU and provides certain rights for data subjects with respect to their personal data. The GDPR defines the term “personal data” as follows: any information relating to an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Generally, we are authorized to, and will, process your personal data if at least one of the following applies: (a) you gave consent to process your personal data for one or more specific purposes; (b) processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract; (c) processing is necessary for compliance with a legal obligation to which the data collector, controller or processor is subject;
(d) processing is necessary in order to protect your vital interests or the vital interests of another natural person; and (e) processing is necessary for the purposes of the legitimate interests pursued by the data collector, controller or processor, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data, in particular where the data subject is a child.
Data subjects have the following rights, subject to certain conditions and limitations: (q) to consent to the processing of their personal data; (r) to request access to their personal data that is being processed; (s) to request rectification (correction) of their personal data; (t) to be forgotten (i.e., to have their personal data erased) in certain instances; (u) to restrict further processing of their personal data; (v) to notification of disclosure, rectification or erasure of their personal data;
(w) to portability (i.e., to have their personal data transferred to them or to another data controller); (x) to object to certain processing of their personal data, including in connection with the data controller’s pursuit of certain legal rights, profiling or marketing; (y) to object to their personal data being subject to automated decision making about them, such as profiling; and (z) to withdraw their consent to process their personal data. If we erase a data subject’s personal data from our system, upon such erasure we will be unable to recreate that data subject’s personal data.
If the GDPR applies to you and in the event the GDPR transfer requirements apply to our extraterritorial transfer your personal data, we will utilize standard contract clauses, rely on the EU adequacy decisions, obtain your consent or other requirements provided by the GDPR or otherwise satisfy the required conditions for said transfers. A data subject may lodge a complaint with a supervisory authority, if the processing of their personal data infringes the GDPR. Should the GDPR apply to you, we would appreciate the opportunity to address your complaint before you escalate the matter to a supervisory authority proceeding, so please contact us with your complaint so that we can address it as soon as possible to mitigate any resulting damages. You may contact our Data Security Office with respect to your legal rights affecting our use of your personal data.
11. Other Jurisdictions
12. Overriding Requirements
Applicable laws may provide compelling, legitimate grounds for processing personally identifiable information, personal data, and user content for the establishment, exercise or defense of legal claims, which override your interests, rights and freedoms. The data privacy laws in some countries may be less stringent than the laws of your country and the government, law enforcement and courts of some countries may be able to access your personally identifiable information, personal data and user content in certain circumstances. Some court orders, subpoenas, administrative agencies’ orders, or contracts may require us to take certain actions with respect to personally identifiable information, personal data and user content, including disclosing your personally identifiable information or personal data, that may be contrary to your requests and instructions and we may have to defer to the foregoing laws, orders or contracts in certain circumstances. Where we deem appropriate and permissible, we will seek protective orders to protect your personally identifiable information or personal data from such compelled disclosures. As a processor, we may be required to follow the instructions of the controller. A third-party contract under which we receive your personally identifiable information or personal data (e.g., a contract with your employer) or applicable laws may require us to retain business records, which may include personally identifiable information or personal data, for a period that is longer than the period allowed under other laws or regulations or that you prefer. We reserve the right to disclose, modify, delete, take down, block, and otherwise use your personally identifiable information, personal data and user content as we deem appropriate to comply with applicable laws, regulations, directives, orders, subpoenas, rules, legal process, and contractual obligations and in responding to claims and complaints relating to infringement, identity theft, misuse and misappropriation.
13. Presumption of Authenticity
We will rely on the data we have in our file to verify the accuracy of, and honor or respond to, your requests or instructions regarding your personal data. We will assume that your request or instruction is authentic if it uses your name or email address that you provided to us or that was provided to us by a third party who had apparent authority to share your data with us, such as your employer. We rely on you to notify us of any inaccuracy in your information and to promptly correct your profile information or request rectification of your information. In some instances, we will request additional data from you to verify the authenticity of your requests, including your request to delete or modify your personally identifiable information or personal data, such as your name, username and password, and email address.
14. Communications – Data Security Office
All requests and complaints regarding our processing or use of your personally identifiable information or personal data must be directed to our Data Security Office using the information provided below. We will respond to your requests for the exercise of your rights in the time required under applicable laws, giving due regard to our overriding obligations.
Zaffori Ventures, LLC
Data Security Office
252 West 38th Street
New York, New York, 10018