FlinnPREP Data Privacy Overview
How We Use Information
The online subdomain program of Flinn Scientific, www.flinnprep.com, (sometimes referred to herein as “FlinnPREPTM”) offers the following user accounts:
For account types created through www.flinnsci.com and all affiliated subdomains of that Site.
If a user chooses to provide Personal Information about him or herself, Flinn Scientific will use this information to communicate directly with a user. Generally, we use Personal Information to establish and enhance our relationship with our users through two main categories: communication and optimization. Below, we provide some specific examples of how we use the Personal Information and other information we may collect.
Information We Collect
In describing our collection, use, and sharing of information in this Policy, we refer to our collection and use of "Personal Information." "Personal Information," as used in this Policy, is personally identifiable information, which is information that directly identifies an individual, such as first and last name, mailing address, email address, billing information, IP address, demographics, passwords or other online contact information, or telephone number. We collect Personal Information, as well as non-personally identifiable information on Flinn Scientific Sites and/or Services.
We collect Personal Information in two ways. First, we collect information a user provides to us in optional, voluntary submissions, such as in registration forms, user profiles, promotional signups, sweepstakes/contest entries, requests for customer service, software and mobile applications downloads, and any customer comments or communication submitted as product reviews or order instructions. By sharing product reviews, a customer agrees that: The use of the comments, in whole or in part, is at our complete discretion; the use may be locally, nationally, or globally; this use is perpetual and may be assigned to us; the use may occur via any media, whether current or later developed; and this use occurs without compensation.
We may also collect transactional information provided by individuals and businesses that purchase from Flinn Scientific Sites and/or Services. This information may include contact information, shipping information, billing information for purposes of sending hard copies of an invoice and further detailed school and teaching detail.
We may also obtain information, including Personal Information, from third party sources to identify potential customers that we may contact via direct mail or email. We knowingly only contact people who have requested third-party marketing communications. If we directly combine information from third parties with Personal Information that we have collected, we will treat the combined information as Personal Information and handle it in accordance with this Policy. In addition, please note that we may solicit third parties to collect Personal Information on our behalf and in such cases we instruct those third parties to comply with this Policy and all applicable data protection laws.
A user is under no obligation to provide, and may decline to provide, any requested information at any time. However, if a user declines to provide Personal Information that is reasonably necessary to participate in certain activities, a user may not be able to participate in those activities on our Sites and/or Services.
Flinn Scientific does not collect or store any credit card information on premises or on any Flinn Servers. In the checkout process, credit card information is entered directly onto the servers of a third-party credit card processer. Flinn Scientific will only see a “token” that is created by a third-party processer and p
assed to Flinn Scientific to denote that a transaction has successfully been processed.
Passive Data Collection
Some Personal Information may be collected automatically via "Passive Data Collection." When a user visits Flinn Scientific Sites and/or Services, general data pertaining to a user’s visit is collected, including IP addresses, tracking codes, domain names, length of time spent, pages viewed. This information is collected to support system administration, customize and improve the user experience, improve Site content, and improve customer service. We may also receive passively collected information through a variety of methods including but not limited to “cookies” to collect information.
What is a Cookie?
Cookies are text files containing small amounts of information that are downloaded to a user’s computer/laptop/tablet or mobile device when a user visits a website. Cookies are then sent back to the originating website on each subsequent visit, or to another website that recognizes that cookie. Cookies do not gather a user’s Personal Information. Cookies are useful because they allow a website to recognize a user’s device. A user can find more information about cookies at: www.allaboutcookies.org. For an informative video about cookies, please visit www.google.co.uk/goodtoknow/data-on-the-web/cookies.
Cookies accomplish many different tasks including helping a user navigate between pages efficiently, remembering a user’s preferences, and generally improving a user’s user experience. They can also help to ensure that any advertisements a user see online are more relevant to a user and a user’s interests.
Flinn Scientific collects cookies on our Sites and/or Services to capture information about page visits (e.g., “performance cookies.”) This information is anonymous and Flinn Scientific uses this information only internally so we may deliver the most effective and useful content to our visitors. Information from the cookie is used to gauge page popularity, to analyze traffic patterns on our Sites and/or Services, and to guide development of other improvements to our Sites and/or Services.
Opting Out of Cookies
Functionality and Necessary Cookies
Please note that some functionality on our Sites (e.g., “functionality cookies”), our product checkout process, and Services may be disabled if a user decline to accept cookies ( e.g., “necessary cookies”).
We use analytics tools and other third-party technologies, such as Google Analytics Cookies, to collect nonpersonal Information in the form of various usage and user metrics when a user uses our online Sites and/or Services. These tools and technologies collect and analyze certain types of information, including cookies, IP addresses, device and software identifiers, referring and exit URLs, onsite behavior and usage information, feature use metrics and statistics, usage and purchase history, MAC Addresses, mobile unique device IDs, and other similar information. We use a user’s IP address and other general data listed above to help diagnose problems with our server and to administer our Sites and/or Services. A user’s IP address is also used to help identify a user and a user’s shopping cart and to gather broad demographic information.
A user may opt out of Google Analytics by visiting the Google Analytics opt-out page.
Google has additional information available about their Remarketing Privacy Guidelines, Policies, and Restrictions.
We use contact information to contact a user regarding orders, to respond to user requests, to provide a user with customer support, and to process transactions. We use information, including Personal Information, to send email newsletters and updates, to send a user information, catalogs, and promotional materials from our company, send special offers and advertisements, and to seek a user’s opinions and feedback. To cancel a user’s subscription to any of our newsletters, catalogs, or promotional materials, please call 1-800-452-1261 or email us at email@example.com. Due to time delays in receiving a user’s request and/or incorrect/incomplete information, a user may still receive direct mail after a user’s request for us to stop.
We use information, including behavioral metrics, and other non-personally identifiable information to operate, provide, improve, and maintain our Sites and/or Services, to develop new products and services, to prevent abuse and fraud, to personalize and display advertisements and other content for a user, and for other administrative and internal business purposes.
When We Disclose Personal Information
We do not share Personal Information with third parties except in the limited circumstances described in this Policy. In addition, we will never sell your Personal Information.
In order to ship and track merchandise, we make a user’s name, address, and phone number available to certain companies that help us provide a user with those services.
We may provide Personal Information to third parties for their use in performing internal business functions (e.g., payment processing, customer service, maintenance, security, data analysis, email transmission, beta testing, or data hosting) on our behalf. Additionally, some third-party service providers may collect information, including Personal Information, on our behalf. Whenever possible, we require such third parties to only collect and use Personal Information in accordance with this Policy, to maintain the confidentiality, security, and integrity of such Personal Information, and for no purpose other than providing us with our requested services.
Change of Ownership
Information about our users, including Personal Information, may be disclosed as part of any bankruptcy, merger, sale, transfer of company assets, acquisition, or similar transaction. In the event of such a transaction in which a user’s Personal Information would be transferred to a third party, we will make reasonable efforts to notify a user. For example, we will post a notice of the transfer of Personal Information on our Sites and/or Services and, if we have a user’s email address, we will send notice of the transfer of Personal Information to that email address.
Users that participate in a forum, blog, bulletin board, chat room, user commenting feature, or other interactive sharing or social features that may be offered through any of our Sites and/or Services should be aware that any Personal Information submitted, displayed, or published is considered publicly available and can be read, collected, used, and disclosed by other users of those features, by us, and other third parties without restriction, except to the extent limited access features are available, if any. To request removal of Personal Information from our blog, sharing service or community forum, for example, reach out through the contact information provided in this Policy. In some cases, we may not be able to remove a user’s Personal Information, in which case we will let a user know if we are unable to do so and why.
Children Under 18
If a user is under 18, a user may use our website only with the permission of a parent or guardian. In accordance with the Children’s Online Privacy Protection Act (COPPA), we do not knowingly seek or intentionally collect Personal Information online from children under the age of 13. Children under 13 years old are not allowed to create an account without a parent’s or guardian's express consent. We strongly recommend that all minors over the age of 13 ask their parents for permission before sending any information about themselves to anyone over the Internet.
We recognize the sensitive nature of Personal Information concerning K–12 students, where the information is contained in a school's educational records. This Personal Information is protected under either or both of the following federal statutes: the Children's Online Privacy Protection Act ("COPPA") and the Family Educational Rights and Privacy Act, including the Protection of Pupil Rights Amendment ("FERPA"). Our privacy practices comply with both COPPA and FERPA.
FERPA permits a school to provide educational records (including those that contain students' Personal Information) to certain service providers without requiring the school to obtain specific parental consent. FERPA permits this where the service provider acts as a type of "school official" by performing services, for example that would otherwise be performed by the school's own employees. We fulfill FERPA requirements for qualifying as a school official by, among other steps, giving the school direct control with respect to the use and maintenance of the education records at issue (including associated Personal Information), and refraining from redisclosing or using this Personal Information except for purposes of providing our learning platform to the school. We comply with FERPA by relying on this form of consent.
Submitting Personal Information
If a user does not want to submit Personal Information that is necessary to provide or use our Sites and/or Services or to fulfill a user’s request, a user will not be able to access and/or participate in certain Flinn Scientific Sites and/or Services. For example, a user will not be able to register for an account with us, place an online order with us, participate in certain contests or promotions, or access and/or use certain Flinn Scientific product features or online services. In addition, a user’s refusal to submit Personal Information may limit our ability to respond to a user’s customer support inquiry in a timely fashion.
Editing Personal information
If a user wants to be removed from individual communications, including marketing promotions, advertisements, updates and email newsletters, simply click the unsubscribe link in the communication, access the account settings page when logged in, call us at 1-800-452-1261, or email us at firstname.lastname@example.org. A user also acknowledges and agrees that there may be instances where we may elect to notify a user about administrative notices regarding a user’s account or any order with us, such as to inform a user about changes to our terms, conditions, and policies, that a user’s account may be expiring, or to provide a user with other relevant administrative information about a user’s account. Because this information is important for interaction with us, a user may not opt out of receiving these transactional communications.
Flinn Scientific is dedicated to making sure that users enjoy a secure shopping experience. This Site has security measures in place to protect the loss, misuse and alteration of a user’s sensitive information (such as a user’s credit/debit card number). Furthermore, we encrypt that data and protect the transmission of that information by using 128-bit encryption from GoDaddy Secure Certificate Authority – G2, the most advanced form of Secure Sockets Layer (SSL) software, in all areas where a user’s personal identity is required. We take reasonable measures, including the implementation and maintenance of physical, electronic, and managerial procedures, in an effort to ensure the security, integrity, and accuracy of all Personal Information that we collect. Our efforts include procedures designed to avoid unauthorized access, alteration, misuse or disclosure of Personal Information.
In the event of a security breach involving Personal Information, we will take reasonable and prompt steps to mitigate the breach, evaluate and respond to the intrusion, and cooperate and assist schools and other subscribers in efforts with respect to (i) responding to the breach, including the provision of notices to data subjects; and (ii) engaging mutually agreeable auditors or examiners in connection with the security breach, subject to reasonable notice, access and confidentiality limitations.
Data Integrity and Data Retention
We collect and use Personal Information in accordance with this Policy and only for the purposes stated in this Policy at the time we request such Personal Information from our users, or for such purposes to which a user may otherwise consent. We do not use or share our users' Personal Information in a way that is incompatible with the purposes for which such Personal Information was requested and authorized for use by us. We retain Personal Information for no longer than is commercially reasonable to carry out our business purposes, or as we believe may be legally required. When Personal Information is deleted or updated by a user, it may take up to 30 days from accessible systems, and up to 90 days from backup systems, for us to delete such Personal Information.
Data protection laws vary by country; however, we will process your Personal Information in accordance with this Policy no matter where our data is stored. If you are located in a country outside the United States, by using this Site you consent to the transfer of your information to the United States or to anywhere in the world we decide, in our sole discretion, to store data.
Access to Personal information
If a user uses this Site, a user is responsible for maintaining the confidentiality of a user’s account and password and for restricting access to a user’s computer, and a user agrees to accept responsibility for all activities that occur under their account or password. A user may view, correct, or delete the Personal Information Flinn Scientific stores about the user. Most user’s Personal Information may be accessed and corrected by simply logging into an account and accessing the user profile. If a user wishes to obtain a report of the Personal Information Flinn Scientific has about a user, please send us a written request to the mailing address set forth in this Policy.
Changes and Updates to This Policy
We may update this Policy from time to time. If we do, we will update the "effective date" listed in the Policy. If we make material changes to how we use Personal Information, we will attempt to notify a user of the change and give a user the opportunity to exercise choice as to how a user’s Personal Information is used. We will post the updated Policy on the affected Sites and/or Service, and if we have a user’s email address, we will send notice of the update to that email address.
We encourage a user to review this Policy periodically to stay informed about our collection, use and disclosure of Personal Information. A user’s continued use of our Sites and/or Services or any other content, products or other services covered by this Policy constitutes a user’s agreement to this Policy and any updates.
No Error-Free Performance
Flinn Scientific Inc.
P.O. Box 219
Batavia, IL 60510
Toll-free: 1 (800) 452-1261
Effective Date: October 6, 2016