Do Not Sell My Personal Information

Policies

Do Not Sell My Personal Information

As a leader within the alternative lifestyle community, we are 100% committed to our patrons and customers, which is why we want to take the time to explain exactly what the “Do Not Sell My Personal Information” link on Twisted Engineering webpages means. The purpose of this article is to explain (1) why Twisted Engineering’s webpages contain the “Do Not Sell” link, (2) what it means to “sell” “personal information,” as those terms are defined under California and United Kingdom law (3) that Twisted Engineering does not sell personal information that directly identifies you, even under the California definition of “sale,” (4) what happens if you tell Twisted Engineering not to “sell” your personal information, (5) how Twisted Engineering implements your choice to block it from “selling” your personal information, and (6) how Twisted Engineering maintains your “Do Not Sell” Choice.

Twisted Engineering provides the “Do Not Sell” link in order to comply with requirements outlined in the California Consumer Privacy Act (CCPA), California Civil Code Section 1798.100 et seq., effective January 1, 2020 and the United Kingdom’s General Data Protection Regulation (GDPR), effective May 25 2018. Both data protection laws provide affected residents of their established geographic regions with certain choices about their data, including the ability to tell companies not to “sell” their personal information. Our link is there to inform you of this choice. Although these laws only dictate we grant their perspective residents these rights, we believe everyone should have the same choices about their personal information. Please see our Privacy Policy for more information.

The CCPA and the GDPR both broaden the definition of “sale” and “personal information” beyond how you might commonly interpret those terms.

Under these laws, “personal information” includes information that is not necessarily directly tied to an individual’s identity but may be associated with a device. This includes identifiers such as IP addresses, web cookies, web beacons, and mobile AdIDs. In many cases, this type of information is not associated with you, but they are unique identifiers that could be. Similarly, the term “sell” is defined to include not just selling in exchange for money, but also sharing or transferring personal information (including information that does not directly identify an individual as described above) in exchange for anything of value, which is not limited to the exchange of money. Certain things are not considered “sales,” including when (1) personal information is shared with a service provider that is contractually prohibited from using the personal information for any purpose beyond the service specifically requested (“service provider exception”), or (2) when the consumer has directed a company to disclose the personal information (“consumer directed exception”).

Twisted Engineering does not sell information that directly identifies you, like your name, address, social security number, banking information, or phone records. In fact, we do not even share these type of information except with service providers who require this information solely to provide a service on our behalf (e.g. card processing service), when a consumer directs us to share the information, or in the limited additional circumstances outlined in our Privacy Policy (such as for fraud prevention purposes or where we are legally required to share the information).

However, the CCPA and GDPR’s broad definitions of “sale” and “personal information” may deem the common flow of information in the digital analytics and advertising ecosystem to be a sale. Like most companies that operate commercial websites and apps, Twisted Engineering utilizes online analytics to measure the ways users engage with our websites. These analytics, in turn, inform how we perform online advertising. In order to provide these analytics and facilitate online advertising, Twisted Engineering uses third-parties that collect device identifiers and place tags, cookies, beacons, and similar tracking mechanisms on our websites.

Where we can reasonably ensure via contract that the third-parties described above can and will use a device identifier solely to provide the specific service we have requested, and will not use or share the data for other purposes, we will not deem that sharing a “sale.” In most cases, we’ve determined that our data analytics providers that measure the ways users engage with our websites and apps meet this standard and, accordingly, we will not block the sharing of an identifier with those entities even when you choose to opt-out by submitting a “Do Not Sell” request. For more information on our use of cookies, and your rights in regards to our use of cookies, please check out our cookie policy.

In some cases, though, Twisted Engineering does not ultimately control how such identifiers are used by some third-parties (particularly in some cases in the online advertising ecosystem), and so we can’t determine that all sharing with third-parties in these cases fall within the service provider exception under the law. As a result, we are currently treating our sharing with some of these third-parties as a “sale” under the CCPA and GDPR.

When a user of our websites makes the “Do Not Sell” choice, we will make every effort to block further sharing of the covered identifiers with the third-parties we engage on those digital properties or any other entity that does not fall within the service provider exception or the consumer directed exception.

The implementation of your choice to block the sale of your personal information is complex. However, as general rule, when you submit a “Do Not Sell” request, your account will be flagged, and your preference stored as part of our customer records.

For Twisted Engineering websites, if you do not log in to your account (or do not have an account with us), you will have to rely on cookies, or the blocking there of, to control your personal information. See our Cookie Policy for more information. However, please be aware that some setting will only work if your browser is set to accept cookies. Likewise, if you clear your browser cookies, the cookie-based “Do Not Sell” setting will be erased, and you will need to reset the setting for that web domain.

If you choose to sign in and have requested to set a “Do Not Sell” tied to your account, we will make our best effort identify and honor that setting whenever you are logged into a Twisted Engineering website. This persistent setting will have no effect, however, when you have not signed into a Twisted Engineering website. For more information about Twisted Engineering’s privacy practices and our approach to the UK DGPR and CCPA, please see our Privacy Policy.

This Policy shall be governed and interpreted in accordance with the English language, regardless of any translations made for any purpose whatsoever.

The version of this Policy is effective January 25, 2021