In addition, the Camellia Café website is protecting children online where the Camellia Café website is audited regularly. We hope we have earned your trust and hope you will have a playful experience with the Camellia Café website.
1. Our general principles on data processing
To ensure your data is being processed correctly we have adopted the following principles:
1.1. We only collect and process your personal information if we have a legal basis for the processing under applicable laws, for example:
1.1.1. We have collected your consent,
1.1.2. It is necessary to fulfil an agreement with you,
1.1.3. We legally are obliged to do so, or
1.1.4. We have objective reasons and the processing does not harm you.
1.1.5. We will however always collect your consent as a parent or legal guardian if your child under 13 years is providing personal information online.
1.1.6. We will always inform you of the processing and the purpose of the processing, unless, and only in special cases, we have a legitimate basis not to do so.
1.1.7. We only process your personal information for the original purpose or for other purposes that are not incompatible with the original purpose.
1.1.8. We do not disclose your personal information to other persons or companies outside the Camellia Café website unless you have given us your consent, unless we have an agreement with you or unless we are legally obliged to do so.
1.1.9. We strive to verify and update your privacy information on a regular basis.
1.1.10. We might supplement your personal information with information from other databases to ensure that your data is correct and up to date.
1.1.11. We use high technical standards to protect your personal information.
1.1.12. We do not store your personal information longer than what is necessary to serve the purposes for which the personal information was collected or further processed.
1.2. Types of information we collect and process
We collect and process personal information: your IP address, computer explore type, your name, your E-mail, your phone number and shipping address.
2. How we process your personal information
• We process your personal information for the purpose of running our daily business and delivering Camellia Café experiences. In other words you give us your data and so that we can run our business and give you Camellia Café experiences online and offline.
• We process personal information through technology, such as cookies, including when you visit our sites, channels or applications on third-party sites or platforms.
• We acquire information from other trusted sources to update or supplement the personal information you provided or which we processed automatically.
3. How we use your information within the Camellia Café website
The Camellia Café website is based in Beijing, China. We use your information to:
• Provide you with the products and services you request.
• Communicate with you about your account or transactions with us and send you information about features on our sites and applications or changes to our policies.
• Send you newsletters if you sign up to receive them, you may opt-out at any time by following the unsubscribe instructions located at the bottom of each communication.
• Detect, investigate and prevent activities that may violate our policies or be illegal.
Camellia Café website ID
Please be aware that your Camellia Café website ID is only used in Camellia Café website. The ID may not be used on other third party sites.
4. Sharing your information with other companies
We will not share your personal information outside the Camellia Café website except in limited circumstances such as:
• To ensure the safety and security of our consumers and third parties.
• To protect our rights and property and of our consumers and third parties.
• To comply with legal process or in other cases if we believe that disclosure is required by law, such as to comply with a subpoena or similar legal process.
• When companies perform services on our behalf, like package delivery, payment processing, and customer service; however, these companies are prohibited from using your personal information for purposes other than those clearly defined by us or required by law and we have written contracts in place to ensure this.
• When we share personal information with third parties in connection with a merger, acqusition, or sale of all or a portion of our assets. You will be notified via email and/or prominent notice on our Web site of any change in ownership or uses of your personal information, as well as any choices you have regarding your personal information.
• Where you provide your consent to share your personal information with another company for marketing purposes enabling them to send you offers and promotions about their products and services. If you no longer wish to allow us to share such information with third parties, please contact us or email us firstname.lastname@example.org to opt-out. In some instances you may need to contact that third party directly.
• When you ask us to share your personal information with third-party sites or platforms, such as social networking sites. Please note that once we share your personal information for marketing purposes with another company, the information received by the other company becomes subject to the other company’s privacy practices.
5. Your controls and choices
We provide you the possibility to exercise certain controls and choices regarding our processing of your information which includes:
• You may correct, update and delete your registration account.
• You may change your choices for subscriptions, newsletters and alerts.
• You may choose whether to receive offers and promotions from us for our products and services, or products and services that we think may be of interest to you.
• You may choose whether we may share your personal information with other companies so they can send you offers and promotions about their products and services.
• You may request access to the personal information we hold about you and that we amend or delete it and we request third parties with whom we have shared the information with to do the same.
• You may exercise your controls and choices, or request access or deletion of innacuracies to your personal information, by contacting us or email us email@example.com. If you contact us through Camellia Café website, we will have to verify your identity for security purposes. Changes may take up till 10 days before they are active. Please be aware that if you do not allow us to process personal information from you, we may not be able to deliver certain products and services to you, and some of our services may not be able to take account of your interests and preferences. If you have questions regarding the specific personal information about you that we process or retain, please contact Camellia Café website.
We will retain your information for as long as your account is active or as needed to provide services. If you wish to cancel your account or request that we no longer use your information to provide you services contact us or email us firstname.lastname@example.org. We will retain and use your information as necessary to comply with our legal obligations, resolve disuptes, and enforce our agreements.
As true of most Web sites, we gather certain information automatically and store it in log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), reffering/exit pages, operating system, date/time stamp, and/or clickstream data. We do not link this automatically collected information to other information we collect about you.
Technologies such as: cookies, beacons, scripts and tags are used by Camellia Café website and our third party tracking utility partners and service providers. These technologies are used in analyzing trends, adminsitering the site, tracking users’ movements througout the site, and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual and aggregate basis.
7. Children’s privacy
We recognize the need to provide further privacy protections with respect to personal information we may process from children on our sites. When we intend to process personal information from children, we take additional steps to protect children’s privacy, including:
• Notifying parents about our information practices with regard to children, including explaining the types of personal information we may collect, use and process from children, the use we make of that personal information, and whether and with whom we may share that information
• In accordance with applicable law, obtaining consent from parents for the collection, use and processing of personal information from their children, or for sending information about our products and services directly to their children
• Limiting our collection, use and processing of personal information from children to no more than is reasonably necessary to participate in an online activity
• Giving parents access or the ability to request access to personal information we have collected, used or processed from their children and the ability to request that the personal information be changed or deleted For children in the age group under 18 years we follow applicable laws.
7.1. The Information we collect from children, how we use it, and how and when we communicate with parents
The Camellia Café website offers to its users a range of sites, some of which are primarily targeted at families with users of all ages and others which are targeted at children. Our sites offer a variety of activities, including activities that may include collection of information from children. Below we summarize potential instances of collection and outline how and when we will provide parental notice and/or seek parental consent. In any instance that we collect personal information from a child, we will retain that information only so long as reasonably necessary to fulfil the activity request or allow the child to continue to participate in the activity, and ensure the security of our users and our services, or as required by law. In the event we discover we have collected information from a child in a manner inconsistent with COPPA’s requirements, we will either delete the information or immediately seek the parent’s consent for that collection.
Children can, in many cases, register with our sites to view content, participate in contests, and engage in special features, among other things. During the registration process, we may ask the child to provide certain information for notification and security purposes, including a parent or guardian’s email address, the child’s first name and gender, the child’s member or account username, and password. We may also ask for birth dates from children to validate their ages. We strongly advise children never to provide any personal information in their usernames.
Please note that children can choose whether to share their information with us, but certain features cannot function without it. As a result, children may not be able to access certain features if required information has not been provided. We will not require a child to provide more information than is reasonably necessary in order to participate in an online activity.
About the collection of parent email address: Consistent with the requirements of COPPA, on any child-targeted site or application, or in any instance where we ask for age and determine the user is age 12 or under, we will ask for a parent or guardian email address before we collect any personal information from the child. If you believe your child is participating in an activity that collects personal information and you or another parent/guardian have NOT received an email providing notice or seeking your consent, please feel free to contact us at Data Privacy Officer email@example.com. We will not use parent emails provided for parental consent purposes for marketing directed towards the parent, unless the parent has expressly opted in to email marketing or has separately participated in an activity that allows for such email contact.
Content generated by a child
Certain activities on our sites, channels and applications allow children to create or handle content and save it with the Camellia Café website. Some of these activities do not require children to provide any personal information and therefore may not result in notice to the parent or require parental consent. If an activity potentially allows a child to insert personal information in their created content, we will either pre-screen the submission to delete any personal information, or we will seek a parental consent by email for the collection. Examples of created content that may include personal information are:
- stories or other open-text fields,
- drawings that allow text or free-hand entry of information,
- pictures of your child,
- audio or movie files representing your child, and
- other persistent identifiers that can be used to clearly identify your child.
If, in addition to collecting content that includes personal information, the Camellia Café website also plans to post the content publicly or share it with a third party for the third party’s own use, we will obtain a higher level of parental consent (verifiable parental consent)
Parental consent mechanisms:
Email consent (low level consent):
In the event the Camellia Café website wishes to collect personal information from a child, COPPA requires that we first seek a parent or guardian’s consent by email. In the email we will explain what information we are collecting, how we plan to use it, how the parent can provide consent, and how the parent can revoke consent. If we do not receive parental consent within a reasonable time, we will delete the parent contact information and any other personal information collected from the child collected for the purpose of contacting you.
Verifiable consent (high level consent):
In the event the Camellia Café website collects personal information from a child that will be posted publicly or disclosed to a third party, we will seek a higher level of consent than email consent. Such “high-level” methods of consent include but are not limited to asking for a credit card or other payment method for verification (with a nominal charge involved), speaking to a trained customer service representative by telephone or video chat, or requiring a signed consent form by mail, email attachment, or fax. After providing high-level consent, a parent may have the opportunity to use a pin or password in future communications as a way to confirm the parent’s identity.
Contests and sweepstakes
For contests and sweepstakes, we typically require only the personal information necessary for a child to participate, such as first name (to distinguish among family members) and parent email address (to notify the parent where required by law). We only contact the parent for more personalized information for prize-fulfilment purposes when the child wins the contest or sweepstake.
Of course, some contests and sweepstakes ask the child to submit their own created content along with the child’s entry. In those instances, we may require parental consent prior to submission. Please see content generated by a child above for more information on our collection, notice, and consent policies. Parent’s will be sent a notice along with instructions on how they may provide their consent for their child to particiapate in such activities via email (sent to the email address on file for the parent). We will not allow your child to participate in such activities until we have received your consent for them to do so.
Email contact with a child
On occasion, in order to respond to a question or request from a child, the Camellia Café website may need to ask for the child’s online contact information, such as an email address. The Camellia Café website will delete this information immediately after responding to the question or request.
In connection with certain activities or services, we may collect a child’s online contact information, such as an email address which is collected from the parent, in order to communicate with the child more than once. In such instances we will retain the child’s online contact information to honour the request and for no other purpose such as marketing. One example would be a newsletter that provides occasional updates about a site, game/activity, television show, personality/character, or feature movie. Whenever we collect a child’s online contact information for ongoing communications, we will simultaneously require a parent email address in order to notify the parent about the collection and use of the child’s information, as well as to provide the parent an opportunity to prevent further contact with the child. On some occasions a child may be engaged in more than one ongoing communication, and a parent may be required to “opt-out” of each communication individually. Parent’s may opt their child out from receving these types of communications by following the unsubscribe instructions located within each communication or by emailing us at firstname.lastname@example.org.
Push notifications are notifications on mobile and other devices that are typically associated with downloaded applications, and which can communicate to the device holder even when the application is not in use. We will require a child to provide a parent email address before the child can receive push notifications from our child-directed applications that collect a device identifier. We will then provide the parent with notice of our contact with the child and will provide the parent the opportunity to prevent further notifications. Finally, we will not associate the device identifier with other personal information without contacting the parent to get consent. If you no longer wish to allow your child to receive these types of communications, you may turn them off at the device level.
If a child-directed site, channel or application collects information on children´s geographical location (geolocation information) on street name, address or coordinates we will first seek parental consent via email. This also means that we will in some instances collect data on children´s geolocation information where parental consent is not required i.e. information not linked to the specific child in regards to city, country and region. In order to request that we no longer collect such information you may turn this off at the device level in the settings or by contacting us or email us email@example.com.
• provide children with access to features and activities on our sites and applications
• customize content and improve our sites and applications
• conduct research and analysis to address the performance of our sites and applications
• generate anonymous reporting for use by the Camellia Café website
In the event we collect such information from children on our sites and for other purposes, we will notify parents and obtain consent prior to such collection.
7.2. When information collected from children is made available to others
In addition to those rare instances where a child’s personal information is posted publicly (after receiving high-level parental consent), we also may share or disclose personal information collected from children in a limited number of instances, including the following:
• We may share information with our service providers like software solutions, online security, and customer service; however, these companies are prohibited from using your personal information for purposes other than those clearly defined by us or required by law and we have written contracts in place to ensure this.
• We may disclose personal information if permitted or required by law, for example, in response to a court order or a subpoena. To the extent permitted by applicable law, we also may disclose personal information collected from children (i) in response to a law enforcement or public agency’s (including schools or children services) request; (ii) if we believe disclosure may prevent the instigation of a crime, facilitate an investigation related to public safety or protect the safety of a child using our sites or applications; (iii) to protect the security or integrity of our sites, applications, and other technology, as well as the technology of our service providers; or (iv) enable us to take precautions against liability.
• Parents have the right to consent to the collection, use and processing of their childs personal information without also having to consent to the disclosure of that information to third parties as we do not share information with third parties other than as disclosed above.
7.3. Parental controls
At any time, parents can refuse to permit us to use and collect further personal information from their children in association with a particular account, and can request that we delete from our records the personal information we have collected in connection with that account. Please keep in mind that a request to delete records may lead to a termination of an account, membership, or other service.
Where a child has registered for a Camellia Café ID account, we use two methods to allow parents to access, change, or delete the personally identifiable information that we have collected from their children:
1.Parents can request access to and delete their child’s personal information by logging on to the child’s account through the site located here. Parents will need their child’s username and password. The site home page explains how to recover a password if the child cannot recall it.
2.Parents can contact Consumer Services to request access to, change, or delete their child’s personal information by contacting us or email us firstname.lastname@example.org.
In any correspondence such as e-mail or mail, please include the child’s username and the parent’s email address and telephone number. To protect children’s privacy and security, we will take reasonable steps to help verify a parent’s identity before granting access to any personal information.
We will retain your child’s information for as long as their account is active or as needed to provide them services. If you wish to cancel your child’s account or request that we no longer use that information to provide them services, please contact us or email us email@example.com. We will retain and use their information as necesasry to comply with our legal obligations, resolve disputes, and enforce our agreements. If we make material changes to how we use Personal Information collected from children under age 13, we will notify parents by email in order to obtain verifiable parental consent for the new uses of the child's Personal Information.
8. Data security and integrity
The security, integrity and confidentiality of your information are extremely important to us. We have implemented technical, administrative and physical security measures that are designed to protect personal information from unauthorized access, disclosure, use and modification. However you also play an important part in protection your information. It is important that you do choose a password that is not easy for others to guess and that you do not share your passwords.
From time to time, we review our security procedures to consider appropriate new technology and methods. All external transfers that contain personal information are done using encrypted technology. Please be aware though that, despite our best efforts, no security measures are perfect or impenetrable.
Information in regards to credit card details is handled by approved service providers that are in compliance with the PCI (Payment Card Industry) standards and have appropriate safeguards setup.
Should you notice any flaws or concerns in our security please do not hesitate and contact us or email us firstname.lastname@example.org. Should the Camellia Café website experience a data breach and your information be involved, we will contact you if there is a risk of your data being misused and if we are legally obliged to do so. In some instances the Camellia Café website will also be legally obliged to contact (data protection) authorities when a breach of privacy information occurs.
9. Data transfers, storage and processing globally
Wherever your personal information is transferred, stored or processed by us or by companies carrying out such services on our behalf, we will take reasonable steps to safeguard the privacy of your personal information.
Additionally, when using or disclosing personal information we abide by our Binding Corporate Rules, when these become effective.
The Binding Corporate Rules provide the highest security to you when it comes to how your information is processed.
11. Contact information