Home » Privacy Policy

Capacity Privacy Policy

Effective date: October 18, 2023

At Capacity LLC, Capacity MidWest LLC and Capacity West LLC, (collectively “Capacity”, ”we”, “us”, “our”), we are committed to protecting your privacy and the confidentiality of your personal and financial information. We collect and use personal data only as it might be needed for us to deliver order fulfillment and warehouse distribution services (“Services”). Your personal data includes information such as:
• Name
• Address(es)
• Telephone number(s)
• Email address(es)
• Other data collected that could directly or indirectly identify you

Our Privacy Policy provides you with details about how and what data we collect, and how and why we use your personal data. It also describes options we provide for you to access, update or otherwise take control of your personal data that we process.  If at any time you have questions about our Privacy Policy or any of your rights described below, you may contact us at privacy@capacityLLC.com.

We understand that in using our Services, you will provide to us personal data regarding your customers. This data remains under your sole control. We only process this data in accordance with your instructions. This is explained in further detail below.

This policy is intended to help you understand:
• What information we collect about you
• How we use the information we collect
• How we share information we collect
• How we secure, store and retain your data
• How you can access, update or delete your data
• How we transfer information we collect internationally
• How you can access, update or delete your data
• Other important privacy information

What information we collect about you

We collect information so that we can provide the best possible experience when you use our Services.

Personal data is collected directly from you when you:
(1) utilize any of our Services (e.g., customer information, including name, shipping address, telephone number and personal email address;
(2) request assistance from our customer support team (e.g., email address); or
(3) complete contact forms or request other information from us (e.g., email). We also collect additional information when delivering our Services to you to ensure necessary and optimal performance.

These methods of collection may not be as obvious to you, so we wanted to highlight and explain what these might be (as they vary from time to time), and how they work.

Account and profile information

We collect information in association with your use of our Services, such as standard information relating to your information requests, and any customer service requests and notes or details explaining what you asked for and how we responded.

Data about usage of services

This is automatically collected when you use and interact with our Services, including metadata, log files, cookie/device IDs and location information. This information includes specific data about your interactions with the features, content and links (including those of third-parties, such as social media plugins) contained within the Services, Internet Protocol (IP) address, browser type and settings, the date and time the Services were used, information about browser configuration and plugins, language preferences and cookie data, information about devices accessing the Services, including type of device, what operating system is used, device settings, application IDs, unique device identifiers and error data, and some of this data collected might be capable of and be used to approximate your location.

Information we receive from other sources

We may receive data about you from other sources, including publicly available databases or third parties from whom we have purchased data, in which case we may combine this data with information we already have about you so that we can update, expand and analyze the accuracy of our records, identify new customers, and provide products and services that may be of interest to you. If you provide us personal information about others, or if others give us your information, we will only use that information for the specific reason for which it was provided to us.

Cookies

We do use cookies, but we do not tie the cookies to any personal information that you provide to us. You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of our service may become inaccessible or not function properly.

Website analytics

We use web analytics tools provided by service partners such as Google Analytics to collect information about how you interact with our website including what pages you visit, what site you visited prior to visiting our website, how much time you spend on each page, what operating system and web browser you use and network and IP information. We use the information provided by these tools to improve our Services. These tools place persistent cookies in your browser to identify you as a unique user the next time you visit our website. Each cookie cannot be used by anyone other than the service provider (ex: Google for Google Analytics).

The information collected from the cookie may be transmitted to and stored by these service partners on servers in a country other than the country in which you reside. Though information collected does not include personal data such as name, address, shipping information, etc., the information collected is used and shared by these service providers in accordance with their individual privacy policies.

How we use the information we collect

Our policy is to minimize the data we collect and limit its use and purpose to only that (1) for which we have been given permission, (2) as necessary to deliver the Services you engage with us, or (3) as we might be required or permitted for legal compliance or other lawful purposes.

These uses include:
TO PROVIDE SERVICES AND PERSONALIZE YOUR EXPERIENCE 
We collect various information relating to your purchase, use and/or interactions with our Services. We utilize this information to:
• Improve and optimize the user experience, operation and performance of our services
• Diagnose problems with and identify and security risks, errors or needed upgrades to the services;
• Detect and prevent fraud and abuse of our Services and systems;
• Collect aggregate statistics about use of the Services.

Our Services also include tailored features that personalize your experience, enhance your productivity, and improve your ability to collaborate effectively with others. In most cases, statistical data about how individuals use our Services is not linked to any personal data. To the extent it comprises personal data, or is linked or linkable to personal data, we treat it accordingly.

TO COMMUNICATE WITH YOU ABOUT OUR SERVICES
We may contact you directly or through a third party service provider regarding our Services in order to deliver transactional or service-related communications.

We may also contact you with offers for additional services we think you’ll find valuable where allowed based upon legitimate interests or otherwise with your consent. You don’t need to provide consent as a condition to purchase our goods or services. These contacts may include:
• Email
• Telephone calls

If you make use of our Service to import contacts (ex. using email marketing services to send emails on your behalf), we will only use the contacts and any other personal information to provide the requested service.

If you believe that anyone has provided us with your personal information and you would like to request that it be removed from our database, please contact us at privacy@capacityLLC.com. For more information about processing third-party data please see below.

How we share information we collect

Except as described below, we do not share any of your personal data with third parties. We only share your personal data as necessary for any third party to provide the services as requested or as needed on our behalf. These third parties (and any subcontractors) are subject to strict data processing terms and conditions and are prohibited from utilizing, sharing or retaining your personal data for any purpose other than as they have been specifically contracted for (or without your consent).

Compliance with legal, regulatory and law enforcement requests

We cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We will disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (such as subpoena requests), to protect our property and rights or the property and rights of a third party, to protect the safety of the public or any person, or to prevent or stop activity we consider to be illegal or unethical.

To the extent we are legally permitted to do so, we will take reasonable steps to notify you in the event that we are required to provide your personal information to third parties as part of legal process.

How we secure, store and retain your data

We have put in place security measures to prevent your personal data from being accidentally lost, used, altered, disclosed, or accessed without authorization. We also allow access to your personal data only to those employees and partners who have a business need to know such data. They will only process your personal data on our instructions and they must keep it confidential. We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach if we are legally required to.

We retain personal data only for as long as necessary to provide the Services you have requested and thereafter for a variety of legitimate legal or business purposes.

These might include retention periods:
• mandated by law, contract or similar obligations applicable to our business operations;
• for preserving, resolving, defending or enforcing our legal/contractual rights; or
• needed to maintain adequate and accurate business and financial records.

You can help maintain the security of your personal data by keeping your passwords and account information private. Remember, you, not Capacity, is responsible for ensuring that no unauthorized person has access to your password or account information. In addition, you need to implement appropriate security measures for the third party data you store when you use our Services (see below).

Your customers’ personal data

You use our Services to store, transmit and process data regarding your customers. It is you, not Capacity who decides the reasons why such data is collected, how it is collected, and how it is to be used.

Capacity does not review, share, distribute, or reference any such data except as directed by you and in accordance with your agreement with Capacity, or as may be required by applicable law. Nothing in this Privacy Policy in anyway amends the terms and conditions applicable to your use of the Services. You are solely responsible for the personal data that you collect and process using our Services and for compliance with applicable data protection laws.

Our responsibility is to comply with the terms of our agreement with you. You are responsible for maintaining the security and confidentiality of your accounts and access to our Services.

Capacity operates in the role of a GDPR Data Processor. We collect and process information under the direction of our business Clients who act in the capacity of Data Controllers.  We provide our Services under your direction. We have no direct relationship with the individuals whose personal data you control while using our Services. If any of your customers or clients contact Capacity with concerns regarding their personal data, they will be directed to contact you.

By signing up to use our Services, you have agreed that the personal data of your customers may be transferred by us to third parties who help to provide our Services. Any such transfers are made in accordance with the terms of the agreements between us.

California Privacy Rights

California law provides that California residents have a right to request businesses to tell them how their personal information has been shared, if at all, with third parties for the third parties’ direct marketing purposes.

While Capacity does not collect or share or personal information, you are still welcome to contact us at privacy@capacityLLC.com to submit a formal request and receive a formal response.

For EU, UK and Swiss Individuals:
Data Privacy Framework Notice for Personal Data Transfers to the United States

Capacity complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Capacity has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. 

Capacity has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  

To learn more about the Data Privacy Framework program, and to view our certification page, please visit https://www.dataprivacyframework.gov

With respect to personal data received or transferred pursuant to the Data Privacy Framework, Capacity is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. 

Pursuant to the Data Privacy Framework, EU, UK and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States.

Upon request, we will provide you with access to the personal information that we hold about you. You may correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Data Privacy Framework, should direct their query to privacy@capacityLLC.com. If requested to remove data, we will respond within a reasonable timeframe.

We will provide an individual opt-out or opt-in choice before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to privacy@capacityLLC.com.

In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Capacity’s accountability for personal data that it receives in the United States under the Data Privacy Framework and subsequently transfers to a third party is described in the Data Privacy Framework Principles. In particular, Capacity remains responsible and liable under the Data Privacy Framework Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless Capacity proves that it is not responsible for the event giving rise to the damage.

In compliance with the Data Privacy Framework Principles, Capacity commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Data Privacy Framework Program.

European Union, UK and Swiss individuals with Data Privacy Framework inquiries or complaints should first contact Capacity by email at to privacy@capacityLLC.com or via mail at:
Capacity 1112 Corporate Road, North Brunswick, NJ 08902

Capacity has further committed to refer unresolved privacy complaints under the Data Privacy Framework Principles to an independent dispute resolution mechanism designating JAMS as our ADR provider under the EU-U.S. Data Privacy Framework Program for the European Commission’s Directive on Data Protection.

If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://www.jamsadr.com/file-a-dpf-claim for more information and to file a complaint. This service is provided free of charge to you.

Capacity has further committed to refer unresolved privacy complaints under the Data Privacy Framework Principles to an independent dispute resolution mechanism designating JAMS as our ADR provider under EU-U.S. Data Privacy Framework Program for the European Commission’s Directive on Data Protection.

If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://www.jamsadr.com/ for more information and to file a complaint. This service is provided free of charge to you. for more information and to file a complaint. This service is provided free of charge to you.

for more information and to file a complaint. This service is provided free of charge to you. for more information and to file a complaint. This service is provided free of charge to you.

If your Data Privacy Framework complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Data Privacy Framework Annex 1 at: https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf

How you can access, update or delete your data

It is very important that the information we hold about you is accurate and up to date. To easily access, view, update, delete or port your personal data (where available), please contact our Client Services team at help@capacityLLC.com. You can also email us at any time if your personal information changes, or you want to opt-out of email communication to: privacy@capacityLLC.com.

If you make a request to delete your personal data and that data is necessary for the Services you engage with us, the request will be honored only to the extent it is no longer necessary for any Services or required for our legitimate business, legal or contractual record keeping requirements.

How we transfer information we collect internationally
Transfer of personal data abroad

If you utilize our Services from a country other than the country where our servers are located, your communications with us may result in transferring your personal data across international borders. Also, when you call us or initiate a chat, we may provide you with support from a location outside your country of origin. In these cases, your personal data is handled according to this Privacy Policy.

Disclosures of your personal data

We may have to share your personal data with the parties set out below:
• Service providers who provide IT and system administration services.
• Government bodies that require us to report processing activities.
• Third parties to whom we may sell, transfer, or merge parts of our business or our assets.

We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.

INTERNATIONAL

Countries outside of the European Economic Area (EEA) do not always offer the same levels of protection to your personal data, so European law has prohibited transfers of personal data outside of the EEA unless the transfer meets certain criteria. Many of our third parties service providers are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.

Whenever we transfer your personal data out of the EEA, we do our best to ensure a similar degree of security of data by ensuring at least one of the following safeguards is in place:
• We will only transfer your personal data to countries that the European Commission have approved as providing an adequate level of protection for personal data by; or
• Where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal data the same protection it has in Europe; or
• If we use US-based providers that are part of EU-U.S. Data Privacy Framework, we may transfer data to them, as they have equivalent safeguards in place.

EU GENERAL DATA PROTECTION REGULATION (GDPR) COMPLIANCE

Customers of Capacity who are located in the European Economic Area (EEA), and customers of Capacity no matter where located, who process personal data of EEA residents should note the following:
• This Privacy Policy is designed to comply with the GDPR;
• Capacity is only a Data Processor, not a Data Collector; and
• Capacity does not have an “establishment” in the EEA.

You may also have the right to make a GDPR complaint to the relevant Supervisory Authority. A list of Supervisory Authorities is available here: http://ec.europa.eu/justice/dataprotection/bodies/authorities/index_en.htm.  

If you need further assistance regarding your rights, please contact us using the contact information provided below and we will consider your request in accordance with applicable law. In some cases, our ability to uphold these rights for you may depend upon our obligations to process personal information for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request.

Other important privacy information

Third-party links

Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.

Changes in our Privacy Policy

We reserve the right to modify this Privacy Policy at any time. If we decide to change our Privacy Policy, we will post those changes to this Privacy Policy and any other places we deem appropriate, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If we make material changes to this Privacy Policy, we will notify you here, by email, or by means of a notice on our home page, at least thirty (30) days prior to the implementation of the changes.

Age Restrictions

Our Services are available for purchase only for those over the age of 18. Our Services are not targeted to, intended to be consumed by or designed to entice individuals under the age of 18. If you know of or have reason to believe anyone under the age of 18 has provided us with any personal data, please contact us.

Contact Us

If you have any questions, concerns or complaints about this Privacy Policy, please contact us by email at: privacy@capacityLLC.com.
In the alternative, you may contact us by either of the following means:
By mail: Capacity, 1112 Corporate Road, North Brunswick, NJ 08902 – Attn: Legal Department
By phone: (732) 745-7770