At Capacity LLC and Capacity West LLC, (collectively “Capacity”, ”we”, “us”, “our”), we are committed to protecting your privacy and the confidentiality of your personal and financial information.
We collect and use personal data only as it might be needed for us to deliver order fulfillment and warehouse distribution services (“Services”).
Your personal data includes information customer information such as:
- Telephone number(s)
- Email address(es)
- Other data collected that could directly or indirectly identify you.
We understand that in using our Services, you will provide to us personal data regarding your customers. This data remains under your sole control. We only process this data in accordance with your instructions. This is explained in further detail below.
This policy is intended to help you understand:
- What information we collect about you
- How we use the information we collect
- How we share information we collect
- How we secure, store and retain your data
- How you can access, update or delete your data
- How we transfer information we collect internationally
- Other important privacy information
What information we collect about you
We collect information so that we can provide the best possible experience when you use our Services.
Personal data is collected directly from you when you:
(1) utilize any of our Services (e.g., customer information, including name, shipping address, telephone number and personal email address;
(2) request assistance from our customer support team (e.g., email address); or
(3) complete contact forms or request other information from us (e.g., email). We also collect additional information when delivering our Services to you to ensure necessary and optimal performance.
These methods of collection may not be as obvious to you, so we wanted to highlight and explain what these might be (as they vary from time to time), and how they work.
Account and profile information
We collect information in association with your use of our Services, such as standard information relating to your information requests, and any customer service requests and notes or details explaining what you asked for and how we responded.
Data about usage of services
This is automatically collected when you use and interact with our Services, including metadata, log files, cookie/device IDs and location information. This information includes specific data about your interactions with the features, content and links (including those of third-parties, such as social media plugins) contained within the Services, Internet Protocol (IP) address, browser type and settings, the date and time the Services were used, information about browser configuration and plugins, language preferences and cookie data, information about devices accessing the Services, including type of device, what operating system is used, device settings, application IDs, unique device identifiers and error data, and some of this data collected might be capable of and be used to approximate your location.
Information we receive from other sources
We may receive data about you from other sources, including publicly available databases or third parties from whom we have purchased data, in which case we may combine this data with information we already have about you so that we can update, expand and analyze the accuracy of our records, identify new customers, and provide products and services that may be of interest to you. If you provide us personal information about others, or if others give us your information, we will only use that information for the specific reason for which it was provided to us.
We use web analytics tools provided by service partners such as Google Analytics to collect information about how you interact with our website including what pages you visit, what site you visited prior to visiting our website, how much time you spend on each page, what operating system and web browser you use and network and IP information. We use the information provided by these tools to improve our Services. These tools place persistent cookies in your browser to identify you as a unique user the next time you visit our website. Each cookie cannot be used by anyone other than the service provider (ex: Google for Google Analytics).
The information collected from the cookie may be transmitted to and stored by these service partners on servers in a country other than the country in which you reside. Though information collected does not include personal data such as name, address, shipping information, etc., the information collected is used and shared by these service providers in accordance with their individual privacy policies.
How we use the information we collect
Our policy is to minimize the data we collect and limit its use and purpose to only that (1) for which we have been given permission, (2) as necessary to deliver the Services you engage with us, or (3) as we might be required or permitted for legal compliance or other lawful purposes.
These uses include:
TO PROVIDE SERVICES AND PERSONALIZE YOUR EXPERIENCE
We collect various information relating to your purchase, use and/or interactions with our Services. We utilize this information to:
- Improve and optimize the user experience, operation and performance of our Services;
- Diagnose problems with and identify any security risks, errors, or needed upgrades to the Services;
- Detect and prevent fraud and abuse of our Services and systems;
- Collect aggregate statistics about use of the Services.
Our Services also include tailored features that personalize your experience, enhance your productivity, and improve your ability to collaborate effectively with others. In most cases, statistical data about how individuals use our Services is not linked to any personal data. To the extent it comprises personal data, or is linked or linkable to personal data, we treat it accordingly.
TO COMMUNICATE WITH YOU ABOUT OUR SERVICES
We may contact you directly or through a third party service provider regarding our Services in order to deliver transactional or service-related communications.
We may also contact you with offers for additional services we think you’ll find valuable where allowed based upon legitimate interests or otherwise with your consent. You don’t need to provide consent as a condition to purchase our goods or services. These contacts may include:
- Telephone calls
If you make use of our Service to import contacts (ex. using email marketing services to send emails on your behalf), we will only use the contacts and any other personal information to provide the requested service.
If you believe that anyone has provided us with your personal information and you would like to request that it be removed from our database, please contact us at privacy@capacityLLC.com. For more information about processing third-party data please see below.
How we share information we collect
Except as described below, we do not share any of your personal data with third parties. We only share your personal data as necessary for any third party to provide the services as requested or as needed on our behalf. These third parties (and any subcontractors) are subject to strict data processing terms and conditions and are prohibited from utilizing, sharing or retaining your personal data for any purpose other than as they have been specifically contracted for (or without your consent).
Compliance with legal, regulatory and law enforcement requests
We cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We will disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (such as subpoena requests), to protect our property and rights or the property and rights of a third party, to protect the safety of the public or any person, or to prevent or stop activity we consider to be illegal or unethical.
To the extent we are legally permitted to do so, we will take reasonable steps to notify you in the event that we are required to provide your personal information to third parties as part of legal process.
How we secure, store and retain your data
We have put in place security measures to prevent your personal data from being accidentally lost, used, altered, disclosed, or accessed without authorization. We also allow access to your personal data only to those employees and partners who have a business need to know such data. They will only process your personal data on our instructions and they must keep it confidential. We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach if we are legally required to.
We retain personal data only for as long as necessary to provide the Services you have requested and thereafter for a variety of legitimate legal or business purposes.
These might include retention periods:
- mandated by law, contract or similar obligations applicable to our business operations;
- for preserving, resolving, defending or enforcing our legal/contractual rights; or
- needed to maintain adequate and accurate business and financial records.
You can help maintain the security of your personal data by keeping your passwords and account information private. Remember, you, not Capacity, is responsible for ensuring that no unauthorized person has access to your password or account information. In addition, you need to implement appropriate security measures for the third party data you store when you use our Services (see below).
Your customers’ personal data
You use our Services to store, transmit and process data regarding your customers. It is you, not Capacity who decides the reasons why such data is collected, how it is collected, and how it is to be used.
Our responsibility is to comply with the terms of our agreement with you. You are responsible for maintaining the security and confidentiality of your accounts and access to our Services.
Capacity operates in the role of a GDPR Data Processor. We collect and process information under the direction of our business Clients who act in the capacity of Data Controllers. We provide our Services under your direction. We have no direct relationship with the individuals whose personal data you control while using our Services. If any of your customers or clients contact Capacity with concerns regarding their personal data, they will be directed to contact you.
By signing up to use our Services, you have agreed that the personal data of your customers may be transferred by us to third parties who help to provide our Services. Any such transfers are made in accordance with the terms of the agreements between us.
California Privacy Rights
California law provides that California residents have a right to request businesses to tell them how their personal information has been shared, if at all, with third parties for the third parties’ direct marketing purposes.
While Capacity does not collect or share or personal information, you are still welcome to contact us at privacy@capacityLLC.com to submit a formal request and receive a formal response.
For EU and Swiss Individuals:
Privacy Shield Notice for Personal Data Transfers to the United States
Capacity complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland transferred to the United States pursuant to Privacy Shield.
To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Capacity is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.
Pursuant to the Privacy Shield Frameworks, EU and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States.
Upon request, we will provide you with access to the personal information that we hold about you. You may correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to privacy@capacityLLC.com. If requested to remove data, we will respond within a reasonable timeframe.
We will provide an individual opt-out or opt-in choice before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to privacy@capacityLLC.com.
In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Capacity’s accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Capacity remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless Capacity proves that it is not responsible for the event giving rise to the damage.
In compliance with the Privacy Shield Principles, Capacity commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield.
European Union and Swiss individuals with Privacy Shield inquiries or complaints should first contact Capacity by email at to privacy@capacityLLC.com or via mail at:
Capacity 1112 Corporate Road, North Brunswick, NJ 08902
Capacity has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus.
If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at: https://www.privacyshield.gov/article?id=ANNEX-I-introduction
How you can access, update or delete your data
It is very important that the information we hold about you is accurate and up to date. To easily access, view, update, delete or port your personal data (where available), please contact our Client Services team at help@capacityLLC.com.
You can also email us at any time if your personal information changes, or you want to opt-out of email communication to: privacy@capacityLLC.com.
If you make a request to delete your personal data and that data is necessary for the Services you engage with us, the request will be honored only to the extent it is no longer necessary for any Services or required for our legitimate business, legal or contractual record keeping requirements.
How we transfer information we collect internationally
Transfer of personal data abroad
Disclosures of your personal data
We may have to share your personal data with the parties set out below:
- Service providers who provide IT and system administration services.
- Government bodies that require us to report processing activities.
- Third parties to whom we may sell, transfer, or merge parts of our business or our assets.
We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.
Countries outside of the European Economic Area (EEA) do not always offer the same levels of protection to your personal data, so European law has prohibited transfers of personal data outside of the EEA unless the transfer meets certain criteria. Many of our third parties service providers are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.
Whenever we transfer your personal data out of the EEA, we do our best to ensure a similar degree of security of data by ensuring at least one of the following safeguards is in place:
- We will only transfer your personal data to countries that the European Commission have approved as providing an adequate level of protection for personal data by; or
- Where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal data the same protection it has in Europe; or
- If we use US-based providers that are part of EU-US Privacy Shield, we may transfer data to them, as they have equivalent safeguards in place.
EU GENERAL DATA PROTECTION REGULATION (GDPR) COMPLIANCE
Customers of Capacity who are located in the European Economic Area (EEA), and customers of Capacity no matter where located, who process personal data of EEA residents should note the following:
- Capacity is only a Data Processor, not a Data Collector; and
- Capacity does not have an “establishment” in the EEA.
You may also have the right to make a GDPR complaint to the relevant Supervisory Authority. A list of Supervisory Authorities is available here: http://ec.europa.eu/justice/dataprotection/bodies/authorities/index_en.htm.
If you need further assistance regarding your rights, please contact us using the contact information provided below and we will consider your request in accordance with applicable law.
In some cases, our ability to uphold these rights for you may depend upon our obligations to process personal information for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request.
Other important privacy information
Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
Our Services are available for purchase only for those over the age of 18. Our Services are not targeted to, intended to be consumed by or designed to entice individuals under the age of 18. If you know of or have reason to believe anyone under the age of 18 has provided us with any personal data, please contact us.
In the alternative, you may contact us by either of the following means:
By mail: Capacity, 1112 Corporate Road, North Brunswick, NJ 08902 – Attn: Legal Department
By phone: (732) 745-7770