Table of Contents:
- Data Collection
- Data Usage
- Data Storage
- Data Protection Rights
- Cookies
- Other Website Privacy Policies
- CCPA, GDPR, PIPEDA and Compliance with Laws
- Security
- Privacy Policy Changes
- Contact us
- Privacy Complaints
Data Collection
You provide Candle with all of the data that we collect.
Candle collects Personal Data (name, email, company) and application data from you. You are not permitted to collect data of persons under age eighteen (18) using our products or services. We collect and process data when you:
- Register online or order our products or services.
- Use or view our website.
- Use Candle products or services.
Data Usage
We use your data to:
- Manage your account.
- Optimize our products and services.
We do not sell your data to any third parties. In order to provide services, we may disclose your information to third party service providers to meet our business needs.
Data Storage
We store your data in a private third-party cloud platform. We will delete your personal information when it is no longer reasonably required. Click here for more information.
Data Protection Rights
Your data protection rights include the following, under certain conditions:
- access to copies of your personal data, subject to a potential fee.
- correction or completion of personal data.
- erasure of personal data.
- restriction of processing.
- objection to processing.
- data portability to another organization or to you.
If you make a request, we will respond as required by law. If you would like to exercise any of your rights, please contact us at our email: privacy@candle.dev
Cookies
Cookies are placed on your computer to collect visitor log and behavioral analytics. When you visit our websites, we may collect information through cookies, web beacons, or similar technology. For further information, visit allaboutcookies.org.
Candle uses cookies to improve your browsing experience, including:
- Keeping you signed in.
- Understanding how you use our website.
There are different types of cookies, but our website only uses first-party and third-party cookies to recognize and remember your preferences, such as language and location. You can set your browser not to accept cookies, and the above website tells you how to remove cookies. However, some website features may not function as a result.
Other Web Site Privacy policies
The Candle website contains links to other websites. Our privacy policy applies only to our websites, so if you click on a link to another website, their privacy policy applies.
CCPA, GDPR, PIPEDA and Compliance with Laws
All of your data is stored on servers located in the United States of America. We comply with CCPA, GDPR, PIPEDA and all other applicable laws. We are also registered under the US Data Privacy Framework Program. Our Data Processing Addendum detailing our security measures can be accessed here.
If you are an individual in the European Economic Area (EEA), we collect and process information about you only where we have legal bases for doing so under applicable EU laws.
Security
We implement security measures that comply with applicable laws and industry standards.
Privacy Policy Changes
Candle regularly reviews its Privacy Policy and updates any changes here.
Contact us
If you have any questions about Candle's privacy policy, or you would like to exercise your data protection rights, please contact us via email at privacy@candle.dev.
Privacy Complaints
Candle complies with the EU-U.S. Data Privacy Framework program (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework program (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Candle has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Candle has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework program Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
In compliance with the EU-US Data Privacy Framework Principles, Candle commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the DPF Principles. European Union, Swiss and United Kingdom individuals with DPF inquiries or complaints should first contact Candle by mail or email as follows:
Attn. Privacy
Candle Corporation
800 Battery Avenue SE, Suite 100
Atlanta, Georgia, 30339
Email: privacy@candle.dev
Pursuant to the EU-US Data Privacy Framework Principles, EU, UK, and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under the EU-US Data Privacy Framework, should direct their query to privacy@candle.dev. If requested to remove data, we will respond within a reasonable timeframe.
We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to privacy@candle.dev.
In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Candle has further committed to refer unresolved privacy complaints under the DPF Principles to an independent dispute resolution mechanism, Data Privacy Framework Services, operated by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/programs/all-programs/dpf-consumers/ProcessForConsumers for more information and to file a complaint. This service is provided free of charge to you.
If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/G-Arbitration-Procedures-dpf?tabset-35584=2.