Skip to main content

    LimeSpot Privacy Policy

    Last Updated: May 10, 2024

    LimeSpot Solutions Inc. ("LimeSpot", "we", "us", or "our") is committed to protecting the privacy of shoppers ("Shoppers") while providing personalized shopping experiences. We process personal information from our store clients' ("Store Clients") Shoppers to provide product recommendations and market intelligence. However, our output is restricted to aggregated, non-identifying data. We will not sell, rent, lease, or share Shopper information except as permitted by this Privacy Policy. This Privacy Policy is subject to and incorporated into our Customer Terms of Service.

    This Privacy Policy is based on five key principles:

    • Transparency: Store Clients must notify Shoppers that LimeSpot processes their data as described in this Privacy Policy.
    • Consent: Store Clients must obtain informed Shopper consent for data processing by LimeSpot.
    • Accountability: Store Clients must provide means for Shoppers to inquire about personal data and withdraw consent through LimeSpot or our Data Protection Officer.
    • Security: LimeSpot maintains secure data storage and transfer methods.
    • Breaches: LimeSpot notifies Store Clients of any security breaches or unauthorized processing.

    Our Relationship to Our Clients and Their Shoppers

    LimeSpot provides services to contracted Store Clients. We collect information at Shoppers' direction through Store Clients' platforms. LimeSpot relies on Store Clients to obtain informed consent and provide privacy policy access.

    Shoppers may use third-party platforms (such as Facebook or Google) to access store sites. None of a Shopper's personal information is copied by or transferred to LimeSpot from any third-party platform in this circumstance.

    LimeSpot cannot be held responsible if Store Clients fail to obtain proper consent or comply with data protection laws.

    How We Collect Shopper Information

    From Store Platforms: LimeSpot collects information through installed plugins or APIs as Shoppers interact with store sites, including product interests, order history, and browsing behavior.

    Through Third-Party Platforms and CRM: Shoppers may authenticate using third-party services or store CRM systems. Information collected varies based on privacy settings with those platforms.

    The Types of Information We May Collect

    LimeSpot collects two categories of information:

    Personally-Identifying Information ("PII"): Information uniquely associated with an identifiable Shopper, including age, gender, location, email, phone number, and sometimes IP address.

    Non-Personally Identifying Information ("NPII"): Information not identifying specific Shoppers, such as store details, product collections, non-identifying order information, age ranges, geographical associations, shopping behavior, and aggregated or anonymized data derived from PII.

    How We Use and Disclose Information

    LimeSpot will not sell, rent, lease, share, or disclose information unless consent is provided, information is anonymized, or disclosure is legally required.

    By accepting this policy, Shoppers authorize LimeSpot to use their information as follows:

    Performance of Services: Use PII and NPII to fulfill stated purposes, assess shopping patterns, and create Shopper profiles. We may combine Shopper data across stores (without sharing PII between stores) and use information to improve our products and services.

    Third-Party Platform Services: Push non-identifying shopping preference information to platforms like Facebook or Google for customized advertising. LimeSpot does not receive PII from these platforms. We also use authentication services provided by third parties.

    Third-Party Service Providers: Engage other companies for data storage and analysis tasks. These providers access only necessary information for their functions.

    Business Transfer: In mergers, acquisitions, or asset sales, Shopper information transfers as a business asset but remains subject to this policy unless Shoppers consent otherwise.

    How We Use Cookies and Other Technologies

    LimeSpot and Store Clients use "cookies," pixel tags, and web beacons to track Shopper behavior, measure advertisement effectiveness, and generate recommendations. Personal information collected through these technologies is treated as PII under this policy.

    We use cookies to remember personal information across visits, combine information across different stores (without sharing PII between stores), and improve services. For example, knowing a Shopper's country and language enables customized experiences, while knowing product interests helps deliver relevant advertising and recommendations.

    How We Keep Your Information Secure

    LimeSpot implements reasonable security measures both online and offline. Only employees with confidentiality obligations access Shopper PII.

    Internet transmissions use SSL encryption. Shopper information is pseudonymized and rendered as NPII. We maintain redundant systems and conduct routine security assessments.

    However, no method of transmission over the Internet, or method of electronic storage, is 100% secure.

    LimeSpot notifies Store Clients of unauthorized access or disclosure. Store Clients must inform affected Shoppers as required by law.

    Contact: [email protected]

    Storage and Transfer of Your Information

    Shopper information may be transferred to, stored, and processed in the United States, Europe, or Canada. LimeSpot uses Microsoft's Azure platform data centers. Microsoft is Privacy Shield certified. Canada provides adequate data protection recognition.

    Storage Duration for PII:

    LimeSpot removes Shopper PII upon:

    • Shopper request via the Shopper Rights Access Portal
    • Store Client request or Shopper consent withdrawal notice
    • Shopper objection to PII processing received in writing
    • Discovery of unlawful PII collection
    • Request from supervisory or legal authorities with proper authorization

    Storage for NPII not identifying Shoppers is indefinite.

    Shoppers' Rights

    Transparency: Full disclosure of information processing and purposes through this policy.

    Accountability and DPO: Shoppers may contact our Data Protection Officer ([email protected]) regarding information collected by LimeSpot through Store Clients. LimeSpot may forward concerns to relevant Store Clients. Shoppers may lodge complaints with applicable supervisory authorities. European Shoppers note that LimeSpot, as a non-controller, need not have a European representative, but applicable Store Clients may if required by law.

    Access, Rectification, and Deletion: Shoppers may request PII erasure through Store Clients or directly via [email protected]. Rectification requests should also be directed to [email protected].

    Breaches: LimeSpot notifies Store Clients of breaches involving PII, providing details on breach nature, the DPO contact, possible consequences, and mitigation measures taken.

    Changes to this Privacy Policy

    LimeSpot reserves the right to modify this policy at any time. Store Clients and Shoppers should review the policy periodically. The current policy applies to all PII about Shoppers using LimeSpot-enabled platforms unless otherwise stated.

    Questions and Concerns

    This policy is subject to British Columbia provincial law and applicable Canadian federal law.

    For privacy concerns: [email protected]

    For policy questions: [email protected]

    Related Documents: Terms of Service | Acceptable Use Policy