Privacy Policy

Effective date: January 1, 2020

Last Updated: March 11, 2020

The Last Coat LLC ("us", "we", or "our") operates the http://thelastcoat.com website (the "Service"). This page informs you of our policies regarding the collection, use, and disclosure of Personal Data when you use our Service and the choices you have associated with that data. We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms and Conditions, accessible from http://thelastcoat.com

PLEASE NOTE THE ARBITRATION PROVISION SET FORTH BELOW, WHICH, EXCEPT WHERE AND TO THE EXTENT PROHIBITED BY LAW, REQUIRES YOU TO ARBITRATE ANY CLAIMS YOU MAY HAVE AGAINST US ON AN INDIVIDUAL BASIS. ARBITRATION ON AN INDIVIDUAL BASIS MEANS THAT YOU WILL NOT HAVE, AND YOU WAIVE, THE RIGHT FOR A JUDGE OR JURY TO DECIDE YOUR CLAIMS, AND THAT YOU MAY NOT PROCEED IN A CLASS, CONSOLIDATED, OR REPRESENTATIVE CAPACITY.

Definitions

  • Personal Data: Personal data means data that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with an individual, household, or device.
  • Usage Data: Usage data is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
  • Cookies: Cookies are small pieces of data stored on a user’s device.
  • Data Controller: Data Controller means an entity that (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any Personal Data are, or are to be, processed. For the purpose of this Privacy Policy, we are a Data Controller of your data.
  • Data Processor (or Service Providers): A data processor (or service provider) is any entity (other than an employee of the Data Controller) that processes data on behalf of a data controller. We may use the services of various service providers in order to process your data more effectively.
  • Data Subject: A data subject is any living individual who is the subject of personal data.
  • User: The user is the individual using our Service. The user corresponds to the data subject, who is the subject of personal data.

Personal Data Collection

We collect several different types of information for various purposes to provide and improve our Service to you.  We may have collected the following Personal Data from users of our Service in the last 12 months:

Category of Personal Data

Source(s)

Purpose(s)

Disclosure to third parties

Identifiers, e.g., name, postal address, online identifier, Internet Protocol address, email address or account name

Directly from you

 

 

To fulfill or meet the reason you provided the information, e.g., to respond to an inquiry, process your order  or request

 

For marketing purposes

Disclosure for business purposes to: payment processors

 

Disclosure for administrative purposes to: third party service providers, such as background check providers in the event of an employment application, order fulfillment service providers, third party customer service providers

 

Disclosure for security purposes to: card authorization and fraud screening services

 

Disclosure for marketing purposes or to administer promotions: affiliates, strategic partners, agents, third party marketers

Private, non-public Personal Data contained in customer records, e.g., name, address, telephone number, bank account number, credit card number, debit card number, or any other payment and financial information

Directly from you

 

Indirectly from you (e.g., from observing your actions on our Service)

 

From third party service providers, such as a data analytics provider or lead generation providers

To fulfill or meet the reason you provided the information, e.g., to respond to an inquiry or process your order or inquiry

Disclosure for business purposes to: payment processors

 

Disclosure for administrative purposes to: third party service providers, such as order fulfillment service providers, third party customer service providers

 

Disclosure for security purposes to: card authorization and fraud screening services

Commercial information, e.g.,  records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies

Directly from you

 

From third party service providers, such as a data analytics provider or lead generation providers

To fulfill or meet the reason you provided the information, e.g., to respond to an inquiry or process your order

Disclosure for business purposes to: payment processors, lead vendors

Usage Data or other similar network activity, e.g., browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement

Indirectly from you (e.g., from observing your actions on our Service)

 

From third party service providers, such as a data analytics provider

To fulfill or meet the reason you provided the information, e.g., to provide targeted advertising

Sale to: advertising networks

 

Disclosure for business purposes to: internet service providers, payment processors; affiliates

Geolocation data, e.g., physical location or movements

Directly from you

 

From third party service providers, such as data analytics providers

To fulfill or meet the reason you provided the information, to improve our Services e.g., to respond to an inquiry, process your order, or provide targeted advertising

Disclosure for business purposes to: internet service providers, payment processors

Inferences drawn from other Personal Data, e.g., profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes

Directly from you

 

Indirectly from you (e.g., from observing your actions on our Service)

 

From third party service providers, such as a data analytics provider or lead generation providers

To fulfill or meet the reason you provided the information, e.g., to respond to an inquiry, process your order or request

Disclosure for business purposes to: internet service providers, payment processors, lead vendors

 

Examples of specific pieces of Personal Data we may collect include:

  • Email address
  • First name and last name
  • Phone number
  • Address, State, Province, ZIP/Postal code, City

Tracking & Cookies Data

Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service. We use these technologies to track the activity on our Service, collect, and hold certain information.  You can instruct your browser to refuse many cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service

Examples of Cookies we use:

  • Session Cookies. We use Session Cookies to operate our Service.

  • Preference Cookies. We use Preference Cookies to remember your preferences and various settings.

  • Security Cookies. We use Security Cookies for security purposes.

  • Google Analytics. Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network. You can opt-out of having made your activity on the Service available to Google Analytics by installing the Google Analytics opt-out browser add- on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: http://www.google.com/intl/en/policies/privacy/

  • Google AdWords. Google AdWords remarketing service is provided by Google Inc. You can opt-out of Google Analytics for Display Advertising and customize the Google Display Network ads by visiting the Google Ads Settings page: http://www.google.com/settings/ads. Google also recommends installing the Google Analytics Opt-out Browser Add-on - https://tools.google.com/dlpage/gaoptout - for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: http://www.google.com/intl/en/policies/privacy/

  • Facebook remarketing service is provided by Facebook Inc. You can learn more about interest-based advertising from Facebook by visiting this page: https://www.facebook.com/help/164968693837950. To opt-out from Facebook's interest-based ads follow these instructions from Facebook: https://www.facebook.com/help/568137493302217. Facebook adheres to the Self-Regulatory Principles for Online Behavioral Advertising established by the Digital Advertising Alliance. You can also opt-out from Facebook and other participating companies through the Digital Advertising Alliance in the USA http://www.aboutads.info/choices/, the Digital Advertising Alliance of Canada in Canada http://youradchoices.ca/ or the European Interactive Digital Advertising Alliance in Europe http://www.youronlinechoices.eu/, or opt-out using your mobile device settings. For more information on the privacy practices of Facebook, please visit Facebook's Data Policy: https://www.facebook.com/privacy/explanation

  • Targeted Advertising Cookies. We receive audience based data (such as pixel traffic and conversion data) from social media platform providers. There are several ways to manage cookies. Please check your browser and browser settings to determine where these types of cookies are stored and whether and how they may be deleted. The help portion of the toolbar on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable most cookies altogether. Please note that if cookies are disabled or removed, not all features of our Service will operate as intended.  If you wish to not have this information collected and used for interest-based advertising, you may opt-out by clicking here for partners that are located in the EU click here for Your online choices. If you wish to opt-out from this type of advertising for companies that participate in the Network Advertising Initiative, please click here to opt out of interest-based advertising. If you wish to opt-out from this type of advertising for companies that participate in the Digital Advertising Alliance (“DAA”), you can do so here. Please note that this does not opt you out of being served ads. You will continue to receive generic ads.  PLEASE NOTE THAT THIS POLICY DOES NOT COVER THE COLLECTION AND USE OF INFORMATION BY SUCH ADVERTISING COMPANIES.

 "Do Not Track" Signals

Some browsers incorporate a “Do Not Track” (DNT) feature that, when turned on, signals to websites and online services that you do not want to be tracked. A standard, accepted response to a DNT signal has not yet been developed. Therefore, we do not currently respond to DNT signals on this website or on websites where we provide advertisements, content, or other Services.

 Use of Data 

The Last Coat LLC uses the collected data for various purposes:

  • To provide and maintain our Service
  • To notify you about changes to our Service
  • To allow you to participate in interactive features of our Service when you choose to do so
  • To provide customer support
  • To gather analysis or valuable information so that we can improve our Service
  • To monitor the usage of our Service
  • To detect, prevent and address technical issues
  • To provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information

Retention of Data

The Last Coat LLC will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

The Last Coat LLC will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.

Disclosure & Sharing Of Personal Data

We may share or disclose your Personal Data in the following instances:

  • To complete your purchase. If you choose to make a purchase, we may collect from you your credit card number, billing address and other information related to such purchase, and we may use such collected information in order to fulfill your purchase. We may also provide such information, or other Personal Data provided by you, to unaffiliated third parties such as payment card processing companies as necessary to complete your purchase. Specifically, we may provide paid products and/or services within the Service. In that case, we use third-party services for payment processing (e.g. payment processors). We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your Personal Data is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information. The payment processors we work with are: Shopify Payments (Their Terms of Service can be viewed at https://www.shopify.com/legal/terms-payments-us) and Stripe Payments (Their Terms of Service can be viewed at https://www.shopify.com/legal/terms-payments-us).

  • To provide you with additional customer service. For example, if you ask us to provide you with additional information or to compare your purchased items with items available elsewhere, we may share your Personal Data with order fulfillment service providers in order to confirm your purchase and fulfill your request. In addition, if you email us a question, we may use your email address to process your request and respond to your question and we may use a third party customer service provider to help with customer service.

  • To unaffiliated third-party service providers, agents or independent contractors who help us maintain our Website and provide other administrative services to us (including, but not limited to, order processing and fulfillment, providing customer service, maintaining and analyzing data, sending customer communications on our behalf, and entry collection, winner selection and prize fulfillment for contests, sweepstakes and other promotions). We seek to ensure that these unaffiliated third parties will not use the Personal Data for any other purpose than to provide the administrative services for which they are responsible. Because such unaffiliated third-party service providers will have access to users’ Personal Data, if you do not wish for our unaffiliated third-party service providers to have access to your information, please do not register or submit any Personal Data to us. Personal Data may be shared with unaffiliated third-party services providers as follows:

  • To administer promotions. If you are entering a sweepstakes or contest, we may use your Personal Data in order to fulfill the terms of that promotion. This means that we may share the information with third parties for prize fulfillment purposes or mail carriers. We also may share your information with the co-sponsor of that promotion.

  • To complete a business transaction. If The Last Coat LLC is involved in a merger, acquisition or asset sale, your Personal Data may be transferred. We will provide notice before your Personal Data is transferred and becomes subject to a different Privacy Policy.

  • To comply with law enforcement.  Under certain circumstances, The Last Coat LLC may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

  • To comply with the law or in the good faith belief that such action is necessary in order to conform to the requirements of law. The Last Coat LLC may disclose your Personal Data in the good faith belief that such action is necessary to: (a) To comply with a legal obligation; (b) To protect and defend the rights or property of The Last Coat LLC or a customer; (c)  To prevent or investigate possible wrongdoing in connection with the Service; (d) To protect the personal safety of users of the Service or the public; and (e) To protect against legal liability

European Union, the European Economic Area, the United Kingdom and Switzerland Resident Privacy Rights

Legal Basis for Processing Personal Data Under General Data Protection Regulation (GDPR) 

If you are from the European Union, the European Economic Area, the United Kingdom or Switzerland, we provide some additional disclosures.  The Last Coat LLC legal basis for collecting and using the Personal Data described in this Privacy Policy depends on the Personal Data we collect and the specific context in which we collect it. 

We only collect or process your data based on the following legal bases:

  • Where the processing of your Personal Data is in our legitimate interests (such as to improve our products and services and the content of our websites, prevent fraud, and for administrative purposes as described in this Privacy Policy);
  • When we perform our obligations under a contract with you (for example, if you are a consumer we will use your Personal Data to carry out our obligations under the contract that we have with you);
  • When we have a legal obligation to do so (for example, to comply with the law or respond to legal process or lawful requests, including from law enforcement and government agencies); or
  • When we have your consent to use your Personal Data.

Individual Rights

Additionally, our users who are European Union, the European Economic Area, the United Kingdom or Switzerland residents also have certain rights.  These include the following:

  • Right to access
  • Right to rectification of personal data where data is incorrect or incomplete
  • Right of erasure (right to be forgotten), under certain circumstances
  • Right to complain to a supervisory authority
  • Additional rights applicable under certain circumstances
    • Portability
    • Withdraw consent at any time
    • Object to process (if based on legitimate interest)
    • Object to process for direct marketing

International Transfer Of Data

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

If you are located outside United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to United States and process it there.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer. 

You may revoke consent here: https://thelastcoat.com/tools/privacy

Data Security

The Last Coat LLC will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other Personal Data.  The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

Your Rights & Choices

The Last Coat LLC aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data. Whenever made possible, all users can update your Personal Data directly within your account settings section. If you are unable to update or access your Personal Data, please contact us to make the required changes.

If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us.  You may revoke consent of data usage and cookies here: https://thelastcoat.com/tools/privacy

 Additionally, some of our users have some additional rights under the law.

European Union, the European Economic Area, the United Kingdom and Switzerland Resident Privacy Rights. Under the GDPR, these residents have the right to:

  • To access and receive a copy of the Personal Data we hold about you
  • To rectify any Personal Data held about you that is inaccurate 
  • To request the deletion of Personal Data held about you
  • You have the right to data portability for the information you provide to The Last Coat (TLC). You can request to obtain a copy of your Personal Data in a commonly used electronic format so that you can manage and move it.

Please note that we may ask you to verify your identity before responding to such requests.

California Resident Privacy Rights. California residents have certain additional rights under the law.

California Civil Code Section 1798.83 permits Users who are California residents to request certain information regarding our disclosure of Personal Data to third parties for their direct marketing purposes. To make such a request, please contact us at the information provided below and reference “Shine the Light” in your subject line.

If you are a California resident, from January 1, 2020 you also have the following rights. To the extent that these rights apply to you, the following rights are provided:

  • You have the right to know and request information about the categories and specific pieces of Personal Data we have collected about you, as well as the categories of sources from which such information is collected, the purpose for collecting such information, and the categories of third parties with whom we share such information. You also have the right to know if we have sold or disclosed your Personal Data. You may also request a copy of the Personal Data we have collected.
  • You have the right to request information about our sale or disclosure for business purposes of your Personal Data to third parties.
  • You have the right to opt out of the sale of your Personal Data to third parties. Please note, we do not sell your Personal Data. 
  • You have the right to request the deletion of your Personal Data.
  • You have the right to not be discriminated against for exercising any of these rights.

If you would like to exercise one or more of the above rights, please contact us using the contact information provided below. If you are using email or the web form to contact us, please select “Data Subject Request” as your subject line, and explicitly state which of the rights, spelled out above, you are exercising in the comment portion of the form. You may also designate an authorized agent registered with the California Secretary of State to make a request on your behalf. The authorized agent must be registered by the California Secretary of State and must have written permission to submit requests on your behalf. Whenever feasible for verification, we will match the identifying information provided by you to the Personal Data already maintained by us. If, however, we cannot verify your identity from the information already maintained by us, we may request additional information. 

SMS/MMS MOBILE MESSAGING MARKETING PROGRAM

We respect your privacy. We will only use information you provide through the Program to transmit your mobile messages and respond to you, if necessary. This includes, but is not limited to, sharing information with platform providers, phone companies, and other vendors who assist us in the delivery of mobile messages. WE DO NOT SELL, RENT, LOAN, TRADE, LEASE, OR OTHERWISE TRANSFER FOR PROFIT ANY PHONE NUMBERS OR CUSTOMER INFORMATION COLLECTED THROUGH THE PROGRAM TO ANY THIRD PARTY. Nonetheless, We reserve the right at all times to disclose any information as necessary to satisfy any law, regulation or governmental request, to avoid liability, or to protect Our rights or property. When you complete forms online or otherwise provide Us information in connection with the Program, you agree to provide accurate, complete, and true information. You agree not to use a false or misleading name or a name that you are not authorized to use. If, in Our sole discretion, We believe that any such information is untrue, inaccurate, or incomplete, or you have opted into the Program for an ulterior purpose, We may refuse you access to the Program and pursue any appropriate legal remedies.

This Privacy Policy is strictly limited to the Program and has no effect on any other privacy policy(ies) that may govern the relationship between you and Us in other contexts. 

Links To Other Sites

Our Service may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

Children's Privacy

Our Service does not address anyone under the age of 18 ("Children"). We do not knowingly collect Personal Data from anyone under the age of 18. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

Dispute Resolution and Agreement to Arbitrate

Except where and to the extent prohibited by law, by using the Services, you and The Last Coat LLC agree that, if there is any controversy, claim, action, or dispute arising out of or related to your use of the Services or the breach, enforcement, interpretation, or validity of this Privacy Policy or any part of it (“Dispute”), both parties shall first try in good faith to settle such Dispute by providing written notice to the other party describing the facts and circumstances of the Dispute and allowing the receiving party 30 days in which to respond to or settle the Dispute. Notice shall be sent to:

  • The Last Coat, LLC 12636 High Bluff Drive Suite 400, PMB #11819, San Diego, CA 92130
  • You, at the address we have on file for you.

Both you and The Last Coat LLC agree that this dispute resolution procedure is a condition precedent that must be satisfied before initiating any litigation or filing any claim against the other party. IF ANY DISPUTE CANNOT BE RESOLVED BY THE ABOVE DISPUTE RESOLUTION PROCEDURE, YOU AGREE THAT THE SOLE AND EXCLUSIVE JURISDICTION FOR SUCH DISPUTE WILL BE DECIDED BY BINDING ARBITRATION ON AN INDIVIDUAL BASIS. ARBITRATION ON AN INDIVIDUAL BASIS MEANS THAT YOU WILL NOT HAVE, AND YOU WAIVE, THE RIGHT FOR A JUDGE OR JURY TO DECIDE YOUR CLAIMS, AND THAT YOU MAY NOT PROCEED IN A CLASS OR CONSOLIDATED CAPACITY. Other rights that you and we would otherwise have in court will not be available or will be more limited in arbitration, including discovery and appeal rights. All such disputes shall be exclusively submitted to JAMS (www.jamsadr.com) for binding arbitration under its rules then in effect, before one arbitrator to be mutually agreed upon by both parties.

The arbitrator, and not any federal, state, or local court or agency, shall have exclusive authority to resolve any dispute arising under or relating to the interpretation, applicability, enforceability, or formation of this Privacy Policy, including any claim that all or any part of this Privacy Policy is void or voidable.

Choice of Law

This Privacy Policy has been made in and shall be construed in accordance with the laws of California, without giving effect to any conflict of law principles. Any disputes or claims not subject to the arbitration provision discussed above shall be resolved by a court located in California and you agree and submit to the exercise of personal jurisdiction of such courts for the purpose of litigating any such claim or action.

Changes To This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Last Updated” date at the top of the page.  We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at contact@thelastcoat.com, by phone at 1-833-TLC-COAT (9 am - 5 pm PST, Monday to Friday) or through our webform at https://thelastcoat.com/pages/contact-us.

The Last Coat, LLC
Attn: Privacy Office
12636 High Bluff Drive Suite 400
PMB #11819
San Diego, CA 92130