John Stapel Autograph Collection

Pri­va­cy Pol­i­cy

John Stapel

We respect your pri­va­cy and are com­mit­ted to pro­tect­ing it through our com­pli­ance with this pri­va­cy pol­i­cy (“Pol­i­cy”). This Pol­i­cy describes the types of infor­ma­tion we may col­lect from you or that you may pro­vide (“Per­son­al Infor­ma­tion”) on the johnstapel.com/home/ web­site (“Web­site” or “Ser­vice”) and any of its relat­ed prod­ucts and ser­vices (col­lec­tive­ly, “Ser­vices”), and our prac­tices for col­lect­ing, using, main­tain­ing, pro­tect­ing, and dis­clos­ing that Per­son­al Infor­ma­tion. It also describes the choic­es avail­able to you regard­ing our use of your Per­son­al Infor­ma­tion and how you can access and update it.

This Pol­i­cy is a legal­ly bind­ing agree­ment between you (“User”, “you” or “your”) and John Stapel Auto­graph Col­lec­tion (“John Stapel Auto­graph Col­lec­tion”, “we”, “us” or “our”). If you are enter­ing into this agree­ment on behalf of a busi­ness or oth­er legal enti­ty, you rep­re­sent that you have the author­i­ty to bind such enti­ty to this agree­ment, in which case the terms “User”, “you” or “your” shall refer to such enti­ty. If you do not have such author­i­ty, or if you do not agree with the terms of this agree­ment, you must not accept this agree­ment and may not access and use the Web­site and Ser­vices. By access­ing and using the Web­site and Ser­vices, you acknowl­edge that you have read, under­stood, and agree to be bound by the terms of this Pol­i­cy. This Pol­i­cy does not apply to the prac­tices of com­pa­nies that we do not own or con­trol, or to indi­vid­u­als that we do not employ or man­age.

Collection of personal information

You can access and use the Web­site and Ser­vices with­out telling us who you are or reveal­ing any infor­ma­tion by which some­one could iden­ti­fy you as a spe­cif­ic, iden­ti­fi­able indi­vid­ual. If, how­ev­er, you wish to use some of the fea­tures offered on the Web­site, you may be asked to pro­vide cer­tain Per­son­al Infor­ma­tion (for exam­ple, your name and e‑mail address).

We receive and store any infor­ma­tion you know­ing­ly pro­vide to us when you make a pur­chase, or fill any forms on the Web­site. When required, this infor­ma­tion may include the fol­low­ing:

  • Con­tact infor­ma­tion (such as email address, phone num­ber, etc)
  • Pay­ment infor­ma­tion (such as cred­it card details, bank details, etc)

You can choose not to pro­vide us with your Per­son­al Infor­ma­tion, but then you may not be able to take advan­tage of some of the fea­tures on the Web­site. Users who are uncer­tain about what infor­ma­tion is manda­to­ry are wel­come to con­tact us.

Privacy of children

We do not know­ing­ly col­lect any Per­son­al Infor­ma­tion from chil­dren under the age of 18. If you are under the age of 18, please do not sub­mit any Per­son­al Infor­ma­tion through the Web­site and Ser­vices. If you have rea­son to believe that a child under the age of 18 has pro­vid­ed Per­son­al Infor­ma­tion to us through the Web­site and Ser­vices, please con­tact us to request that we delete that child’s Per­son­al Infor­ma­tion from our Ser­vices.

We encour­age par­ents and legal guardians to mon­i­tor their children’s Inter­net usage and to help enforce this Pol­i­cy by instruct­ing their chil­dren nev­er to pro­vide Per­son­al Infor­ma­tion through the Web­site and Ser­vices with­out their per­mis­sion. We also ask that all par­ents and legal guardians over­see­ing the care of chil­dren take the nec­es­sary pre­cau­tions to ensure that their chil­dren are instruct­ed to nev­er give out Per­son­al Infor­ma­tion when online with­out their per­mis­sion.

Use and processing of collected information

We act as a data con­troller and a data proces­sor in terms of the GDPR when han­dling Per­son­al Infor­ma­tion, unless we have entered into a data pro­cess­ing agree­ment with you in which case you would be the data con­troller and we would be the data proces­sor.

Our role may also dif­fer depend­ing on the spe­cif­ic sit­u­a­tion involv­ing Per­son­al Infor­ma­tion. We act in the capac­i­ty of a data con­troller when we ask you to sub­mit your Per­son­al Infor­ma­tion that is nec­es­sary to ensure your access and use of the Web­site and Ser­vices. In such instances, we are a data con­troller because we deter­mine the pur­pos­es and means of the pro­cess­ing of Per­son­al Infor­ma­tion and we com­ply with data con­trollers’ oblig­a­tions set forth in the GDPR.

We act in the capac­i­ty of a data proces­sor in sit­u­a­tions when you sub­mit Per­son­al Infor­ma­tion through the Web­site and Ser­vices. We do not own, con­trol, or make deci­sions about the sub­mit­ted Per­son­al Infor­ma­tion, and such Per­son­al Infor­ma­tion is processed only in accor­dance with your instruc­tions. In such instances, the User pro­vid­ing Per­son­al Infor­ma­tion acts as a data con­troller in terms of the GDPR.

In order to make the Web­site and Ser­vices avail­able to you, or to meet a legal oblig­a­tion, we may need to col­lect and use cer­tain Per­son­al Infor­ma­tion. If you do not pro­vide the infor­ma­tion that we request, we may not be able to pro­vide you with the request­ed prod­ucts or ser­vices. Any of the infor­ma­tion we col­lect from you may be used for the fol­low­ing pur­pos­es:

  • Ful­fill and man­age orders
  • Run and oper­ate the Web­site and Ser­vices

Pro­cess­ing your Per­son­al Infor­ma­tion depends on how you inter­act with the Web­site and Ser­vices, where you are locat­ed in the world and if one of the fol­low­ing applies: (i) you have giv­en your con­sent for one or more spe­cif­ic pur­pos­es; this, how­ev­er, does not apply, when­ev­er the pro­cess­ing of Per­son­al Infor­ma­tion is sub­ject to Cal­i­for­nia Con­sumer Pri­va­cy Act or Euro­pean data pro­tec­tion law; (ii) pro­vi­sion of infor­ma­tion is nec­es­sary for the per­for­mance of an agree­ment with you and/or for any pre-con­trac­tu­al oblig­a­tions there­of; (iii) pro­cess­ing is nec­es­sary for com­pli­ance with a legal oblig­a­tion to which you are sub­ject; (iv) pro­cess­ing is relat­ed to a task that is car­ried out in the pub­lic inter­est or in the exer­cise of offi­cial author­i­ty vest­ed in us; (v) pro­cess­ing is nec­es­sary for the pur­pos­es of the legit­i­mate inter­ests pur­sued by us or by a third par­ty.

We rely on per­son­al infor­ma­tion is already pub­licly avail­able as a legal base as defined in the GDPR upon which we col­lect and process your Per­son­al Infor­ma­tion.

Note that under some leg­is­la­tions we may be allowed to process infor­ma­tion until you object to such pro­cess­ing by opt­ing out, with­out hav­ing to rely on con­sent or any oth­er of the legal bases above. In any case, we will be hap­py to clar­i­fy the spe­cif­ic legal basis that applies to the pro­cess­ing, and in par­tic­u­lar whether the pro­vi­sion of Per­son­al Infor­ma­tion is a statu­to­ry or con­trac­tu­al require­ment, or a require­ment nec­es­sary to enter into a con­tract.

Payment processing

In case of Ser­vices requir­ing pay­ment, you may need to pro­vide your cred­it card details or oth­er pay­ment account infor­ma­tion, which will be used sole­ly for pro­cess­ing pay­ments. We use third-par­ty pay­ment proces­sors (“Pay­ment Proces­sors”) to assist us in pro­cess­ing your pay­ment infor­ma­tion secure­ly.

Pay­ment Proces­sors adhere to the lat­est secu­ri­ty stan­dards as man­aged by the PCI Secu­ri­ty Stan­dards Coun­cil, which is a joint effort of brands like Visa, Mas­ter­Card, Amer­i­can Express and Dis­cov­er. Sen­si­tive and pri­vate data exchange hap­pens over a SSL secured com­mu­ni­ca­tion chan­nel and is encrypt­ed and pro­tect­ed with dig­i­tal sig­na­tures, and the Web­site and Ser­vices are also in com­pli­ance with strict vul­ner­a­bil­i­ty stan­dards in order to cre­ate as secure of an envi­ron­ment as pos­si­ble for Users. We will share pay­ment data with the Pay­ment Proces­sors only to the extent nec­es­sary for the pur­pos­es of pro­cess­ing your pay­ments, refund­ing such pay­ments, and deal­ing with com­plaints and queries relat­ed to such pay­ments and refunds.

Please note that the Pay­ment Proces­sors may col­lect some Per­son­al Infor­ma­tion from you, which allows them to process your pay­ments (e.g., your email address, address, cred­it card details, and bank account num­ber) and han­dle all the steps in the pay­ment process through their sys­tems, includ­ing data col­lec­tion and data pro­cess­ing. The Pay­ment Proces­sors’ use of your Per­son­al Infor­ma­tion is gov­erned by their respec­tive pri­va­cy poli­cies which may or may not con­tain pri­va­cy pro­tec­tions as pro­tec­tive as this Pol­i­cy. We sug­gest that you review their respec­tive pri­va­cy poli­cies.

Disclosure of information

Depend­ing on the request­ed Ser­vices or as nec­es­sary to com­plete any trans­ac­tion or pro­vide any Ser­vice you have request­ed, we may share your infor­ma­tion with our affil­i­ates, con­tract­ed com­pa­nies, and ser­vice providers (col­lec­tive­ly, “Ser­vice Providers”) we rely upon to assist in the oper­a­tion of the Web­site and Ser­vices avail­able to you and whose pri­va­cy poli­cies are con­sis­tent with ours or who agree to abide by our poli­cies with respect to Per­son­al Infor­ma­tion. We will not share any per­son­al­ly iden­ti­fi­able infor­ma­tion with third par­ties and will not share any infor­ma­tion with unaf­fil­i­at­ed third par­ties.

Ser­vice Providers are not autho­rized to use or dis­close your infor­ma­tion except as nec­es­sary to per­form ser­vices on our behalf or com­ply with legal require­ments. Ser­vice Providers are giv­en the infor­ma­tion they need only in order to per­form their des­ig­nat­ed func­tions, and we do not autho­rize them to use or dis­close any of the pro­vid­ed infor­ma­tion for their own mar­ket­ing or oth­er pur­pos­es.

Retention of information

We will retain and use your Per­son­al Infor­ma­tion for the peri­od nec­es­sary until the pur­chase order or Ser­vices are ful­filled, to enforce our agree­ments, resolve dis­putes, and unless a longer reten­tion peri­od is required or per­mit­ted by law.

We may use any aggre­gat­ed data derived from or incor­po­rat­ing your Per­son­al Infor­ma­tion after you update or delete it, but not in a man­ner that would iden­ti­fy you per­son­al­ly. Once the reten­tion peri­od expires, Per­son­al Infor­ma­tion shall be delet­ed. There­fore, the right to access, the right to era­sure, the right to rec­ti­fi­ca­tion, and the right to data porta­bil­i­ty can­not be enforced after the expi­ra­tion of the reten­tion peri­od.

Transfer of information

Depend­ing on your loca­tion, data trans­fers may involve trans­fer­ring and stor­ing your infor­ma­tion in a coun­try oth­er than your own. How­ev­er, this will not include coun­tries out­side the Euro­pean Union and Euro­pean Eco­nom­ic Area. If any such trans­fer takes place, you can find out more by check­ing the rel­e­vant sec­tions of this Pol­i­cy or inquire with us using the infor­ma­tion pro­vid­ed in the con­tact sec­tion.

Data protection rights under the GDPR

If you are a res­i­dent of the Euro­pean Eco­nom­ic Area (“EEA”), you have cer­tain data pro­tec­tion rights and we aim to take rea­son­able steps to allow you to cor­rect, amend, delete, or lim­it the use of your Per­son­al Infor­ma­tion. If you wish to be informed what Per­son­al Infor­ma­tion we hold about you and if you want it to be removed from our sys­tems, please con­tact us. In cer­tain cir­cum­stances, you have the fol­low­ing data pro­tec­tion rights:

(i) You have the right to with­draw con­sent where you have pre­vi­ous­ly giv­en your con­sent to the pro­cess­ing of your Per­son­al Infor­ma­tion. To the extent that the legal basis for our pro­cess­ing of your Per­son­al Infor­ma­tion is con­sent, you have the right to with­draw that con­sent at any time. With­draw­al will not affect the law­ful­ness of pro­cess­ing before the with­draw­al.

(ii) You have the right to learn if your Per­son­al Infor­ma­tion is being processed by us, obtain dis­clo­sure regard­ing cer­tain aspects of the pro­cess­ing, and obtain a copy of your Per­son­al Infor­ma­tion under­go­ing pro­cess­ing.

(iii) You have the right to ver­i­fy the accu­ra­cy of your infor­ma­tion and ask for it to be updat­ed or cor­rect­ed. You also have the right to request us to com­plete the Per­son­al Infor­ma­tion you believe is incom­plete.

(iv) You have the right to object to the pro­cess­ing of your infor­ma­tion if the pro­cess­ing is car­ried out on a legal basis oth­er than con­sent. Where Per­son­al Infor­ma­tion is processed for the pub­lic inter­est, in the exer­cise of an offi­cial author­i­ty vest­ed in us, or for the pur­pos­es of the legit­i­mate inter­ests pur­sued by us, you may object to such pro­cess­ing by pro­vid­ing a ground relat­ed to your par­tic­u­lar sit­u­a­tion to jus­ti­fy the objec­tion.

(v) You have the right, under cer­tain cir­cum­stances, to restrict the pro­cess­ing of your Per­son­al Infor­ma­tion. These cir­cum­stances include: the accu­ra­cy of your Per­son­al Infor­ma­tion is con­test­ed by you and we must ver­i­fy its accu­ra­cy; the pro­cess­ing is unlaw­ful, but you oppose the era­sure of your Per­son­al Infor­ma­tion and request the restric­tion of its use instead; we no longer need your Per­son­al Infor­ma­tion for the pur­pos­es of pro­cess­ing, but you require it to estab­lish, exer­cise or defend your legal claims; you have object­ed to pro­cess­ing pend­ing the ver­i­fi­ca­tion of whether our legit­i­mate grounds over­ride your legit­i­mate grounds. Where pro­cess­ing has been restrict­ed, such Per­son­al Infor­ma­tion will be marked accord­ing­ly and, with the excep­tion of stor­age, will be processed only with your con­sent or for the estab­lish­ment, to exer­cise or defense of legal claims, for the pro­tec­tion of the rights of anoth­er nat­ur­al, or legal per­son or for rea­sons of impor­tant pub­lic inter­est.

(vi) You have the right, under cer­tain cir­cum­stances, to obtain the era­sure of your Per­son­al Infor­ma­tion from us. These cir­cum­stances include: the Per­son­al Infor­ma­tion is no longer nec­es­sary in rela­tion to the pur­pos­es for which it was col­lect­ed or oth­er­wise processed; you with­draw con­sent to con­sent-based pro­cess­ing; you object to the pro­cess­ing under cer­tain rules of applic­a­ble data pro­tec­tion law; the pro­cess­ing is for direct mar­ket­ing pur­pos­es; and the per­son­al data have been unlaw­ful­ly processed. How­ev­er, there are exclu­sions of the right to era­sure such as where pro­cess­ing is nec­es­sary: for exer­cis­ing the right of free­dom of expres­sion and infor­ma­tion; for com­pli­ance with a legal oblig­a­tion; or for the estab­lish­ment, to exer­cise or defense of legal claims.

(vii) You have the right to receive your Per­son­al Infor­ma­tion that you have pro­vid­ed to us in a struc­tured, com­mon­ly used, and machine-read­able for­mat and, if tech­ni­cal­ly fea­si­ble, to have it trans­mit­ted to anoth­er con­troller with­out any hin­drance from us, pro­vid­ed that such trans­mis­sion does not adverse­ly affect the rights and free­doms of oth­ers.

(viii) You have the right to com­plain to a data pro­tec­tion author­i­ty about our col­lec­tion and use of your Per­son­al Infor­ma­tion. If you are not sat­is­fied with the out­come of your com­plaint direct­ly with us, you have the right to lodge a com­plaint with your local data pro­tec­tion author­i­ty. For more infor­ma­tion, please con­tact your local data pro­tec­tion author­i­ty in the EEA. This pro­vi­sion is applic­a­ble pro­vid­ed that your Per­son­al Infor­ma­tion is processed by auto­mat­ed means and that the pro­cess­ing is based on your con­sent, on a con­tract which you are part of, or on pre-con­trac­tu­al oblig­a­tions there­of.

California privacy rights

Con­sumers resid­ing in Cal­i­for­nia are afford­ed cer­tain addi­tion­al rights with respect to their Per­son­al Infor­ma­tion under the Cal­i­for­nia Con­sumer Pri­va­cy Act (“CCPA”). If you are a Cal­i­for­nia res­i­dent, this sec­tion applies to you.

In addi­tion to the rights as explained in this Pol­i­cy, Cal­i­for­nia res­i­dents who pro­vide Per­son­al Infor­ma­tion as defined in the statute to obtain Ser­vices for per­son­al, fam­i­ly, or house­hold use are enti­tled to request and obtain from us, once a cal­en­dar year, infor­ma­tion about the cat­e­gories and spe­cif­ic pieces of Per­son­al Infor­ma­tion we have col­lect­ed and dis­closed.

Fur­ther­more, Cal­i­for­nia res­i­dents have the right to request dele­tion of their Per­son­al Infor­ma­tion or opt-out of the sale of their Per­son­al Infor­ma­tion which may include sell­ing, dis­clos­ing, or trans­fer­ring Per­son­al Infor­ma­tion to anoth­er busi­ness or a third par­ty for mon­e­tary or oth­er valu­able con­sid­er­a­tion. To do so, sim­ply con­tact us. We will not dis­crim­i­nate against you if you exer­cise your rights under the CCPA.

How to exercise your rights

Any requests to exer­cise your rights can be direct­ed to us through the con­tact details pro­vid­ed in this doc­u­ment. Please note that we may ask you to ver­i­fy your iden­ti­ty before respond­ing to such requests. Your request must pro­vide suf­fi­cient infor­ma­tion that allows us to ver­i­fy that you are the per­son you are claim­ing to be or that you are the autho­rized rep­re­sen­ta­tive of such per­son. If we receive your request from an autho­rized rep­re­sen­ta­tive, we may request evi­dence that you have pro­vid­ed such an autho­rized rep­re­sen­ta­tive with pow­er of attor­ney or that the autho­rized rep­re­sen­ta­tive oth­er­wise has valid writ­ten author­i­ty to sub­mit requests on your behalf.

You must include suf­fi­cient details to allow us to prop­er­ly under­stand the request and respond to it. We can­not respond to your request or pro­vide you with Per­son­al Infor­ma­tion unless we first ver­i­fy your iden­ti­ty or author­i­ty to make such a request and con­firm that the Per­son­al Infor­ma­tion relates to you.

Cookies

Our Web­site and Ser­vices use “cook­ies” to help per­son­al­ize your online expe­ri­ence. A cook­ie is a text file that is placed on your hard disk by a web page serv­er. Cook­ies can­not be used to run pro­grams or deliv­er virus­es to your com­put­er. Cook­ies are unique­ly assigned to you, and can only be read by a web serv­er in the domain that issued the cook­ie to you. If you choose to decline cook­ies, you may not be able to ful­ly expe­ri­ence the fea­tures of the Web­site and Ser­vices.

We may use cook­ies to col­lect, store, and track infor­ma­tion for secu­ri­ty and per­son­al­iza­tion, to oper­ate the Web­site and Ser­vices, and for sta­tis­ti­cal pur­pos­es. Please note that you have the abil­i­ty to accept or decline cook­ies. Most web browsers auto­mat­i­cal­ly accept cook­ies by default, but you can mod­i­fy your brows­er set­tings to decline cook­ies if you pre­fer.

Cloud­flare 
Our web­site uses the ser­vices of Cloud­flare Inc. (USA) for secure encrypt­ed data trans­mis­sion on the Inter­net (SSL), to improve world­wide web­site per­for­mance through the Cloudlflare Con­tent Deliv­ery Net­work (CDN) and to improve secu­ri­ty and pro­tec­tion against hack­er attacks through the Cloud­flare Web Appli­ca­tion Fire­wall (WAF). It is pos­si­ble that Cloud­flare uses its own cook­ies to pro­vide these ser­vices. With Cloud­flare a cor­re­spond­ing GDPR-com­pli­ant con­tract for com­mis­sioned data pro­cess­ing exists. More detailed infor­ma­tion about GDPR and Cloud­flare can be found on the GDPR pages of Cloud­flare: www.cloudflare.com/de-de/gdpr/introduction/ 

b.a) What is Cloud­flare? 

A Con­tent Deliv­ery Net­work (CDN), as pro­vid­ed by Cloud­flare, is noth­ing more than a net­work of servers con­nect­ed via the Inter­net. Cloud­flare has dis­trib­uted such servers all over the world to bring web­sites faster to your screen. Sim­ply put, Cloud­flare makes copies of our web­site and places them on their own servers. When you vis­it our web­site now, a load bal­anc­ing sys­tem ensures that the major­i­ty of our web­site is deliv­ered from the serv­er that can dis­play our web­site the fastest. The dis­tance of the data trans­fer to your brows­er is con­sid­er­ably short­ened by a CDN. Thus the con­tent of our web­site is deliv­ered to you by Cloud­flare not only from our host­ing serv­er, but from servers all over the world. The use of Cloud­flare is espe­cial­ly help­ful for users from abroad, because here the page can be deliv­ered from a serv­er near­by. Besides the fast deliv­ery of web­sites Cloud­flare also offers var­i­ous secu­ri­ty ser­vices like DDoS pro­tec­tion or the Web Appli­ca­tion Fire­wall. 

b.b) Why we use Cloud­flare on our web­site? 

Of course we want to offer you the best pos­si­ble ser­vice with our web­site. Cloud­flare helps us to make our web­site faster and more secure. Cloud­flare offers us web opti­miza­tions as well as secu­ri­ty ser­vices such as DDoS pro­tec­tion and web fire­wall. This includes a reverse proxy and the con­tent dis­tri­b­u­tion net­work (CDN). Cloud­flare blocks threats and lim­its abu­sive bots and crawlers that waste our band­width and serv­er resources. By stor­ing our web­site in local data cen­ters and block­ing spam soft­ware, Cloud­flare allows us to reduce our band­width usage by about 60%. Deliv­er­ing con­tent from a data cen­ter near you and some web opti­miza­tions per­formed there reduces the aver­age load­ing time of a web­site by about half. Accord­ing to Cloud­flare, the set­ting “I’m Under Attack Mode” can be used to mit­i­gate fur­ther attacks by dis­play­ing a JavaScript cal­cu­la­tion task that must be solved before a user can access a web page. Over­all, this makes our web­site much more pow­er­ful and less sus­cep­ti­ble to spam or oth­er attacks. 

b.c) Which data is stored by Cloud­flare? 

Cloud­flare gen­er­al­ly only for­wards those data that are con­trolled by web­site oper­a­tors. The con­tents are there­fore not deter­mined by Cloud­flare, but always by the web­site oper­a­tor him­self. In addi­tion, Cloud­flare may col­lect cer­tain infor­ma­tion about the use of our web­site and process data that is sent by us or for which Cloud­flare has received appro­pri­ate instruc­tions. In most cas­es, cloud­flare receives data such as con­tact infor­ma­tion, IP address­es, secu­ri­ty fin­ger­prints, DNS pro­to­col data and per­for­mance data for web pages derived from brows­er activ­i­ty. For exam­ple, log data helps cloud­flare to detect new threats. So Cloud­flare can guar­an­tee a high secu­ri­ty pro­tec­tion for our web­site. Cloud­flare process­es these data with­in the frame­work of the ser­vices in com­pli­ance with the applic­a­ble laws. This nat­u­ral­ly includes the Gen­er­al Data Pro­tec­tion Reg­u­la­tion (GDPR). 

For secu­ri­ty rea­sons Cloud­flare also uses a cook­ie. The cook­ie (__cfduid) is used to iden­ti­fy indi­vid­ual users behind a shared IP address and to apply secu­ri­ty set­tings for each indi­vid­ual user. This cook­ie is very use­ful, for exam­ple, if you use our web­site from a loca­tion where there are a num­ber of infect­ed com­put­ers. How­ev­er, if your com­put­er is trust­wor­thy, we can rec­og­nize this by the cook­ie. So you can surf through our web­site unhin­dered, despite infect­ed PCs in the area. It is also impor­tant to know that this cook­ie does not store any per­son­al data. This cook­ie is essen­tial for the cloud­flare secu­ri­ty fea­tures and can­not be dis­abled. 

Cloud­flare also works togeth­er with third par­ty providers. They may only process per­son­al data under instruc­tions from Cloud­flare and in accor­dance with the pri­va­cy pol­i­cy and oth­er con­fi­den­tial­i­ty and secu­ri­ty mea­sures. Cloud­flare will not pass on any per­son­al data with­out our explic­it con­sent.  

Cook­ies from Cloud­flare: 

  • “__cfduid” Expiry time: 1 month – Use: Used to iden­ti­fy indi­vid­ual users behind a shared IP address 

b.d) How long and where is the data stored?  

Cloud­flare stores your infor­ma­tion main­ly in the USA and the Euro­pean Eco­nom­ic Area. Cloud­flare can trans­mit and access the above described infor­ma­tion from all over the world. In gen­er­al, Cloud­flare stores user-lev­el data for domains in the Free, Pro and Busi­ness ver­sions for less than 24 hours. 

b.e) How can I delete my data or pre­vent data stor­age? 

Cloud­flare keeps data logs only as long as nec­es­sary and in most cas­es these data are delet­ed with­in 24 hours. Cloud­flare also does not store any per­son­al data, such as your IP address. How­ev­er, there is infor­ma­tion that Cloud­flare stores indef­i­nite­ly as part of its per­ma­nent logs to improve the over­all per­for­mance of Cloud­flare Resolver and to iden­ti­fy any secu­ri­ty risks. You can find out exact­ly which per­ma­nent logs are saved at developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/privacy-policy/. All data that Cloud­flare col­lects (tem­po­rary or per­ma­nent) will be cleaned from all per­son­al data. All per­ma­nent logs are also anonymized by Cloud­flare. 

Cloud­flare will men­tion in your pri­va­cy pol­i­cy that they are not respon­si­ble for the con­tent they receive. For exam­ple, if you ask Cloud­flare whether they can update or delete your con­tent, Cloud­flare always refers to us as the web­site oper­a­tor. You can also com­plete­ly pre­vent the entire col­lec­tion and pro­cess­ing of your data by Cloud­flare by deac­ti­vat­ing the exe­cu­tion of script code in your brows­er or by includ­ing a script block­er in your brows­er. 

Cloud­flare is an active par­tic­i­pant in the EU‑U.S. Pri­va­cy Shield Frame­work which reg­u­lates the cor­rect and secure trans­fer of per­son­al data. You can find more infor­ma­tion on www.privacyshield.gov/participant. 

 

Do Not Track signals

Some browsers incor­po­rate a Do Not Track fea­ture that sig­nals to web­sites you vis­it that you do not want to have your online activ­i­ty tracked. Track­ing is not the same as using or col­lect­ing infor­ma­tion in con­nec­tion with a web­site. For these pur­pos­es, track­ing refers to col­lect­ing per­son­al­ly iden­ti­fi­able infor­ma­tion from con­sumers who use or vis­it a web­site or online ser­vice as they move across dif­fer­ent web­sites over time. How browsers com­mu­ni­cate the Do Not Track sig­nal is not yet uni­form. As a result, the Web­site and Ser­vices are not yet set up to inter­pret or respond to Do Not Track sig­nals com­mu­ni­cat­ed by your brows­er. Even so, as described in more detail through­out this Pol­i­cy, we lim­it our use and col­lec­tion of your Per­son­al Infor­ma­tion. For a descrip­tion of Do Not Track pro­to­cols for browsers and mobile devices or to learn more about the choic­es avail­able to you, vis­it internetcookies.com

Social media features

Our Web­site and Ser­vices may include social media fea­tures, such as the Face­book and Twit­ter but­tons, Share This but­tons, etc (col­lec­tive­ly, “Social Media Fea­tures”). These Social Media Fea­tures may col­lect your IP address, what page you are vis­it­ing on our Web­site and Ser­vices, and may set a cook­ie to enable Social Media Fea­tures to func­tion prop­er­ly. Social Media Fea­tures are host­ed either by their respec­tive providers or direct­ly on our Web­site and Ser­vices. Your inter­ac­tions with these Social Media Fea­tures are gov­erned by the pri­va­cy pol­i­cy of their respec­tive providers.

Links to other resources

The Web­site and Ser­vices con­tain links to oth­er resources that are not owned or con­trolled by us. Please be aware that we are not respon­si­ble for the pri­va­cy prac­tices of such oth­er resources or third par­ties. We encour­age you to be aware when you leave the Web­site and Ser­vices and to read the pri­va­cy state­ments of each and every resource that may col­lect Per­son­al Infor­ma­tion.

Information security

We secure infor­ma­tion you pro­vide on com­put­er servers in a con­trolled, secure envi­ron­ment, pro­tect­ed from unau­tho­rized access, use, or dis­clo­sure. We main­tain rea­son­able admin­is­tra­tive, tech­ni­cal, and phys­i­cal safe­guards in an effort to pro­tect against unau­tho­rized access, use, mod­i­fi­ca­tion, and dis­clo­sure of Per­son­al Infor­ma­tion in our con­trol and cus­tody. How­ev­er, no data trans­mis­sion over the Inter­net or wire­less net­work can be guar­an­teed.

There­fore, while we strive to pro­tect your Per­son­al Infor­ma­tion, you acknowl­edge that (i) there are secu­ri­ty and pri­va­cy lim­i­ta­tions of the Inter­net which are beyond our con­trol; (ii) the secu­ri­ty, integri­ty, and pri­va­cy of any and all infor­ma­tion and data exchanged between you and the Web­site and Ser­vices can­not be guar­an­teed; and (iii) any such infor­ma­tion and data may be viewed or tam­pered with in tran­sit by a third par­ty, despite best efforts.

As the secu­ri­ty of Per­son­al Infor­ma­tion depends in part on the secu­ri­ty of the device you use to com­mu­ni­cate with us and the secu­ri­ty you use to pro­tect your cre­den­tials, please take appro­pri­ate mea­sures to pro­tect this infor­ma­tion.

Data breach

In the event we become aware that the secu­ri­ty of the Web­site and Ser­vices has been com­pro­mised or Users’ Per­son­al Infor­ma­tion has been dis­closed to unre­lat­ed third par­ties as a result of exter­nal activ­i­ty, includ­ing, but not lim­it­ed to, secu­ri­ty attacks or fraud, we reserve the right to take rea­son­ably appro­pri­ate mea­sures, includ­ing, but not lim­it­ed to, inves­ti­ga­tion and report­ing, as well as noti­fi­ca­tion to and coop­er­a­tion with law enforce­ment author­i­ties. In the event of a data breach, we will make rea­son­able efforts to noti­fy affect­ed indi­vid­u­als if we believe that there is a rea­son­able risk of harm to the User as a result of the breach or if notice is oth­er­wise required by law. When we do, we will post a notice on the Web­site.

Changes and amendments

We reserve the right to mod­i­fy this Pol­i­cy or its terms relat­ed to the Web­site and Ser­vices at any time at our dis­cre­tion. When we do, we will post a noti­fi­ca­tion on the main page of the Web­site. We may also pro­vide notice to you in oth­er ways at our dis­cre­tion, such as through the con­tact infor­ma­tion you have pro­vid­ed.

An updat­ed ver­sion of this Pol­i­cy will be effec­tive imme­di­ate­ly upon the post­ing of the revised Pol­i­cy unless oth­er­wise spec­i­fied. Your con­tin­ued use of the Web­site and Ser­vices after the effec­tive date of the revised Pol­i­cy (or such oth­er act spec­i­fied at that time) will con­sti­tute your con­sent to those changes. How­ev­er, we will not, with­out your con­sent, use your Per­son­al Infor­ma­tion in a man­ner mate­ri­al­ly dif­fer­ent than what was stat­ed at the time your Per­son­al Infor­ma­tion was col­lect­ed.

Acceptance of this policy

You acknowl­edge that you have read this Pol­i­cy and agree to all its terms and con­di­tions. By access­ing and using the Web­site and Ser­vices and sub­mit­ting your infor­ma­tion you agree to be bound by this Pol­i­cy. If you do not agree to abide by the terms of this Pol­i­cy, you are not autho­rized to access or use the Web­site and Ser­vices.

Contacting us

If you have any ques­tions regard­ing the infor­ma­tion we may hold about you or if you wish to exer­cise your rights, you may use the fol­low­ing data sub­ject request form to sub­mit your request:

Sub­mit a data access request

If you have any oth­er ques­tions, con­cerns, or com­plaints regard­ing this Pol­i­cy, we encour­age you to con­tact us using the details below:

https://johnstapel.com/contact/

We will attempt to resolve com­plaints and dis­putes and make every rea­son­able effort to hon­or your wish to exer­cise your rights as quick­ly as pos­si­ble and in any event, with­in the timescales pro­vid­ed by applic­a­ble data pro­tec­tion laws.

This doc­u­ment was last updat­ed on May 19, 2023

  • Any questions? Feel free to contact us!
Contact us now
  • © 2024 John Stapel Autograph Collection
  • Cookie-Settings
Change privacy settings
Privacy settings history
Revoke consents
WordPress Cookie Plugin by Real Cookie Banner