The Swan Brothers

1. Information We Collect

We collect information you provide directly when you: create an account, place an order, contact customer support, or subscribe to our newsletter. This information may include:

Name, email address, phone number (office and cell), and mailing address
Professional information including school name, school district, and role at school
Gift preferences including size and gender/fit for complimentary items
Payment details (processed securely via third-party providers)
Order history and preferences
Communication records and customer service interactions

2. How We Use Your Information

We use the information collected to:

Process and fulfill your orders
Complete user onboarding and account setup
Provide personalized services based on your role and organization
Fulfill complimentary gift requests and preferences
Provide customer support and respond to inquiries
Send updates related to your orders and account
Improve our products, services, and website experience
Comply with legal and regulatory obligations

3. Information Sharing

We do not sell, trade, or rent your personal information to third parties. We may share your data only in the following limited circumstances:

With trusted service providers who assist in business operations (e.g., payment processors, shipping partners)
When required by law or to protect our legal rights
In connection with a merger, acquisition, or sale of assets

4. Data Security

We employ appropriate technical and organizational measures to safeguard your personal data from unauthorized access, alteration, disclosure, or destruction. However, no online transmission or storage method can be guaranteed to be completely secure.

5. Data Breach Notification

In the event of a data breach that compromises your personal information, we will notify affected users and relevant regulatory authorities within 72 hours of discovering the breach, in accordance with applicable state and federal laws. Notification will include a description of the breach, the types of information involved, and steps you can take to protect yourself.

6. Third-Party Services and Integrations

Authentication Services (Auth0)

We use Auth0 by Okta as our authentication service provider to securely manage user accounts and login processes. When you create an account or log in, Auth0 may collect and process:

Email address and basic profile information
Authentication credentials and session data
Login history and security events
Device and browser information for security purposes

Auth0's handling of your data is governed by their privacy policy and security standards. We automatically create user profiles and organizations in our system based on information provided by Auth0.

Design Processing and File Storage

When you submit design URLs for order processing, we:

Capture screenshots of your design URLs using automated browser tools
Store design images securely on Amazon Web Services (AWS S3) with public-read access for order processing
Retain design files and screenshots for the duration of your order plus 7 years for business records
May temporarily store design files locally during processing before uploading to secure cloud storage

Google Services

If you connect your Google account or use Google services through our platform, we handle your Google user data strictly in accordance with Google's Limited Use Policy, including:

Requesting only the minimum access necessary for functionality
Not using Google data for advertising purposes
Restricting human access to your data without your explicit consent or security necessity
Not transferring Google data to third parties except to provide/improve services, comply with law, or as part of business transactions, with your consent

Data Handling

Google user data accessed via our services is used solely to deliver requested features. We retain this data only as long as needed and protect it with appropriate security safeguards.

7. Automated Processing

We use automated tools to capture screenshots of design URLs you submit and to process orders through our fulfillment workflow. These automated processes are used solely for operational efficiency and do not involve automated decision-making that produces legal effects or similarly significant effects on you. All substantive decisions regarding your account, orders, or services are made by our team members.

8. Data Retention and Order Management

Order Data Retention

We retain order and customer data for the following periods:

Active Account Data: Retained while your account is active and for 3 years after last activity
Order Records: Retained for 7 years for tax, accounting, and warranty purposes
Design Files and Screenshots: Retained for 7 years or until deletion request, whichever comes first
Payment Information: Not stored directly; handled by secure payment processors with their own retention policies
Communication Records: Retained for 3 years for customer service and quality purposes

Multi-Tenant Data Organization

Your data is organized within your organization's account. Each organization's data is logically separated and secured from other organizations. Organization administrators can manage user access and data within their organization, but cannot access data from other organizations.

9. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your browsing experience, analyze site usage, and personalize content. Our cookies fall into the following categories:

Strictly Necessary Cookies

These cookies are required for the website to function and cannot be disabled. They include:

Authentication: Session cookies from Auth0 to maintain your login state
Security: CSRF protection and security tokens
Functionality: Cookies that remember your preferences and settings

Analytics and Performance Cookies

These cookies help us understand how visitors use our website so we can improve it. They include:

Usage Analytics: Information about how you use our website and services
Performance Monitoring: Data to help us improve site speed and functionality
Error Tracking: Information to help us identify and fix technical issues

Managing Your Cookie Preferences

You can manage your cookie preferences through your browser settings. Most browsers allow you to block or delete cookies, view what cookies are set, and manage preferences on a per-site basis. Please note that disabling strictly necessary cookies may affect the functionality of our services, including your ability to log in and place orders. For more information on managing cookies in your browser, visit your browser's help documentation.

10. Do Not Track Signals

Some web browsers transmit "Do Not Track" (DNT) signals to websites. Because there is no universally accepted standard for how to interpret DNT signals, our website does not currently respond to browser DNT signals. However, you can manage your privacy preferences through your browser settings and the cookie management options described above.

11. Your Rights

You have the right to:

Access and update your personal information
Request deletion of your data (subject to legal requirements)
Opt out of marketing communications
File a complaint with relevant data protection authorities

12. State Privacy Law Compliance

If you are a resident of California, Virginia, Colorado, Connecticut, or another state with applicable consumer privacy legislation, you may have additional rights under those laws, including the California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA/CPRA), the Virginia Consumer Data Protection Act (VCDPA), the Colorado Privacy Act (CPA), and the Connecticut Data Privacy Act (CTDPA).

Your State Privacy Rights

Depending on your state of residence, you may have the right to:

Right to Know: Request information about the categories and specific pieces of personal information we have collected about you, the sources of that information, our purposes for collecting it, and the categories of third parties with whom we share it
Right to Delete: Request deletion of personal information we have collected from you, subject to certain legal exceptions (such as data needed for ongoing orders or required for legal compliance)
Right to Correct: Request correction of inaccurate personal information we maintain about you
Right to Data Portability: Request a copy of your personal information in a structured, commonly used, and machine-readable format
Right to Opt-Out of Sale: Opt out of the sale or sharing of your personal information. Please note that The Swan Brothers does not sell your personal information to third parties
Right to Non-Discrimination: Exercise your privacy rights without receiving discriminatory treatment from us

How to Exercise Your Rights

To exercise any of the rights described above, please contact us by email at info@theswanbrothers.com or by phone at (413) 344-9199. We will verify your identity before processing your request and respond within the timeframe required by applicable law (typically 45 days, with extensions as permitted). You may also designate an authorized agent to make a request on your behalf.

13. International Data Transfers

Our services are operated from and our data is stored and processed in the United States. If you are accessing our services from outside the United States, please be aware that your information will be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country of residence. By using our services, you consent to the transfer of your information to the United States.

14. Children's Privacy

Our services are not intended for children under 13. We do not knowingly collect personal data from children under 13, and will promptly delete any such data if discovered.

15. Changes to This Policy

We may update this Privacy Policy periodically. Significant changes will be communicated by updating the policy on our website and revising the "last updated" date.

16. Contact Us

If you have any questions about this privacy policy, please contact us:

The Swan Brothers
33 Whipple St
Pittsfield, MA 01201
Phone: (413) 344-9199
Email: info@theswanbrothers.com