Effective May 23, 2023

1. Introduction

At DecanterEngraving.com we take data privacy seriously. This privacy policy explains who we are, how we collect, share and use personal information, and how you can exercise your privacy rights. We recommend that you read this privacy policy in full to ensure you are fully informed. If you have any questions or concerns about our use of your Personal Information, then please contact us using the contact details provided at the end of Section 5.

2. Who we are

DecanterEngraving.com (the “Website”) is owned and operated by nGrave Solutions, LLC  a company headquartered in the State of  New York in the United States (“we” “us” the “Company”). Our Website offers custom engraved crystal decanters and barware (“Products”) and related services (“Services”) for both individual retail and business clients. 

3. What data we collect and why we collect it

Information you provide to us

Personal Information – In the course of engaging with our Services, you may provide certain personal information about you. “Personal Information” means any information that identifies or can be used to identify a user or customer, directly or indirectly. Examples of personal Information include, but are not limited to, first and last name, username, email address, contact phone number or other demographic information. By providing us this information, you agree to this information being collected, used and disclosed as described in our Terms of Use and in this privacy policy.
Media Files When using our Services, you may provide various media file(s) containing logos, signatures, images or other forms of content (“Artwork”) to be used for engraving. We do not use data from Artwork provided  for anything except for providing a digital rendering (“Proof”) for you review and approval and for creating the personalized product based on the artwork proof you approved. By uploading or otherwise submitting any media files, you you confirm that you have permission to use the Artwork contained in the file. 

Information we collect from other sources

Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.
Profile Data includes your username and password, purchases or orders made by you, preferences, feedback and survey responses, as well as any profile data which we have added (for example, using analytics and profiling).
Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
Usage Data includes information about how you use our website, products and services.
Tracking Data – includes information we or others collect about you from cookies and similar tracking technologies, such as web beacons, pixels, and mobile identifiers.
Marketing and Communications Data – includes your preferences in receiving direct marketing (such as newsletters, promotional emails) from us your communication preferences.

4. How is your data collected?

We use different methods to collect data from and about you including through:

Direct interactions  This includes personal data you provide when you:

  • order our products or services;
  • create an account on our website;
  • create designs for products on our website;
  • engage with us on social media;
  • sign up to receive our newsletter or promotional emails;
  • enter a competition, promotion or survey;
  • leave comments or reviews on our products or services.

Automated technologies or interactions As you interact with us, including using our Website, we may automatically collect technical data about your equipment, browsing actions and patterns. We may also collect Tracking Data when you use our website, or when you click on one of our adverts (including those shown on third party websites).

Third parties or publicly available sources -We may receive personal data about you from various types of third parties, including:

  • Technical Data and/or Tracking Data from analytics providers, advertising networks and search information providers;
  • Contact and Transaction Data from providers of payment and fraud prevention services; or
  • Data from any third parties who are permitted by law or have your permission to share your personal data with us, such as via social media or review sites 

5. How we use your personal data?

  • Where we need to perform the contract we are about to enter into or have entered into with you. For example, when you purchase our products, that’s a contract.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. For example, when we carry out fraud screening as part of the check-out process.
  • Where we need to comply with a legal or regulatory obligation. For example, keeping records of our sales for tax compliance.

6. Cookies

We may use various technologies to collect and store information when you use our Website and Services, and this may include using cookies and/or similar tracking technologies, such as pixels. 

For example, we use web beacons in the emails we send on your behalf. These web beacons track certain behavior such as whether the email sent through the Services was delivered and opened and whether links within the email were clicked. They also allow us to collect information such as the recipient’s IP address, browser, email client type and other similar details. We use this information to measure the performance of your email campaigns, and to provide analytics information and enhance the effectiveness of our Services. Reports are also available to us when we send email to you, so we may collect and review that information.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

7. Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

8. Who we share your data with

We may share your personal data with the parties set out below for the purposes set out in this privacy policy. We may also share your personal data if the law otherwise allows it.

We may share personal data with the following categories third parties:

  • Suppliers and service providers (such as technology service providers, payment processing and fraud prevention providers, manufacturers and post and courier services);
  • nGrave Solutions, LLC group companies;
  • auditors and professional advisers like bankers, lawyers, accountants and insurers; and
  • government, regulators and law enforcement.

We may also share data with third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy policy.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

9. Payment Information

We uses third party payment processors Authorize.net, Briantree and PayPal to process payments made for products and services via the Website. All online payments are conducted in accordance with Payment Card Industry (PCI) data security standards and your billing information (which is only used by these payment processors for the purpose of performing fraud protection) is encrypted before being communicated to them. Your credit/debit card details are communicated directly from your browser via a secured (SSL encrypted) connection to these payment processors and as such, nGrave Solutions never receives or stores your full payment information. This means that the payment form is either off-site or displayed in a frame on the payment page. 

After submitting payment, from our payment processors we do receive and store transactional information on the type of payment used (Visa, Amex, Mastercard, PayPal etc.) and in the case of credit card payments, the last 4 digits of the card number used. For PayPal we only store the tokens required to identify the transaction with PayPal, issue refunds and identify transactions made using PayPal.

10. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

11. Third-party links

This website may include links to third-party websites, plug-ins and applications (for example, the ability to sign in with Facebook). Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

12. How long we retain your data

We will only keep your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

By law we have to keep basic information about our customers (including Contact, Identity, and Transaction Data) for six years after they stop being customers for tax purposes.

We offer the option to our customers to re-order previously ordered personalized Products. To be able to facilitate re-order requests, Artwork used in the original production process is stored indefinitely, unless otherwise requested by the customer. 

In some circumstances you can ask us to delete parts or all your data; see Your legal rights below for further information.

14. What rights you have over your data

If the General Data Protection Regulation applies to you because you are in the European Union, you have rights under data protection laws in relation to your personal data:

  • The right to be informed – that’s an obligation on us to inform you how we use your personal data (and that’s what we’re doing that in this privacy policy);
  • The right of access – that’s a right to make what’s known as a ‘data subject access request’ for copy of the personal data we hold about you;
  • The right to rectification – that’s a right to make us correct personal data about you that may be incomplete or inaccurate;
  • The right to erasure – that’s also known as the ‘right to be forgotten’ where in certain circumstances you can ask us to delete the personal data we have about you (unless there’s an overriding legal reason we need to keep it);
  • The right to restrict processing – that’s a right for you in certain circumstances to ask us to suspend processing personal data;
  • The right to data portability – that’s a right for you to ask us for a copy of your personal data in a common format (for example, a .csv file);
  • The right to object – that’s a right for you to object to us processing your personal data (for example, if you object to us processing your data for direct marketing); and
  • Rights in relation to automated decision making and profiling – that’s a right you have for us to be transparent about any profiling we do, or any automated decision making.

If you wish to exercise any of the rights set out above, please contact us via email at [email protected] .

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

We have appointed a data privacy manager who is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact the data privacy manager using the details in How to contact us about privacy below.

15. How to contact us about privacy

If you have any questions about this privacy policy, or would like to exercise any of your rights, email us at [email protected] 
If you have general inquires about our products and services, or this Website in general, please contact our customer support team here.

16. Changes to this Privacy Policy

We may change this privacy policy at any time and from time to time. All updates and amendments are effective immediately upon notice, which we may give by any means, including, but not limited to, by posting a revised version of this privacy policy or other notice on the Websites. We encourage you to review this privacy policy often to stay informed of changes that may affect you. Our electronically or otherwise properly stored copies of this privacy policy are each deemed to be the true, complete, valid, authentic, and enforceable copy of the version of this privacy policy that was in effect on each respective date you visited the Website.