Last updated: December 15, 2022
“Personal Data” means data that allows someone to identify or contact you, including, for example, your name, address, telephone number, e-mail address, as well as any other non-public information about you that is associated with or linked to any of the foregoing data.
“Sites” means our websites, applications, widgets, blogs, social networks, or other online, mobile, or wireless offerings and the services offered on those Sites.
Rye provides online marketing services and applications, including the Rye application and Rye APIs (the “Services”). Our Services enable developers (“Developers”) to work together with brands, retailers and other merchants (“Merchants”) to build an end to end e-commerce experience.
Information We Collect
The Personal Data that we may collect broadly falls into the following categories:
Information You Give Us: We may collect Personal Data when you sign up for the Services, integrate the Services with another website or service (for example, when you choose to connect your e-commerce account with Rye), send us an email or communicate with us in any other way. Categories of information include:
- Identifiers such as real name, address, email address, phone number, employer, job title, username, and password for account registration and administration.
- Commercial information such as your billing address, shipping address, transactions and purchases of the Services. We do not store or process payment information, such as your credit or debit card number or your bank account number.
- Internet or other electronic network activity information, such as interactions with our Rye App, interactions with our APIs, and communications sent through our Services.
- Information about your customers you provide to our Sites.
Information We Receive from Developers: Developers may provide us Personal Data through the Services. For example, when a Developer integrates the Services with another website or service (for example, when a Developer chooses to connect their e-commerce account with Rye). This information includes:
- Identifiers such as real name, address, email address, job title, company, or phone number.
- Internet or other electronic network activity information, such as your public profile on social media accounts. Depending on your privacy settings for your social media account, this includes your profile picture, social media handle, number of followers, bio, if you’re verified and your location by city and country.
- Commercial information, such as products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies through the Developer’s Shopify account. This also includes your product requests.
- Developers are responsible for their privacy and security practices. You may have the opportunity to update some of your information by electing to update or manage your preferences directly with the Developer.
The categories of information include:
- Device information: We collect information about the device and applications you use to access the Services, such as your IP address, your operating system, your browser ID, and other information about your system and connection.
- Log data: Our web servers keep log files that record data each time a device accesses those servers and those log files contain data about the nature of each access, including originating IP addresses. We may also access metadata and other information associated with files that you upload into our Services.
- Product usage data: We collect usage data about you whenever you interact with our Services, which may include the dates and times you access the Services and your browsing activities (such as what portions of the Services are used). We also collect information regarding the performance of the Services.
We generally collect this information in the aggregate to improve our services. We do not associate this information with you or your computer, unless:
- You have chosen to sign up for Services that require tracking across websites. For example, if you wish to sign up for Rye-enabled discounts and free products across Developer websites, we need to track whether you are interacting with a particular Developer’s shopping cart.
- You have asked us to troubleshoot any technical or security issues you have with using our website or application.
- We need to investigate a violation of our Terms.
Information We Collect from Third Parties: From time to time, we may obtain information about you from third-party sources, such as public databases, public profiles on social media platforms, and third-party data providers. We take steps to ensure that such third parties are legally and/or contractually permitted to disclose such information to us.
How We Use the Personal Data
We may use the Personal Data we collect through the Services or other sources for a range of reasons, including:
- To provide you with the Services on our Sites.
- To communicate with you about your account and provide customer support.
- To bill and collect money owed to us by you.
- To share with third-party marketing platforms (e.g. Google Ads, Facebook Ads) to provide tailored advertising on our Sites and other websites that you may visit.
- To market our products and/or services to you.
- To analyze Site usage and improve the services offered.
- For market research, project planning, troubleshooting problems.
- For detecting and protecting against error, fraud or other criminal activity.
- To enforce compliance with our Terms and applicable law, and to protect the rights and safety of our [Developers] and third parties, as well as our own. This may include developing tools and algorithms that help us monitor the use of our Services and prevent violations.
- Through website cookies, which you may manage through our cookie banner, we share your information with third-party marketing platforms (e.g. Google Ads, Facebook Ads) to provide tailored advertising on our Sites and other websites that you may visit
- To market our products and/or services to you
- To analyze Site usage and improve the services offered
- For market research, project planning, troubleshooting problems
- For detecting and protecting against error, fraud or other criminal activity
- To enforce compliance with our Terms and applicable law, and to protect the rights and safety of our Developers and third parties, as well as our own. This may include developing tools and algorithms that help us monitor the use of our Services and prevent violations.
- To give you information about products or discounts from Merchants.
- To communicate with you about your account and provide customer support.
How We Share the Personal Data
Affiliates and Service Providers. We share your information with our third-party service providers and any subcontractors as required to offer you our products and services. For example, we use third-party credit card processors to process billing and payments. These service providers are under a duty of confidentiality.
Third Party Marketing and Advertising Organizations. Through website cookies, which you may manage through our cookie banner, we share your information with third party marketing and advertising partners, such as Google, Facebook, Instagram, and YouTube to provide tailored advertising on our Sites and other websites that you may visit.
Third Party Links and Sites. Our website may contain links to and from the websites of third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any data to these websites.
Disclosures Required by Law. We may be required to disclose your data in response to lawful requests by public authorities, including to meet law enforcement requirements. We may be under a duty to disclose or share your personal data in order to comply with any legal obligation, to enforce or apply our Terms and other agreements, to protect our rights, property, or safety, or the protect the rights, property, or safety of others. This includes exchanging information with other companies and organizations for the purposes of fraud protection.
Developers. We share your public information with Developers that you already follow or buy from, so they may can contact you with offers for products. We may share this information through avenues such as the Rye browser dashboard, the Rye application dashboard, or through tools and APIs that may integrate with our products and/or services. In order to help protect your privacy, we ask Developers to abide by our Additional Terms for Developers. These terms require Developers to only communicate with customers that they already have a relationship with. These terms also require Developers to respect your privacy when they contact you. If you would like to opt out of this sharing of information with Developers, please contact us at the contact information below or submit a request online.
Deidentified and Aggregate Data. We share deidentified and aggregate data with our users or other third parties to analyze sales and customer trends. This data cannot be reasonably identified to an individual and is not Personal Data.
Legal Bases for Processing (EEA Individuals)
If you are from the European Economic Area, our legal bases for collecting and using your Personal Data is as follows:
- The performance of your contract or to enter into the contract and to take action on your requests. For example, the processing of your Rye account registration, providing information on your interactions with our Rye App, providing communications with your Contacts on the Rye App, and facilitating discounts and free product requests from your Contacts.
- Our legitimate business interests. For example, fraud prevention, maintaining the security of our network and services, direct marketing to you, and improvement of our services.
- Compliance with a mandatory legal obligation. For example, accounting and tax requirements, which are subject to mandatory retention periods. We may also collect your Personal Data to record your requests to exercise your rights and to verify your identity for such requests.
- Consent you provide where we do not rely on another legal basis. Consent may be withdrawn at any time.
- In some limited cases, we may also have a legal obligation to collect Personal Data from you, in response to lawful requests by public authorities, including to meet law enforcement requirements, as described above in “How We Share the Personal Data?”
- The performance of your contract or to enter into the contract and to take action on your requests. For example, the processing of your Rye account registration, providing information on your interactions with our Rye App, providing communications with Developers on the Rye App.
Your Privacy Choices
Marketing Opt-Out from Developers: If you no longer want to be contacted by one of our Developers through our Services, please unsubscribe directly from that Developer’s email list or contact the Developer directly to update or delete your data.
Marketing Opt-Out From Communications: If you have opted-in to Rye directly, we may use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe instructions provided in any email we send. You will still continue to receive service-related messages concerning our Services.
Opt-Out from Rye Dashboard: Customers have the option to remove their profiles from our Developer dashboard by using the contact form below or submitting a request online. Once removed, Developers would no longer be able to contact you for partnership opportunities.
Exercising Your Privacy Rights: We have listed the privacy rights for several jurisdictions below, but we understand you may have additional rights in your jurisdiction. You may contact us directly at any time about exercising your data protection rights. We will consider your request in accordance with applicable laws, and may remove or update your information within a reasonable time and after providing notice to the Developer of your request. If you authenticated into the Services via Instagram, we will remove any “User Content” (as defined in the Instagram Platform Policy) or other information that you request within a reasonable time. We may ask you to verify your identity in order to help us respond efficiently to your request.
Third Party Marketing. California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your Personal Data to third parties for the third parties’ direct marketing purposes. To make such a request, please contact us at the Contact Information below.
California Consumer Privacy Act. If you are a California consumer, you have the following rights beginning on January 1, 2020:
- The right to know what Personal Data is being collected about you.
- The right to know whether your Personal Data is sold or disclosed and to whom.
- The right to say no to the sale of Personal Data.
- The right to access your Personal Data.
- The right, in certain circumstances, to delete the information you have provided to us.
- The right to equal service and price, even if you exercise your privacy rights, unless the difference in service and/or price is reasonably related to the value provided to the you by your Personal Data.
Requests for Deletion and Information. In certain circumstances, California consumers have the right to request that we delete their information. In addition, California consumers have the right to request, up to twice in a 12-month period, that a business that collects Personal Data about the consumer disclose to the consumer the information listed below for the preceding 12 months. We have the right to request verification of your identity for all requests for information.
(1) The categories of Personal Data it has collected about that consumer.
(2) The categories of sources from which the Personal Data is collected.
(3) The business or commercial purpose for collecting or selling Personal Data.
(4) The categories of third parties with whom the business shares Personal Data.
(5) The categories of Personal Data that the business sold about the consumer and the categories of third parties to whom the Personal Data was sold, by category or categories of Personal Data for each third party to whom the Personal Data was sold.
(6) The categories of Personal Data that the business disclosed about the consumer for a business purpose.
(7) The specific pieces of Personal Data it has collected about that consumer.
EEA Privacy Rights. If you are from the European Economic Area, you have the right, under certain circumstances, to:
- Access your Personal Data;
- Correct inaccurate Personal Data;
- Request erasure of your Personal Data without undue delay;
- Request the restricted processing of your Personal Data;
- Request portability of the Personal Data that you have given us; and
- To object to the processing of your Personal Data, including the ability to object to automated processing and/or profiling.
If you are from the European Economic Area, you also have the right to lodge a complaint with a supervisory authority, under certain circumstances.
Any data that you provide to us may be accessed, shared or processed by our offices, located in the United States, and service providers located in the United States and abroad, if such data transfer is necessary for the specific purpose for which you submitted your data (such as the provision of goods or services under a written contract). This may entail a transfer of your Personal Data across international borders, including, but not limited to, transfers from within the European Economic Area (the “EEA”) to the United States. The data protections standards may differ and be lower than the standards enforced in your jurisdiction. We maintain appropriate safeguards as required by applicable law for any Personal Data transferred internationally, and as required by applicable law, will seek your consent prior to such transfers.
This website is not directed at individuals under the age of 16. We do not knowingly collect Personal Data from children under 16. If you become aware that a child has provided us with Personal Data, please contact us at the Contact Information below. If we become aware that a child under 16 has provided us with Personal Data, we will take steps to delete such information.
In accordance with our Additional Terms for Developers, Developers are also required to implement age-gating techniques appropriate to the products and services they provide. If you become aware that an individual or Developer has provided us with Personal Data in violation of these Additional Terms (e.g. Personal Data from individuals under 18 for tobacco products or adult services), please contact us at the Contact Information below.
Do Not Track
Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. DNT is a way for users to inform websites and services that they do not want certain information about their webpage visits collected over time and across websites or online services. We do not recognize or respond to browser-initiated DNT signals, as the Internet industry is currently still working toward defining exactly what DNT means, what it means to comply with DNT, and a common approach to responding to DNT.
Change of Control
Personal Data may be transferred to a third party as a result of a sale, acquisition, merger, reorganization or other change in control. If we sell, merge or transfer any part of the business, part of the sale may include your Personal Data.
Our retention periods will vary depending on the type of data involved, but, generally, we’ll refer to these criteria in order to determine the appropriate retention period:
- Whether we have a legal or contractual need to retain the data.
- Whether the data is necessary to provide our Services.
- Whether our Developers have the ability to access and delete the data within their accounts.
- Whether our Developers would reasonably expect that we would retain the data until they remove it or until their accounts are closed or terminated.
When we have no ongoing lawful basis to process your Personal Data, we will either delete or anonymize it or, if this is not possible (for example, because your Personal Data has been stored in backup archives), then we will securely store your Personal Data and isolate it from any further processing until deletion is possible.
We take appropriate and reasonable technical and organizational measures to protect Personal Data from loss, misuse, unauthorized access, disclosure, alteration, and destruction, taking into account the risks involved in the processing and the nature of the Personal Data. accounts require a username and password, or social media authentication, to log in. Account holders must keep their username and password secure, and never disclose it to a third party in accordance with our Terms.
Operator Labs Worldwide, Inc.
2093 Philadelphia Pike #1723
Claymont, DE 19703
Attention: Privacy Officer
Start building with Rye
Build the future of eCommerce in your app
Start building with Rye
Build the future of eCommerce in your app