For people who love to thrift, we offer the largest variety of quality clothing, housewares, and accessories possible, at low prices, because our family believes that taking care of communities starts with taking care of families.
VALUE WORLD DATA PRIVACY AND PROTECTION POLICIES
We Respect Your Privacy
We at Value World take your privacy and the protection of your data seriously. Like you, we hate getting SPAM and worry about the security of our personal information. So, when it comes to privacy, we follow the golden rule. We treat others the way we want to be treated.
HERE’S WHAT IT BOILS DOWN TO:
We take multiple measures to protect our site and your data. We collect non-identifying information needed to keep our site safe and run efficiently. And when you share your information with us using one of our forms, we will only use that information to communicate directly with you. We promise not to share your information with anyone else.
We’ve updated our privacy policies and procedures to comply with the European Union’s General Data Protection Regulation 2016/679 (GDPR) rules effective May 25, 2018. Please read the details below to learn more about how we handle your data.
WHY WE NEED YOUR DATA
We rely on a number of legal bases to collect, use, and share your information, including:
- As needed to provide our services, such as when we use your information to respond to a request for information or provide website tech support;
- When you have provided your affirmative consent, which you may revoke at any time, such as subscribing to our blog/newsletter;
- If necessary to comply with a legal obligation or court order or in connection with a legal claim, if required by law; and
- As necessary for the purpose of our legitimate interests, if those legitimate interests are not overridden by your rights or interests, such as (1) providing and improving our services. I use your information to provide the services you requested and in my legitimate interest to improve my services; and (2) Compliance with our website partners’ policies and terms of use (such as Google Analytics, Constant Contact, security software providers, our web hosting provider, etc.)
TYPES OF DATA WE COLLECT AND HOW WE USE IT
Website Cookies
We use website cookies to protect our site, enhance our visitor’s user experience, and measure how well our site is working.
- When someone visits our website, we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behavior patterns. We do this to find out things such as the number of visitors to various parts of the site and what kinds of devices they’re using to access the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.
- We also use multiple layers of security software to block potential spammers, hackers, and other malicious users to ensure that our website runs smoothly, and to protect stored user data. Some of the software uses cookies to:
- Check that the visitor’s system can handle loading our site (or log into it if they’re a registered user);
- Alert the website’s admin when someone is attempting to log into or make changes to the site;
- Track what country a visitor is coming from and allow them to access the site (if country blocking is enabled, and the site admin has specifically permitted this user).
Personally Identifying Information
- Some of our security software compares incoming IP addresses against lists of known “black-listed” addresses in order to stop malicious users from accessing the site. Occasionally, when it’s noted that a brute force attack is being attempted, the software notes the offending IP addresses and alerts the website admin. We then log that IP address as one that should be blocked in the future.
- When website visitors fill out an email form to contact us directly, we collect and retain the contact information they provide, which includes their name and email address.
- In addition, we collect their IP address, in order to identify spammers. If we spot one, we enter that IP address into our security software’s “black list” to prevent them from accessing our site in the future.
- Other than the occurrences listed above, we do not collect or retain any personally identifying information about our website visitors.
Square VIP Club/Loyalty/Customer Data
We use Square as our Point of Sale (POS) system. Data collected in Square allows us to track customer data so that we can make business decisions based on overall sales data, award loyalty points, make special offers to, and communicate with customers via email and/or text.
Customers who sign up for, or check on their status in, our VIP program via our website forms, enter their data into the Square system.
You can find information about Square’s privacy and security policies here:
https://squareup.com/help/us/en/article/3796-privacy-and-security
https://squareup.com/help/us/en/article/7121-general-data-protection-regulation-gdpr
HOW LONG WE STORE YOUR DATA (DATA RETENTION)
We retain your personal information only for as long as it’s necessary to provide you with our services. However, we may also be required to retain this information to comply with legal and regulatory obligations, to resolve disputes, and enforce agreements.
We keep the aggregated data collected by Google Analytics indefinitely. This helps us measure how our site is performing now compared to selected date ranges in the past. This data does not contain any Personally Identifiable Information about any individuals.
We generally store the contact information you share with us via website forms or at checkout indefinitely, or as long as we maintain an ongoing relationship with you (meaning, we’ve mutually agreed to be in contact with each other).
IP addresses of known malicious entities (who could potentially attack our website) are stored in our “black-list” indefinitely.
HOW YOUR DATA IS PROTECTED
Data Encryption
We have installed an SSL Certificate on our website to ensure that visitors have a secure connection when they share information with us.
An SSL (Secure Sockets Layer) certificate is a digital certificate that authenticates the identity of a website and encrypts information sent to the server using SSL technology. Encryption is the process of scrambling data into an undecipherable format that can only be returned to a readable format with the proper decryption key.
This means that when you provide information to us using one of our website forms (over a secure network connection), your website browser accesses our server’s digital certificate and establishes a secure connection. This helps prevent your data from being stolen or misused.
Multiple Layers of Security Software
We pay for a type of website hosting that includes extra security features, including regular scans for malicious code or other potential threats. In addition, as noted above, we use several third-party software packages to secure our site even further. We do not disclose those software packages here, but if you are concerned about how we’ve secured your personal data, you may contact our Data Protection Officer for more details.
TRANSFERS OF PERSONAL INFORMATION OUTSIDE THE EU
We may store and process your information through third-party hosting services in the US and other jurisdictions. As a result, we may transfer your personal information to a jurisdiction with different data protection and government surveillance laws than your jurisdiction. If we deem it necessary to transfer information about you via third-party services, we will first ensure that they comply with GDPR requirements.
ACCESS TO YOUR PERSONAL INFORMATION
If you reside in certain territories, including the EU, you have a number of rights in relation to your personal information. While some of these rights apply generally, certain rights apply only in certain limited cases. We describe these rights below:
- Access. You may have the right to access and receive a copy of the personal information we hold about you by contacting us using the contact information below.
- Change, restrict, delete. You may also have rights to change, restrict our use of, or delete your personal information. Absent exceptional circumstances (like where we are required to store data for legal reasons) we will generally delete your personal information upon request.
- Object. You can object to (1) our processing of some of your information based on our legitimate interests and (2) receiving marketing messages from us after providing your express consent to receive them. In such cases, we will delete your personal information unless we have compelling and legitimate grounds to continue using that information or if it is needed for legal reasons.
- Complain. If you reside in the EU and wish to raise a concern about our use of your information (and without prejudice to any other rights you may have), you have the right to do so with your local data protection authority.
HOW TO CONTACT US
For purposes of the EU data protection law, Tia Winfield is the Data Protection Officer for Value World. If you have any questions about how we collect, use, or store your data, you may contact her at marketing@valueworld.com.
CHANGES TO THESE PRIVACY AND DATA PROTECTION POLICIES
This policy statement was updated on July 1, 2023.
We will periodically review and revise our policies as needed in order to comply with GDPR, privacy laws of the United States, and industry best practices.