TomThelen.com – Updated February 2020
TomThelen.com, a subsidiary of Character Programs, LLC collects and uses your personally identifiable information to deliver the products you have requested. Your information, whether public or private, will not be sold, exchanged, transferred, or given to any other company for any reason, without your consent, other than for the express purpose of delivering our product to you and improving your customer experience.
With your permission, we may send you emails about our store, new products, and other updates. When you purchase something from our store, as part of the buying and selling process, we collect payment information and personal information you give us such as your name, address, phone number and email address.
When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
COOKIE STORAGE AND ACCESS
SHARING INFORMATION WITH THIRD PARTIES
We may enter into alliances, partnerships or other business arrangements with third parties who may be given access to personal information including your name, address, telephone number and email for the purpose of providing you information regarding products and services that we think will be of interest to you. In connection with alliances, partnerships or arrangements, we may also provide certain information to third parties if we have determined that the information will be used in a responsible manner by a responsible third party. For example, some of our partners may provide services related to our site, while others power offerings developed by us for your use. We also use third parties to facilitate our business, including, but not limited to, sending email. In connection with these offerings and business operations, our partners and other third parties may have access to your personal information for use in connection with business activities. As we develop our business, we may buy or sell assets or business offerings. Customer, email, and visitor information is generally one of the transferred business assets in these types of transactions. We may also transfer such information in the course of corporate divestitures, mergers, or any dissolution.
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
We recognize the need to provide further privacy protections with respect to personal information we may collect from children on our sites and applications. Some of the features on our sites and applications are age-gated so that they are not available for use by children, and we do not knowingly collect personal information from children in connection with those features. When we intend to collect personal information from children, we take additional steps to protect children’s privacy, including:
- Notifying school administrators and parents about our information practices with regard to children, including the types of personal information we may collect from children, the uses to which we may put that information, and whether and with whom we may share that information;
- In accordance with applicable law, and our practices, obtaining consent from parents for the collection of personal information from their children, or for sending information about our products and services directly to their children;
- Limiting our collection of personal information from children to no more than is reasonably necessary to participate in an online activity; and
- Giving parents access or the ability to request access to personal information we have collected from their children and the ability to request that the personal information be changed or deleted.
Character Programs, LLC, in its role as a vendor to educational agencies and institutions (EAs), receives disclosures from the EAs of personally identifiable information (PII) contained in student records. Only information that is needed for Character Programs, LLC to perform services outsourced to it by the EA is disclosed to Character Programs, LLC. These disclosures are authorized under the Family Educational Rights and Privacy Act (FERPA), a federal statute that regulates the privacy of student records by EAs that receive financial assistance from the U.S. Department of Education. Character Programs, LLC, as a contractor to the EA, receives the disclosures on the same basis as school officials employed by the EA, consistent with FERPA regulations, 34 CFR §99.31(a)(1)(i)(B). Consistent with those regulations, Character Programs, LLC has a legitimate educational interest in the information to which it is given access because the information is needed to perform the outsourced service, and Character Programs, LLC is under the direct control of the EA in using and maintaining the disclosed education records, consistent with the terms of its contract.
Character Programs, LLC is subject to the same conditions on use and redisclosure of education records that govern all school officials, as provided in 34 CFR §99.33. In particular, Character Programs, LLC must ensure that only individuals that it employs or that are employed by its contractor, with legitimate educational interests – consistent with the purposes for which Character Programs, LLC obtained the information — obtain access to PII from education records it maintains on behalf of the district or institution. Further, in accordance with 34 CFR §99.33(a) and (b), Character Programs, LLC may not redisclose PII without consent of a parent or an eligible student (meaning a student who is 18 years old or above or is enrolled in postsecondary education) unless the agency or institution has authorized the redisclosure under a FERPA exception and the agency or institution records the subsequent disclosure. An example of such a disclosure is when Character Programs, LLC is requested by a school district to assist the district in the transfer of the student records from our system to another system.
Character Programs, LLC will not sell or otherwise use or redisclose education records for targeted advertising or marketing purposes. Character Programs, LLC does not allow advertising within its products, and therefore there is no behavioral or targeted advertising. Character Programs, LLC uses data within its products only to deliver the services contracted by the educational institution. Character Programs, LLC may use anonymized, non-PII data internally to improve the products and services it delivers to EAs.
Character Programs, LLC understands that medical information about our users’ health is personal “ProtectedHealth Information” (“PHI”) and we are committed to protecting that medical information. We do not directly collect or solicit health-related information from our users, but recognize that PHI may be inadvertently shared within User Generated Content. Character Programs, LLC maintains HIPAA-compliant methodologies of storing and delivering User Generated Content and strives to comply with HIPAA.
We may disclose personal information (1) if it’s in response to a legal process, e.g. in response to a court order or subpoena, or in response to a law enforcement agency’s requests, (2) in response to a charge-back inquiry from our merchant bank about your payment for products, or (3) if you violate our Terms of Service.
THIRD PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions. For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
When you click on links in our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
By using this site, our app, or our Service, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site. If you don’t provide an email address, you will be unable to create a user account to access purchase history.
UPDATES TO YOUR CONSENT
If after you opt-in for emails or subscriptions, and you change your mind, you may cancel these at any time by unsubscribing at the bottom of our emails.
If you have any further questions, or need additional information, please contact us via the contact page.