Free Shipping on U.S. orders over $150 SHOP NOW

Privacy Policy

 

PRIVACY POLICY


Effective Date: SEPTEMBER 30, 2025 


This Privacy Policy describes how Beach Riot (“Beach Riot”, “we”, “us” or “our”) collect, use, store, and share your information when (1) you access and/or use our websites, mobile applications, or other digital properties we own and operate, including www.beachriot.com (“Websites”); (2) you communicate with us in any manner, including by email, direct messaging, telephone, and/or in person (“Communications”); and (3) we interact with certain third party partners, (collectively the “Services”).

Please note the following sections that include important disclosures related to our Websites and Services:

  • Cookies, Advertising, and Tracking Technology Disclosures: To learn more about how our Websites, Products, and Communications use cookies and related technologies (including from Third Parties), see Cookies, Advertising, and Tracking below.

  • Your Choices Disclosures: To learn more about your choices concerning your information, see Your Choices below.

If you are resident of certain states or countries, you may be entitled to additional rights. Please see the following quick-links below for easy access to additional information for such residents

  • CA Residents: If you are a resident of California, please see our Section 16 – Your California Privacy Rights below.

  • UT Residents: If you are a resident of Utah, please see Section 17 - U.S. “Controller” Privacy Notice below.

  • Nevada Residents: If you are a resident of Nevada, please see our Section 18 - Nevada Privacy Notice below.

  • European Residents: If you are a resident of Europe, including a member state of the European Union or the United Kingdom, please see our Section 19 - Europe Privacy Notice below.


SECTION 1 – WHAT INFORMATION DO WE COLLECT?

Depending on how you interact with our Websites, the nature of our Communications, and how we may interact with certain third party partners in connection with your use of the Services, we may collect the following pieces of your information:

  • Basic Identifying Information. Information you provide when you sign-up for an account for our Services such as your full name, profile photograph, postal address, e-mail address, phone number, account name, and other similar identifiers.

  • Device Identifier and other Unique Identifiers. Information such as your device identifier, internet protocol (IP) address, cookies, beacons, pixel tags, and other unique identifiers.

  • Internet or Other Network Activity. Information such as your browsing or search history, and other information regarding your interactions with our Websites, emails, and advertisements.

  • Geolocation Data. Information that permits us to determine your location so that we can determine the best place for you to pick up products and samples.  

  • Commercial Information. Information such as the products you have purchased and considered, returns you have made, and related information about your commercial activities.  

  • Demographic Information. Information such as your age, gender, and date of birth. 

  • User Content. Information such as your Communications with us and any other content you provide, such as photographs of receipts, images, survey responses, comments, product reviews, testimonials, and other content. 

  • Sensory Data. Images and audio, video or call recordings created in ‎connection with our business activities

  • Inferences. Information such as inferences drawn from or created based on the information identified above. 

SECTION 2 – HOW DO WE COLLECT YOUR INFORMATION?

Directly From You: We collect information directly from you when you enter your information on our Website, including in the process of purchasing something from our store. You also provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase. If we ask for your personal information for a secondary reason, like marketing, we will provide you notice Information you may provide includes Basic Identifying Information, Demographic Information, User Content, and Audio and Visual Information..

Automatically Using Online Technologies: When you browse our store, and otherwise interact with our Websites we also automatically receive information about you and your device. Information we collect automatically include Device Identifier and other Unique Identifiers, Internet or Other Network Activity, Geolocation Data , and Commercial Information. 

From Our Partners: We collect information from our third party partners, data analytics providers, marketing or advertising providers, fraud prevention service providers, and vendors that provide services.  This information may include  Inferences, Basic Identifying Information, and Commercial Information.  

SECTION 3 – HOW DO WE USE YOUR RELATED INFORMATION

We use your information for a variety of purposes, including to:

  • Provide our Websites and Services to You. We use your information to provide our Websites and Services to you, including to: (1) create and manage your account when you sign-up to use our Services; (2) facilitate your access and use of our Websites; (3) confirm payments and receipts related to purchases processed by our third party payment processors (4) receive feedback on products, (5) to facilitate your participation in discount or other reward programs we may offer; (6) send you notifications relating to your account and participation in our Services; (7) answer your Communications; (8) for testing, research, analysis, and product development, (9) to anonymize or aggregate your ‎information for marketing and actuarial ‎purposes,  and (10) perform other related business operations needs. 

  • Communicate with You. We use your information to engage in Communications with you, such as to respond to your requests, inquiries, issues, feedback, provide you with alerts, and to provide customer service.

  • Market and Advertise. We use your information for marketing and advertising purposes, including sending marketing, advertising, and promotional communications to you by email, text message, or postal mail. We also use your information to show you advertisements for Services and to administer our sweepstakes and other contests. For more information about how to opt out of marketing messages, please see Section 10 – Your Choices below. 

  • Conduct Analytics and Personalization. We use your information to conduct research and analytics, including to improve our Websites and Services. We also use your information to understand your interaction with our Websites, advertisements, Services, and our Communications with you. We also use your information to personalize your experience, to save you time when you visit our Websites and use our Services, to better understand your needs, and to provide personalized recommendations for our Services.  

  • Security and Fraud Prevention. We use your information to detect, investigate, prevent, or take action regarding possible malicious, deceptive, fraudulent, or illegal activity, including fraudulent transactions. We also use your information to enforce our terms and procedures, prevent against security incidents, and prevent the harm to other users of our Services.

  • Legal Obligations. We use your information to comply with our legal and regulatory obligations, to establish and exercise our rights, and to defend against legal claims.

  • Business Functions. We use your information to support our core business functions, including to maintain records related to business management, loss prevent, collecting amounts owed, and identifying and repairing errors or problems in the Websites.


SECTION 4 – WHEN DO WE DISCLOSE YOUR INFORMATION?

We may disclose or share your information with affiliated and non-affiliated third-parties, including in the following scenarios:

  • With your Consent. We may disclose or share your information with your consent, which may be obtained in writing; online, through “click-through” agreements; when you accept the terms of use on our Websites; orally, either in person or on the phone; or by other means.

  • In a Business Transfer. We may disclose or share your information as part of a corporate business transaction, such as a merger or acquisition, joint venture, corporate reorganization, financing, or sale of company assets, or in the unlikely event of insolvency, bankruptcy, or receivership, in which such information could be transferred to third parties as a business asset in the transaction.

  • To Companies Processing Information On Our Behalf. We may disclose or share your information with certain non-affiliated third parties to facilitate your access and use of our Websites, our Services, and to provide us with certain business functions, including but not limited to sharing your information with brand partners, internet service providers, advertising networks, data analytics providers, governmental entities, operating systems and platforms, payment processors, social media networks, and other service providers who provide us a service (e.g., customer service, auditing, marketing, debugging to identify and repair errors that impair existing intended functionality on our Websites, and/or protecting against malicious, deceptive, fraudulent, or illegal activity).

  • For Legal Process And Protection. We may disclose or share your information to satisfy any law, regulation, legal process, governmental request, or where we have a good faith belief that access, use, preservation or disclosure of such information is reasonably necessary to: (1) enforce or apply our agreements; (2) protect our interests, property, or safety of others; (3) in connection with claims, disputes, or litigation; and (4) to protect our Websites.

We may share aggregate information about Web site users with certain third parties. This information shows user activity as a whole rather than on an individual basis; such aggregate information cannot be reasonably used to individually identify you. We may also use such aggregated information we collect about web site users to continue to improve our Site for you.


SECTION 5 – SHOPIFY

Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.

Payment:
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.

All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.

PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

For more insight, you may also want to read Shopify’s Terms of Service (http://www.shopify.com/legal/terms) or Privacy Statement (http://www.shopify.com/legal/privacy).


SECTION 6 – SECURITY and data Retention

Company uses reasonable security measures designed to prevent unauthorized intrusion to the Service and the alteration, acquisition or misuse of personal information. Nevertheless, transmission via the internet is not completely secure and we cannot guarantee the security of information about you, collected from you, or submitted by you.

We keep your information for as long as is necessary in accordance with the purpose for which it was collected, our business needs, and our legal and regulatory obligations. If we dispose of your information, we will do so in a way that is secure and appropriate to nature of the information subject to disposal.


SECTION 7 – COOKIES, TRACKING TECHNOLOGIES, ADVERTISING AND ANALYTICS

We and our third-party partners use cookies, pixels, web beacons, software development kits, and other similar online tracking technologies to gather information about you when you use our Websites, interact with some of our Products, and engage with our Communications. Some of the online tracking technologies are used to maintain the security of our Websites, manage your account, prevent crashes, fix bugs, save your preferences, assist with basic Website functions, advertising, analytics, and other performance functions.

We use analytics services, such as Google Analytics, to help us understand how users access and use the Service. 

For more information about specific third-party services we utilize in connection with Advertising, please see Section 8 – Behavioral Marketing and Advertising below. 

For information about how to control cookies, please Section 10 – Your Choices below.


SECTION 8 – BEHAVIORAL MARKETING AND ADVERTISING

Google Marketing Services

On our website we use the marketing and remarketing services of Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). These services allow us to display advertisements in a more targeted manner in order to present advertisements of interest to users. Through remarketing ads and products are displayed to users relating to an interest established by activity on other websites within the Google Network. For these purposes, a code is used by Google when our website is accessed and what are referred to as (re)marketing tags are incorporated into the website.

With their help, an individual cookie, i.e. a small file, is stored on the user’s device (comparable technologies may also be used instead of cookies). Cookies can be set by various domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com or googleadservices.com. This file records which apps users have visited, which content they are interested in and which offers have been used. In addition, technical information about the browser and operating system, referring websites, the length of the visit as well as any additional data about the use of the online products and services are stored. The IP address of users is also recorded, although we would like inform you that within the framework of Google Analytics, IP addresses within Member States of the European Union or in other contracting states to the Agreement on the European Economic Area are truncated.

All user data will only be processed as pseudonymous data. Google does not store any names or e-mail addresses. All displayed ads are therefore not displayed specifically for a person, but for the owner of the cookie. This information is collected by Google and transmitted to and stored by servers in the USA.

One of the Google marketing services we use is the online advertising program Google AdWords. In the case of Google AdWords, each AdWords customer receives a different conversion cookie. Cookies can therefore not be tracked through the websites of AdWords customers. The information collected by the cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. AdWords customers see the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag.

Google services make use of Google’s Tag Manager. For more information about Google’s use of data for marketing purposes, please see the summary page:  https://www.google.com/policies/technologies/ads, Google’s privacy policy is available at https://www.google.com/policies/privacy.

The legal basis for the use of this service is Art. 6 paragraph 1 sentence 1 letter f GDPR. If you wish to object to interest-based advertising by Google marketing services, you can do so using the settings and opt-out options provided by Google:  http://www.google.com/ads/preferences.

We also may use DART cookies for ad serving through Google’s DoubleClick, which places a cookie on your computer when you are browsing the web and visit a site using DoubleClick advertising (including some Google AdSense advertisements). This cookie is used to serve ads specific to you and your interests (“interest based targeting”). The ads served will be targeted based on your previous browsing history (For example, if you have been viewing sites about visiting Las Vegas, you may see Las Vegas hotel advertisements when viewing a non-related site, such as on a site about hockey). DART uses “non personally identifiable information”. It does NOT track personal information about you, such as your name, email address, physical address, telephone number, social security numbers, bank account numbers or credit card numbers. You can opt-out of this ad serving on all sites using this advertising by visiting http://www.doubleclick.com/privacy/dart_adserving.aspx

Facebook & Instagram 

We use the “visitor action pixels” from Facebook & Instagram Inc (1 Hacker Way, Menlo Park, CA 94025, USA, or, if you are based in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”)) on our website.

This allows user behavior to be tracked after they have been redirected to the provider’s website by clicking on a Facebook ad. This enables us to measure the effectiveness of Facebook ads for statistical and market research purposes. The data collected in this way is anonymous to us, i.e. we do not see the personal data of individual users.

However, this data is stored and processed by Facebook, which is why we are informing you, based on our knowledge of the situation. Facebook may link this information to your Facebook account and also use it for its own promotional purposes, in accordance with Facebook’s Data Usage Policy https://www.facebook.com/about/privacy/. You can allow Facebook and its partners to place ads on and off Facebook. A cookie may also be stored on your computer for these purposes.

The legal basis for the use of this service is Art. 6 paragraph 1 sentence 1 letter f GDPR. You can object to the collection of your data by Facebook pixel, or to the use of your data for the purpose of displaying Facebook ads by contacting the following address: https://www.facebook.com/settings?tab=ads.

Facebook is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

Facebook and Instagram share infrastructure, systems and technology with other Facebook Companies (which include WhatsApp and Oculus) to provide an innovative, relevant, consistent and safe experience across all Facebook Company Products you use. We also process information about you across the Facebook Companies for these purposes, as permitted by applicable law and in accordance with their terms and policies. For example, we process information from WhatsApp about accounts sending spam on its service so we can take appropriate action against those accounts on Facebook, Instagram or Messenger. We also work to understand how people use and interact with Facebook Company Products, such as understanding the number of unique users on different Facebook Company Products.


SECTION 9 – INTERNATIONAL TRANSFERS

We are based in the U.S. and the information we collect is governed by U.S. law.  If you are accessing Services from outside of the U.S., please be aware that information collected through the Services may be transferred to, processed, stored, and used in the U.S. and other jurisdictions. Data protection laws in the U.S. and other jurisdictions may be different from those of your country of residence. Please review this Privacy Policy Carefully before engaging with our Services.


SECTION 10 – YOUR CHOICES

Account Information 

You may access, update, or remove certain information that you have provided to us through your account by visiting your account settings or sending an email to the email address set out in the Section 16 – Contact Us section below. We may require additional information from you to allow us to confirm your identity. Please note that we will retain and use information about you as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Communications

The following describes your choices related to receiving certain communications with us, including marketing communications:

1 - E-MAILS. 

You can opt-out of receiving promotional emails from us at any time by following the instructions as provided in emails to click on the unsubscribe link, or emailing us at the email address set out in Section 16 – Contact Us below with the word UNSUBSCRIBE in the subject field of the email. 

Please note that you cannot opt-out of non-promotional emails, such as those about your account, transactions, servicing, or Company’s ongoing business relations.

2 - TEXT MESSAGES AND CALLS. 

You can opt-out of receiving text messages or calls to your phone number at any time by (i) for text messages, texting “STOP” in response to any text message you receive from us or contacting us as set out in the “Contact Us” section below and specifying you want to opt-out of text messages; and (ii) for calls, requesting opt-out during any call you receive from us or contacting us as set out in the “Contact Us” section below and specifying you want to opt-out of calls.

Please note that your opt out is limited to the email address, device, and phone number used and will not affect subsequent subscriptions.  

Cookies and Other Tracking Technologies 

The following describes different tracking technology choices related to Cookies and Do Not Track Signals: 

1 - COOKIES

When you first visit this website we ask for your consent to use cookies. You can choose not to accept cookies but please be aware that services you request may not be available. If you delete your cookies or clear your cache, you may be asked to give your consent again. This is because a cookie is usually used to remember the choice you made the first time.

If you wish to revoke your consent to the use of cookies on this website you can either delete the cookies in your browser’s memory or clear your cache.

If you wish to prevent cookies being set before you visit this website, or most other websites, you can set your browser to block cookies. Most browsers allow you to do this in their settings.

You can also visit www.allaboutcookies.org for details on how to delete or reject cookies and for further information on cookies in general.

Deleting cookies does not mean you are permanently opted out of any advertising program. Unless you have settings that disallow cookies, the next time you visit a site running the advertisements, a new cookie will be added.

2 - DO NOT TRACK SIGNALS

Our Websites may, from time to time, collect information about your online activities, over time and across our different websites. When you use our Websites, third parties may also collect information about your online activities, over time and across different internet websites, online or cloud computing services, online applications, or mobile applications. Some browsers support a “Do Not Track” feature, which is intended to be a signal to websites that you do not wish to be tracked across different websites you visit. Our Websites do not currently change the way they operate based upon detection of a “Do Not Track” or similar signal.

For more information on “Do Not Track,” visit http://www.allaboutdnt.com

Please be aware that if you disable or remove tracking technologies some parts of the Service may not function correctly.

Analytics and Interest Based Advertising

Google provides tools to allow you to opt out of the use of certain information collected by Google Analytics at https://tools.google.com/dlpage/gaoptout and by Google Analytics for Display Advertising or the Google Display Network at https://www.google.com/settings/ads/onweb/.  

The companies we work with to provide you with targeted ads are required by us to give you the choice to opt out of receiving targeted ads. Most of these companies are participants of the Digital Advertising Alliance (“DAA”) and/or the Network Advertising Initiative (“NAI”). To learn more about the targeted ads provided by these companies, and how to opt out of receiving certain targeted ads from them, please visit: (i) for website targeted ads from DAA participants, https://www.aboutads.info/choices; (ii) for app targeted ads from DAA participants, https://www.aboutads.info/appchoices; and (iii) for targeted ads from NAI participants, https://www.networkadvertising.org/choices/. Opting out only means that the selected participants should no longer deliver certain targeted ads to you, but does not mean you will no longer receive any targeted content and/or ads (e.g., in connection with the participants’ other customers or from other technology services).

Legal Rights for Certain Residents

Depending on where you reside, you may have certain legal rights in relation to your information. 

  • CA Residents: If you are a resident of California, please see our California Privacy Notice below.

  • UT: If you are a resident of Utah, please see our U.S. “Controller” Privacy Notice below.

  • Nevada Residents: If you are a resident of Nevada, please see our Nevada Privacy Notice below.

  • European Residents: If you are a resident of Europe, including a member state of the European Union or the United Kingdom, please see our Non-US Privacy Notice below.

For more information about how to exercise applicable legal rights under a respective law, please see Section 20 - Exercising Legal Rights Requests below. 


SECTION 11 – CHILDREN

Our Services are not directed towards, nor was it designed to attract the attention of any children, and we do not knowingly collect or maintain personal information from any person under the age of thirteen. 


SECTION 12 – LINKS TO THIRD PARTY SITES

Our Websites and Services may contain links to third party websites and services. Please note that these links are provided for your convenience and information, and the websites and services may operate independently from us and have their own privacy policies or notices, which we strongly suggest you review.


SECTION 13 – CHANGES TO THIS PRIVACY POLICY

We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.

If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.


SECTION 14 – CONTACT US

If you have any questions about the ways in which we collect and use your personal information, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us.

To help us improve our privacy policy and practice, please give us your feedback. You may email us at info@beachriot.com or call us at +1 888-891-1937.


SECTION 15 – YOUR CALIFORNIA PRIVACY RIGHTS

The following disclosures are made pursuant to the California Consumer Privacy Act, as amended by the California Privacy Rights Act and its implementing regulations (collectively, the “CCPA”). 

Definitions

  • Personal information. This is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to you or your household.

  • Sensitive personal information. This is information such as your social security number, driver’s license number, state identification card, passport number, account log-in and password, financial account and password, debit or credit card number and access code, precise geolocation information, race, ethnic origin, religious or philosophical beliefs, union membership, the content of your mail, email or texts other than those communications you have with us, genetic data, biometric information, health information, or information that concerns your sex life or sexual orientation.

  • Sell, sale, or sold. This means the selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or other means, your personal information to a third party for money or other valuable consideration.

  • Share, shared, or sharing. This means the sharing, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or other means, your personal information to a third party for cross-context behavioral advertising, whether or not for monetary or other valuable consideration.

Your Rights

You or an authorized agent you designate on your behalf may submit the individual requests outlined below. Upon receipt, we will take reasonable steps to verify you and your authorized agent’s identity prior to responding to the request, which may include in certain circumstances you signing a declaration under penalty of perjury. If an authorized agent is submitting a request on your behalf, you must submit a copy of: (1) a written authorization demonstrating you have authorized the agent to submit a request on your behalf; and (2) provide separate proof verifying your identity. 

  • Right to Know. You have a have a right to request that we disclose, subject to certain exceptions, information concerning: (1) the categories of personal information we have collected from or about you; (2) the categories of sources from which we have collected that personal information, and the business or commercial purpose for the collection; (3) the categories of third parties with whom we have shared, sold, or disclosed your personal information, including the business or commercial purpose for said sharing, selling, or disclosure; and (4) specific pieces of your personal information, subject to appropriate exceptions.

  • Right to Delete. You have a right to request that we delete your personal information, subject to certain exceptions. 

  • Right to Correct. You have a right to request that we correct your personal information, subject to certain exceptions.

  • Right to Opt-Out of the Sale or Sharing of Personal Information. Certain of our online tracking technologies may be considered a “sale” or a “share” of your information to third parties under the CCPA. Visitors to our Websites can therefore opt-out of being tracked by these technologies by sending an e-mail to info@beachriot.com

We have no actual knowledge that we sell the personal information of California residents who are under 16 years of age. You may also opt-out by using an opt-out preference signal, such as the Global Privacy Control (GPC) on your browser. To download and use a browser supporting the GPC, you may click here. If you choose the GPC signal, you will need to turn it on for each supported browser or browser extension you use.  

  • Right to Non-Discrimination. You have a right to exercise the above rights without being discriminated against under the CCPA.

  • Exercising Your Rights. To submit a request, you may send an e-mail to info @beachriot.com. You may also designate an authorized agent to submit a request on your behalf by sending an e-mail with written proof of such authorization to info @beachriot.com

  • Responding To Requests. Once you have submitted your request, we will respond within the time frame permitted by applicable law. 

Notice of Collection

To learn more about the categories of personal information we collect about California residents, please see Section 1 – What Information Do We Collect? provided above. 

For more information about how we use those categories of personal information, please see Section 3 – How Do We Use Your Information? as above. 

For more information about how we collect categories of personal information, please see Section 2 – How Do We Collect Your Information? and Section 7 – Cookies, Tracking Technologies, Advertising and Analytics and Section 8 – Behavioral Marketing and Advertising above. 

To learn more about how we disclose categories of personal information, and the categories of third parties with whom we disclose such information, please see Section 4 – When Do We Disclose Your Information? above.

To learn more about how long we keep your information, please see Section 6 - Security and Data Retention above.

Notice of Disclosure for a Business Purpose

To learn more about the categories personal information we have disclosed for a business purpose, and the categories of third parties with whom we’ve disclosed such information, please see When Do We Disclose Your Information? above. 

Notice of Sale or Sharing of Personal Information

Certain of our online tracking technologies may be considered a “sale” or a “share” of your information to third parties under the CCPA. The categories of personal information we may “sell” or “share” in these circumstances includes your IP address, persistent online identifiers, ad identifiers, similar information about your devices and browsers, and information about your engagement with our Websites, Products, and Communications. We have no actual knowledge that we sell the personal information of California residents who are under 16 years of age.

Notice of Use of Sensitive Personal Information

We do not use California resident sensitive personal information for any purpose other than is permissible under the CCPA. Specifically, we do not use sensitive personal information of California residents to derive characteristics about California residents.

Notice of Financial Incentives 

We offer our customers a discounts for signing up to our marketing program and providing us their email address (collectively, the “Program”). Because our Programs involve the collection of personal information and offering of certain benefits, the Program may be interpreted as a “financial incentive” program under the CCPA. The value of your personal information to us is related to the value of the discounted products or services, or other benefits that you obtain or that are provided as part of the applicable Program, less the expense related to offering those products, services, and benefits to Program participants.

California’s “Shine The Light” Law

If you are a California resident and customer of ours, you have the right to request information from us once per calendar year regarding the customer information we share with third parties for the third parties’ direct marketing purposes. To request this information, please send an email to info@beachriot.com with ‘Request for California Privacy Information’ in the subject line and in the body of your message. We will provide the requested information to you via an email response.

California’s “Eraser Button” Law 

If you are a California resident under 18 years old and a registered user of the Site (as defined above), you can request that we remove content or information that you have posted to our website or other online services. Fulfillment of the request may not ensure complete or comprehensive removal (e.g., if the content or information has been reposted by another user). To request removal of content or information, please contact us at info@beachriot.com.


SECTION 16 – U.S. “Controller” Privacy Notice

Applicable State Laws

Certain applicable states outside of California, including Utah, have laws in place that apply to us and grant you additional rights with respect to your information. When such state law applies, then this section sets out your additional rights. 

If you believe you live in a state that should apply and is not listed here, please reach out to us at info@beachriot.com with your questions and we can confirm the applicability of this section and any rights you may have. 

Notice of Collection

To learn more about the categories of personal information we collect about you and how we use it, please see Section 1 – What Information Do We Collect? and Section 3 – How Do We Use Your Information? above. To learn more about the categories of third parties with whom we may share your personal information, please see Section 4 – When Do We Disclose Your Information? section above.

Your Legal Rights Under Applicable States

If you are a resident of Montana or Utah or another state where a similar heightened privacy law is applicable, you have the following rights enumerated under the applicable law: 

  • Right to Know and Access. You have a right to request that we disclose what personal information we’ve collected about you. 

  • Right to Delete. You have a right to request that we delete your personal information. 

  • Right to Correct. You have a right to ask that we correct the personal information we have about you, subject to certain exceptions. 

  • Right to Opt-Out. You have a right to opt-out of the sale or use of your personal information for targeted advertising or profiling. 

  • Right to Non-Discrimination. You have a right not to be discriminated against for the exercise of your rights described herein.

To exercise any of these rights, please see Section 20 - Exercising Legal Rights Requests below.

If you are a California resident, please see Section 16 – Your California Privacy Rights above for your specific rights under California law which may differ from the above rights. 


Section 17 –Nevada Privacy Notice

If you are a Nevada resident, you have the right to submit a request directing us not to make any sale of your personal information. We do not sell your personal information for money. However, to request email confirmation that we will not sell your personal information in the future, please send an email to info@beachriot.com with “Nevada Opt-Out” in the subject line and in the body of your message.


Section 18 – Europe PRIVACY NOTICE

Role and Data Controller Contact Details

The General Data Protection Regulation  and similar data protection laws in Europe  like the Data Protection Act 2018 in the United Kingdom (collectively referred to herein as the “GDPR”), distinguish between organizations that process personal information for their own purposes (known as “controllers”) and organizations that process personal information on behalf of other organizations (known as “processors”).

We act as a controller with respect to personal information collected from you as you engage with our Websites, Offices, Services or via Communications with us. If you have questions with respect to our processing of your information as a controller, you can contact us by email at the email address set forth in Section 15 - Contact Us above.

Lawful Basis for Processing

The GDPR and data protection laws in Europe require a “lawful basis” for processing personal information. Our lawful bases include the following:

  • To fulfill obligations in the agreement between you and Company. To use our Websites or Services, you and Company entered into an agreement under the applicable terms of use, and in order for us to fulfill our obligations with respect to providing our Websites or Services under such agreement, we must collect your personal information to provide the necessary functionality. The information we collect and how it is used by us is further detailed in the sections entitled Section 1 – What Information Do We Collect? and Section 3 – How Do We Use Your Information? above. 

  • To pursue our legitimate interests. Our legitimate interests include, among others, understanding how our Websites or Services are functioning, improving our Websites or Services, developing new products and services, and preventing fraud. To pursue the foregoing, we process personal information. Where we rely on a legitimate interest to process personal information, we carry out a balancing test to weigh the legitimate interest against your right to protection of your personal information; however, our processing of your personal information will never override your fundamental rights and freedoms, and you can always exercise your right to object to such processing.

  • Consent. In certain situations where you provide us with consent, we may process your personal information.

  • To comply with law. In limited circumstances, we may process personal information in order to comply with legal obligations. To the extent we have received such information from third parties with whom we have agreed to certain contractual requirements or obligations (e.g., standard contractual clauses), we will use our reasonable efforts to dispute the disclosure of personal information, unless legally required to do so.

Your Data Subject Rights

Your Rights. If you are a data subject under the GDPR, subject to certain conditions, you have the right to: 

  • Access, rectify, or erase any personal information we process about you;

  • Data portability – that is, asking us to transfer your personal information to any third party of your choice;

  • Restrict or object to our processing of your personal information; and

  • Where applicable, withdraw your consent at any time for any processing of your personal information.

To exercise your rights, please see the Section 20 - Exercising Legal Rights Requests below. 

Complaints

If you have a complaint about our use of your personal information or our response to your request(s) regarding your personal information, you may submit a complaint to the Data Protection Supervisory Authority in your jurisdiction. We would, however, appreciate the opportunity to address your concerns before you approach a data protection regulator and welcome you to first direct an inquiry to us.

In addition to our contact details set out above, you can also contact our Designated Individual Overseeing Compliance of this Privacy Policy by emailing info@beachriot.com or writing us at:

[INSERT ADDRESS]

[EU Representative: ____________ ]


SECTION 19 – Exercising Legal Rights Requests

If you are a resident of California, Utah, or Europe, you may exercise your respective legal rights in accordance with the below procedures. 

Verification Requirements

For certain requests, we may require specific information from you to help us verify your identity and process your request. Depending on your request, we will ask for information such as your name, or an e-mail address that you have used with us. For certain requests, we may also ask you to provide details about the most recent purchase you made. If we are unable to verify your identity, we may deny your requests to know or delete.

Right to Know, Access and Deletion Requests

If you a resident of a jurisdiction that provides you with heightened legal rights to your personal information, you may exercise your right to know, access or delete information through any of the following means: 

In the request, please specify which right you are seeking to exercise and the scope of the request. 

There are certain circumstances where applicable law allows us to retain certain information and we will not be able to delete such information. In such instances, we will inform you of what information cannot be deleted. 

Correction Requests

You can correct information related to your account by:

Right to Opt-Out of Sale, Profiling, and Context-Based Behavioral Advertising

To opt out of use of your personal information in a manner that constitutes a sale, profiling, or context-based behavioral advertising, or other similar type of sharing under applicable law, please click the link Do Not Sell My Information, or otherwise email us at info@beachriot.com

Authorized Agents

Residents of California may designate an authorized agent to submit a request on your behalf to access or delete your personal information. To do so, you must: (1) provide that authorized agent written and signed permission to submit such request; and (2) verify your own identity directly with us. Please note, we may deny a request from an authorized agent that does not submit proof that they have been authorized by you to act on your behalf.

Responding to Requests

Requests properly submitted will be responded to within the required period under applicable law. If a request is deficient, we may deny the request but will use reasonable efforts to explain the deficiency in the request so that you may correct the request. Please note that we may charge a reasonable fee for multiple requests in the same 12-month period, as permitted by applicable law.