Scratch Foundation & Shop – Privacy Policy

Scratch Foundation & Shop – Privacy Policy can be found here: https://shop.scratchfoundation.org/policies/privacy-policy

Last updated: August 4, 2025

Scratch Foundation operates this store and website (“Scratch Website” or “Website”), including all related information, content, features, tools, products and services, in order to provide you, the customer and donor, with a curated shopping experience (the "Services"). Scratch Foundation is powered by Shopify, which enables us to provide the Services to you. This Privacy Policy describes how we collect, use, and disclose your personal information when you visit, use, or make a purchase, donation, or other transaction using the Services or otherwise communicate with us. If there is a conflict between our Terms of Service and this Privacy Policy, this Privacy Policy controls with respect to the collection, processing, and disclosure of your personal information.

Please read this Privacy Policy carefully. By using and accessing any of the Services, you acknowledge that you have read this Privacy Policy and understand the collection, use, and disclosure of your information as described in this Privacy Policy.

Personal Information We Collect or Process

When we use the term "personal information," we are referring to information that identifies or can reasonably be linked to you or another person. Personal information does not include information that is collected anonymously or that has been de-identified, so that it cannot identify or be reasonably linked to you. We may collect or process the following categories of personal information, including inferences drawn from this personal information, depending on how you interact with the Services, where you live, and as permitted or required by applicable law:

• Contact details including your name, address, billing address, shipping address, phone number, and email address.
• Account information including your username, password, security questions, preferences and settings.
• Transaction information including the items you view, put in your cart, add to your wishlist, or purchase, return, exchange or cancel and your past transactions.
• Communications with us including the information you include in communications with us, for example, when sending a customer support inquiry.
• Device information including information about your device, browser, or network connection, your IP address, and other unique identifiers.
• Usage information including information regarding your interaction with the Services, including how and when you interact with or navigate the Services.
• Information collected from cookies and other similar technologies. When you use the Scratch Website, other sites and companies may use third-party cookies, beacons, invisible tags, unique IDs and similar technologies (collectively “Cookies”) to automatically record certain Personal Information from your browser or device. A Cookie is a small piece of data that a website stores on your device when you visit. They help us improve your user experience and enable specific functionality on this Website. For example, Cookies may collect information such as your IP address, network location, web server logs, what browser you are using, device IDs and characteristics, operating system version, browser language settings, referring URLs, and Personal Information about the usage of the Scratch Website. For further information, please see the section below headed “Cookies and Other Tracking Technologies”. 

Personal Information Sources

We may collect personal information from the following sources:

• Directly from you including when you create an account, visit or use the Services, communicate with us, or otherwise provide us with your personal information;
• Automatically through the Services including from your device when you use our products or services or visit our websites, and through the use of Cookies and similar technologies;
• From our service providers including when we engage them to enable certain technology and when they collect or process your personal information on our behalf;
• From our partners or other third parties.

How We Use Your Personal Information

Depending on how you interact with us or which of the Services you use, we may use personal information for the following purposes:

• Provide, Tailor, and Improve the Services. We use your personal information to provide you with the Services, including to perform our contract with you, to fulfill your orders and donations, to remember your preferences and items you are interested in, to send notifications to you related to your account, to process purchases, returns, exchanges or other transactions, to create, maintain and otherwise manage your account, to arrange for shipping, to facilitate any returns and exchanges, to enable you to post reviews, and to create a customized shopping experience for you, such as recommending products related to your purchases. This may include using your personal information to better tailor and improve the Services.
• Marketing and Advertising. We use your personal information for marketing and promotional purposes, such as to send marketing, advertising and promotional communications by email, text message or postal mail, and to show you online advertisements for products or services on the Services or other websites, including based on items you previously have purchased or added to your cart and other activity on the Services.
• Security and Fraud Prevention. We use your personal information to authenticate your account, to provide a secure payment and shopping experience, detect, investigate or take action regarding possible fraudulent, illegal, unsafe, or malicious activity, protect public safety, and to secure our services. If you choose to use the Services and register an account, you are responsible for keeping your account credentials safe. We highly recommend that you do not share your username, password or other access details with anyone else.
• Communicating with You. We use your personal information to provide you with customer support, to be responsive to you, to provide effective services to you and to maintain our business relationship with you.
• Legal Reasons. We use your personal information to comply with applicable law or respond to valid legal process, including requests from law enforcement or government agencies, to investigate or participate in civil discovery, potential or actual litigation, or other adversarial legal proceedings, and to enforce or investigate potential violations of our terms or policies.

How We Disclose Personal Information

In certain circumstances, we may disclose your personal information to third parties for legitimate purposes subject to this Privacy Policy. Such circumstances may include:

• With Shopify, vendors and other third parties who perform services on our behalf (e.g. IT management, payment processing, data analytics, customer support, cloud storage, fulfillment and shipping). For instance, we use analytics services such as Google Analytics to collect and process certain analytics data. You can learn more about Google’s practices by visiting https://www.google.com/policies/privacy/partners/.
• With business and marketing partners to provide marketing services and advertise to you. For example, we use Shopify to support personalized advertising with third-party services based on your online activity with different merchants and websites. Our business and marketing partners will use your information in accordance with their own privacy notices. Depending on where you reside, you may have a right to direct us not to share information about you to show you targeted advertisements and marketing based on your online activity with different merchants and websites. 
• When you direct, request us or otherwise consent to our disclosure of certain information to third parties, such as to ship you products or through your use of social media widgets or login integrations.
• With our affiliates.
• In connection with a business transaction such as a merger or bankruptcy, to comply with any applicable legal obligations (including to respond to subpoenas, search warrants and similar requests), to enforce any applicable terms of service or policies, and to protect or defend the Services, our rights, and the rights of our users or others.

Cookies and Other Tracking Technologies 

Cookies set by the website you are visiting are normally referred to as “first-party cookies”, and typically only track your activity on that particular site. Cookies set by other sites and companies (i.e. third-parties) are called “third-party cookies”, and can be used to track you on other websites that use the same third-party service. The Cookies placed through your use of our Website are set by third parties only. 

These third parties use both persistent Cookies and session Cookies. Persistent Cookies stay on your device for a set period of time or until you delete them, while session Cookies are deleted once you close your web browser. 

Strictly Necessary Cookies

These Cookies are strictly necessary for the Website to function and cannot be switched off in our systems. They are usually only set in response to your actions which amount to a request for services, such as setting your privacy preferences, or filling in forms. They are also used to protect our Website against unauthorized access, combat fraud and other activity that violates our policies or otherwise degrades our ability to provide the Website. 

Analytics Cookies

Our third party partners also use Cookies for analytics purposes to better understand how you use our Website, to measure the effectiveness of our customer communications, to diagnose and fix technology problems, and otherwise enhance our Website. These Cookies allow third parties to count visits and traffic sources to measure and improve the performance of the Website. All information these Cookies collect is aggregated and therefore anonymous. If you do not allow these Cookies, neither we nor any third party will know when you have visited our Website, and will not be able to monitor its performance.

Personalization Cookies

These Cookies enable our Website to provide enhanced functionality and personalization. If you do not allow these Cookies then some or all of these services may not function properly. These Cookies allow us to operate certain functions of our Website according to your preferences. Deletion of these types of Cookies will result in limited functionality of our Website and a less personalized experience. 

Advertising Cookies

These Cookies may be set through our Website by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly identifiable personal information but are based on uniquely identifying your browser and internet device. If you do not allow these Cookies, you will experience less targeted advertising.

Cookies On Our Website 

The table below explains in more detail the types of cookies we use and why: 

How You Can Manage Cookies

Scratch is committed to offering you meaningful privacy choices. You have a number of options to object, control or limit how we, our partners, and other third parties use Cookies. You can block Cookies through the mechanisms described below. However, note that Cookies are important to many aspects of our Services. If you disable all Cookies or do not consent to our use of Cookies, you may not be able to enjoy all features of our Services. 

Where Cookies are not strictly necessary for our Services to function, we will ask you to consent to our use of Cookies when you first visit our Website or use our platform. Consent can be provided or revoked by changing your settings in the cookie banner. 

Moreover, if you do not wish to accept Cookies from us, you can instruct your browser to refuse Cookies from our Website. Most browsers are configured to accept Cookies by default, but you can update these settings to either refuse Cookies altogether, or to notify you when a website is trying to set or update a Cookie. Most browsers allow you to control your Cookie settings so that you can: 

• View your Cookies or other locally stored data and delete them on an individual basis;
• Block first-party and/or third-party Cookies or similar technology;
• Block all Cookies or similar technologies from being set; or
• Delete all Cookies or similar technologies when you close your browser.

To get information on how to update such settings, you may visit one of the following pages, or another page, depending on your browser:

• Google Chrome: https://support.google.com/chrome/answer/95647?hl=en 
• Apple Safari: https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac 
• Internet Explorer: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
• Microsoft Edge: https://support.microsoft.com/en-gb/help/4027947/microsoft-edge-delete-cookies 
• Mozilla Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer 
• Opera: https://help.opera.com/en/latest/web-preferences/

Legal Grounds for Processing Your Personal Information 

If you are located in the European Economic Area, the United Kingdom or Switzerland, we only process your Personal Information based on a valid legal ground. A “legal ground” is a reason that justifies our use of your Personal Information. We may use different legal grounds, such as:

• You have consented to the use of your personal information, for example, to receive electronic marketing communications;
• Where it is necessary to give effect to a contract between you and us, for example when you subscribe to our Services, or otherwise accept our Terms of Service;
• We have a legal obligation to use your personal information; or
• We or a third party have a legitimate interest in using your personal information, provided that our interest is not overridden by your rights and interests. We may rely on this legal basis to, for example, fulfil your orders, manage customer relationships, keep business records, respond to unsolicited communications from you, assert our legal rights and obtain professional advice.

Relationship with Shopify

The Services are hosted by Shopify, which collects and processes personal information about your access to and use of the Services in order to provide and improve the Services for you. Information you submit to the Services will be transmitted to and shared with Shopify as well as third parties that may be located in countries other than where you reside, in order to provide and improve the Services for you. In addition, to help protect, grow, and improve our business, we use certain Shopify enhanced features that incorporate data and information obtained from your interactions with our Store, along with other merchants and with Shopify. To provide these enhanced features, Shopify may make use of personal information collected about your interactions with our store, along with other merchants, and with Shopify. In these circumstances, Shopify is responsible for the processing of your personal information, including for responding to your requests to exercise your rights over use of your personal information for these purposes. To learn more about how Shopify uses your personal information and any rights you may have, you can visit the Shopify Consumer Privacy Policy. Depending on where you live, you may exercise certain rights with respect to your personal information here Shopify Privacy Portal Link.

Third Party Websites and Links

The Services may provide links to websites or other online platforms operated by third parties. If you follow links to sites not affiliated or controlled by us, you should review their privacy and security policies and other terms and conditions. We do not guarantee and are not responsible for the privacy or security of such sites, including the accuracy, completeness, or reliability of information found on these sites. Information you provide on public or semi-public venues, including information you share on third-party social networking platforms may also be viewable by other users of the Services and/or users of those third-party platforms without limitation as to its use by us or by a third party. Our inclusion of such links does not, by itself, imply any endorsement of the content on such platforms or of their owners or operators, except as disclosed on the Services.

Children's Data

The Services are not intended to be used by children, and we do not knowingly collect any personal information about children under the age of majority in your jurisdiction. If you are the parent or guardian of a child who has provided us with their personal information, you may contact us using the contact details set out below to request that it be deleted. 

Security and Retention of Your Information

Please be aware that no security measures are perfect or impenetrable, and we cannot guarantee "perfect security." In addition, any information you send to us may not be secure while in transit. We recommend that you do not use unsecure channels to communicate sensitive or confidential information to us.

How long we retain your personal information depends on different factors, such as whether we need the information to maintain your account, to provide you with Services, comply with legal obligations, resolve disputes or enforce other applicable contracts and policies.

Your Rights and Choices

If you reside in the European Economic Area, Switzerland or the UK (together ‘Europe’) and subject to exceptions and limitations provided by local law, you may exercise the following rights:

• Right to Information and Access. You may have a right to be informed about our processing of, and request access to, personal information that we hold about you.
• Right to Delete. You may have a right to request that we delete personal information we maintain about you.
• Right to Correct. You may have a right to request that we correct inaccurate personal information we maintain about you.
• Right of Portability. You may have a right to receive a copy of the personal information we hold about you and to request that we transfer it to a third party, in certain circumstances and with certain exceptions.
• Objection to Processing and Restriction of Processing: You may have the right to ask us to stop or restrict our processing of personal information for certain purposes.
• Withdrawal of Consent: Where we rely on consent to process your personal information, you have the right to withdraw this consent. If you withdraw your consent, this will not affect the lawfulness of any processing based on your consent before its withdrawal.

In addition, we may send you promotional emails, and you may opt out of receiving these at any time by using the unsubscribe option displayed in our emails to you. If you opt out, we may still send you non-promotional emails, such as those about your account or orders that you have made.

You may exercise any of these rights where indicated on the Services or by contacting us using the contact details provided below. To learn more about how Shopify uses your personal information and any rights you may have, including rights related to data processed by Shopify, you can visit https://privacy.shopify.com/en.

Complaints

If you have complaints about how we process your personal information, please contact us using the contact details provided below. Depending on where you live, you may have the right to appeal our decision by contacting us using the contact details set out below, or lodge your complaint with your local data protection authority, including in your country of residence, place of work or where an incident took place. 

International Transfers

Please note that we may transfer, store and process your personal information outside the country you live in.

If we transfer your personal information out of Europe, we will rely on recognized transfer mechanisms like the European Commission's Standard Contractual Clauses, or any equivalent contracts issued by the relevant competent authority of the UK or Switzerland, as relevant, unless the data transfer is to a country that has been determined to provide an adequate level of protection. For more information about how we transfer outside Europe, or to obtain a copy of the contractual safeguards we use for such transfers, you may contact us using the contact details as indicated in the contact section below.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time, including to reflect changes to our practices or for other operational, legal, or regulatory reasons. We will post the revised Privacy Policy on this Website, update the "Last updated" date and provide notice as required by applicable law.

Contact

Should you have any questions about our privacy practices or this Privacy Policy, or if you would like to exercise any of the rights available to you, please call or email us at shop@scratch.org or contact us at 459 Columbus Avenue Unit #1112, New York, NY 10024, U.S. For the purpose of applicable data protection laws, we are the data controller of your personal information.

Alternatively, if you are based in Europe, you may contact our representative, which we have appointed pursuant to Article 27 of the EU and UK GDPR and Article 14 of the Swiss Federal Act on Data Protection, using the details below: