Privacy Policy
Who we are
We are Maven Industrial Supply, Incorporated (“Maven”, “Maven Industrial Supply, Inc.” herein). Our website address is: https://mavenindustrial.com and our office is located in Chatsworth California. We sell industrial tooling and other consumable supplies.
What personal data we collect and why
Shopping Information
While you visit our site, we’ll track products you’ve viewed in order to build up your own “Recently Viewed” product listing. We will also collect information about your Location, billing and/or shipping address which will be used to estimate shipping and tax before you place an order, and of course for sending you the order.
When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information so as to:
- Send you information about your account and order(s)
- Respond to your requests, including refunds and complaints
- Verify processed payments and prevent fraud
- Process and ship your order(s)
- Set up your account for our store
- Comply with any legal obligations we have, such as calculating taxes
- Improve our store offerings and visitor experience
- Send you marketing messages, if you choose to receive them
If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.
We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. We may store order information indefinitely for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.
Payment Card Information
Maven does not store payment card information on it’s server. All payment information is passed to our payment processor, Authorize.net, for the purposes of processing order payments. Customer payment card information is securely managed by Authorize.net and is not made available to accounting or sales associates. Accounting associates have access to review processed payments in order to verify order status or process refunds.
Comments & Reviews
When visitors leave comments or reviews on the site we collect the data shown in the comments or reviews form, and also the visitor’s IP address and browser user-agent string to help with spam detection, and for analytical purpose.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment or review, your profile picture is visible to the public in the context of your comment or review.
Contact forms
Our website provides a contact form which collects the data requested in the form, and also the IP and user-agent string for use in spam detection. The data provided via the form is not stored in our website or a database, but will be included in an email message to the selected department address. No information collected from the contact form will be stored or used for future marketing or analytical purposes. We may keep the generated emails indefinitely for our records, but electronic messages may also be deleted after response is made and no further contact is necessary.
Cookies
When you visit our site we will set several cookies to help identify your online session and provide shopping cart functionality on a per-visitor basis.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
Embedded content from other websites
Some content on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
We make use of Google ReCAPTCHA for anti-bot verification on most forms on our website. This will embed scripts and data served by Google into various pages. Google may set their own cookies and collect analytics on these pages. Please see the Google Privacy Policy and Terms of Service for more details.
Analytics
Our website uses several forms of analytics, both local and third-party. These analytic systems collect information about your requests to our server and actions you might take while visiting our website. This information includes the page URI, your referrer, your IP address, your browser user-agent string, as well as information about interactions you make on our pages. We use the data collected from our analytics to understand where and how our site is used, in order to improve our online shop and the services we provide.
Maven makes use of Google Analytics. Data in Google Analytics is retained for up to 5 years. Please see Google’s Privacy Policy for more information on how they maintain the analytics data. Our use of Google Analytics allows us to collect information on visitor interests when users are logged into a Google account and are opted into personalized Ads options which would share this data with us.
Who we share your data with
Currently, our only third-party services are those provided by Authorize.net for payment information processing. All payment information is stored and processed within their services. All of the information transmitted to and from Authorize.net uses SSL/TLS encrypted connections.
Members of our team have access to the order and account information you provide us. Administrators and Shop Managers can access:
- Order information like what was purchased, when it was purchased and where it should be sent, and
- Customer information like your name, email address, and billing and shipping information.
Our team members have access to this information to help fulfill orders, process refunds and support you. Your full payment details are handled only by Authorize.net and are not visible to our team through our shop system.
Additionally, your name and shipping address will be shared with our shipping service to handle the shipment of your order.
How long we retain your data
If you leave a comment or a review, the message and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website, we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators and managers can also see and edit that information.
Data collected via our local analytical systems may be stored indefinitely or until such time as the records are deemed unnecessary by our administrative team.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments, reviews, and contact form submissions may be checked through an automated spam detection service. We currently do not make use of third party spam services for checking submissions. Information contained in generated emails may be subject to checking via automatic spam detection systems both local and third-party.
Privacy policy contact
For privacy and personal data related concerns, please contact our website administrators using the Contact Us page and selecting the Webmaster department.
Additional information
How we protect your data
Privacy and security is very important to us. Our online services use secure connections (SSL/TLS) both to and from our website and with third-party service providers. Our system is protected using intrusion detection and prevention systems in addition to application firewalls. Security related software and processes are updated regularly and all activities by managers and administrators is logged for accountability.
While making purchases, all customer payment information is handled via secure integration with Authorize.net. Card information is sent directly to Authorize.net and is never stored on our servers.
Our website uses SSL Certificates provided by Let’s Encrypt, and we opt to use 4096-bit keys. To maximize user security, we make use of DNSSEC to secure our DNS records from manipulation. Allowing us to provide DNS records like TLSA to verify certificates presented by our services as well as other verification and policy records according to modern best practices.
What data breach procedures we have in place
Maven’s online systems utilize tools to track activity within our web service and our host service. Any attempted access to a service or account within our system will generate a number of notices to inform administrative personnel about the activity. These notices will be investigated for suspect activity. If suspect activity is identified as a threat, quick action will be taken to block the offending party in whatever means is deemed necessary by our administration. Our system also makes use of some automatic detection and blocking of suspect activity against services or accounts within our platform to allow our administrative personnel time to accurately assess and deal with possible threats.
In the event of a data breach, Maven IT administration will assess the severity of the event and take steps to inform any impacted parties about the nature of the data breach. Depending on the level of severity, the services may be temporarily suspended and the website or affected service will be rebuilt from known-good sources as needed.
What third parties we receive data from
Maven uses data provided by freely available spam and malicious agent block list services as well as data collected from publicly available repositories for use in our anti-spam, and web automation blocking systems. This data is manually processed and curated for our deployment, to enable decoupling our services from third parties that we cannot control.
Our system receives data from our payment processor to update the status of orders in our system, and may send notification to our payment processor regarding the status of a transaction. These exchanges never contain payment card information, typically just enough meta data to associate an order to a transaction, as provided by Authorize.net payment gateway API services.
Beyond this, we make use of some in-page services provided by Google APIs, Google ReCAPTCHA, and Google Analytics. These third-party integrations enable us to display map data, provide extra automation prevention challenges for our forms, and collect data on the performance and usage of our website.
What automated decision making and/or profiling we do with user data
Much of the data submitted on our site is checked for spam or spam-like characteristics. This may result in false positives from time to time, but will not result in automatic submission to spam or abuse tracking services as a spammer.
When users submit payment information via Authorize.net payment form on our checkout page, that payment information may be subject to automatic fraud checking performed by the payment processor. We have no control over the outcome of this processing, and may automatically deny or cancel an order if a transaction is deemed fraudulent by Authorize.net and their processing.