Legality
California Privacy Statements & Policy
Last Updated: February 20, 2023
Statement — The California Consumer Privacy Act (CCPA)
As of January 1, 2020, certain businesses are required to comply with the California Consumer Privacy Act of 2018 (CCPA), and according to the official website of the California Privacy Protection Agency which oversees the implementation and enforcement of privacy laws in the State of California, the CCPA applies to for-profit businesses that do business in California and meet any of the following:
- Have a gross annual revenue of over $25 million.
- Buy, receive, or sell the personal information of 100,000 or more California residents, households, or devices.
- Derive 50% or more of annual revenue from selling California residents’ personal information.
Currently, The Mystichrome Cobra Authority is not a for-profit business, and we are not and never will be in the business of buying, selling, or sharing personal information. Therefore, we do not meet any of the above criteria. Furthermore, according to the above-referenced website, the CCPA generally does not apply to nonprofit organizations.
Statement — Proposition 24, the California Privacy Rights Act (CPRA)
As of January 1, 2023, certain businesses are required to comply with the CCPA amendment known as Proposition 24, the California Privacy Rights Act of 2020 (CPRA). The amended law applies only to businesses that are connected to California by either operating from California or offering products or services to residents of California, and such businesses must meet at least one of the following thresholds:
- Have an annual gross revenue (from January to December) of $25 million or more.
- Buy, sell, or share with third parties the personal information of at least 100,000 California residents of households.
- Derive at least 50% of annual revenue from selling or sharing personal information.
Again, The Mystichrome Cobra Authority is not a for-profit business, and we are not and never will be in the business of buying, selling, or sharing personal information. Therefore, we do not meet any of the above criteria. As the CPRA is an amendment to the CCPA, it also does not apply to nonprofit organizations.
Privacy Policy — California Online Privacy Protection Act (CalOPPA)
The California Online Privacy Protection Act of 2003 (CalOPPA), effective as of July 1, 2004, and amended in 2013, was the first state law in the United States of America requiring commercial websites on the World Wide Web and online services to include a privacy policy on their website. According to this California law, under the Business and Professions Code, Division 8 Special Business Regulations, Chapter 22 Internet Privacy Requirements, operators of such websites that collect Personally Identifiable Information (“PII”) from California’s residents are required to conspicuously post and comply with a privacy policy that meets specific requirements. A website operator who fails to post their privacy policy within 30 days after being notified about noncompliance will be deemed in violation. PII includes information such as name, street address, email address, phone number, date of birth, Social Security number, or other details about a person that could allow them to be contacted physically or online.
Due to the fact that The Mystichrome Cobra Authority (“we”, “us”, or “our”) is a business entity that is based in the State of California, United States of America, and operates the online service website at https://www.mystichrome.com (the “Site”), we are obligated to make additional policy statements regarding CalOPPA because we collect certain PII from the following three types of interested parties (collectively, “Users”) at our Site: (1.) Users who own a Mystichrome Cobra and register an account on our Site to transact business and make use of the various services offered by The Mystichrome Cobra Authority due to their more privileged User role (collectively, “Services”) (“Mystichrome Cobra Owners”), (2.) Users who do not own a Mystichrome Cobra and register an account on our Site to make use of minimal Services due to their vehicle ownership status and restricted User role (“General Enthusiasts”), and (3.) Users who visit our Site without registering an account (“Visitors”). We respect the privacy rights of our Users, and we will never sell, disclose, transfer, give away, or share with any third parties the PII of any of our registered Users. We understand the importance of taking strong measures to safeguard this information to maintain trust and integrity, especially when conducting business.
This CalOPPA Privacy Policy builds upon our general Privacy Policy and describes our policies and procedures on the collection, use, and disclosure of User’s PII when our services are used and your privacy rights and protection under the law. We use your PII to provide and improve our Services, and by using our Services, you agree to the collection and use of PII in accordance with this CalOPPA Privacy Policy.
Interpretation & Definitions
Interpretation
The words of which the initial letter is capitalized have meanings defined under the following conditions, and the following definitions shall have the same meaning regardless of whether they appear in singular, in plural, or in the possessive of each form.
Definitions
- “Account” means a unique Account created for you to access our Services or parts of our Services depending on your assumed User role.
- “Company” (referred to as “the Company”, “we”, “us”, or “our”) means The Mystichrome Cobra Authority.
- “Cookies” are small files that are placed on a computer, mobile Device, or any other Device by a website, containing the browsing details and history on that website among its many uses.
- “Country” is the sovereign nation of the Company and refers to The United States of America.
- “Device” means any electronic Device that can access the Services such as a computer, cell phone, or digital tablet.
- “Do Not Track” or “DNT” is a concept that has been promoted by U.S. regulatory authorities, in particular the U.S. Federal Trade Commission (FTC), for the Internet industry to develop and implement a mechanism for allowing Internet Users to control the tracking of their online activities across websites.
- “General Enthusiast” means any User who does not own a Mystichrome Cobra and registers an Account on our Site to make use of minimal Services offered by the Company due to their vehicle ownership status and restricted User role.
- “Mystichrome Cobra Owner” means any User who owns a Mystichrome Cobra and registers an Account on our Site to transact business and make use of the various Services offered by the Company due to their more privileged User role.
- “Personal Data” is any PII in digital form that relates to an identified or identifiable individual.
- “Service Provider” means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Site and Services, to provide the Services on behalf of the Company, to perform actions related to the Services, or to assist the Company in analyzing how the Services are used.
- “Services” refers to the unique privileges and opportunities available to anyone who registers an Account on our Site based upon their assumed User role.
- “Site” means the Company’s website, accessible at the “https://www.mystichrome.com” URL address.
- “Usage Data” refers to data collected automatically, either generated by the use of the Site or from the Site infrastructure itself (for example, the duration of a page visit).
- “User” (referred to as “you” or “your”) means any individual or party who visits the Company’s Site and/or takes an interest in our Services.
- “Visitor” means any User who visits our Site without registering an Account.
Collecting & Using Your Personal Data
Types of Data Collected
Personal Data
Upon applying to register for use of and/or continuing to use our Services, we may ask you to provide us with certain PII that can be used to contact or identify you. We collect only the following PII from a User applying for the User role and status as a General Enthusiast: first and last name, email address, date of birth, social media profile information, and location. We collect only the following PII from a User applying for the User role and status as a Mystichrome Cobra Owner: first and last name, current mailing address, phone number, email address, date of birth, social media profile information, location, vehicle identification number (VIN), the letter from Ford Motor Company’s Special Vehicle Team (known as “SVT”) which states the User’s name and mailing address and the User’s vehicle’s VIN, and the SVT build certificate which states the User’s vehicle’s VIN. The User’s vehicle’s VIN is the only PII that is used, in conjunction with other non-sensitive vehicle information, to verify and authenticate the true integrity and build of each unique, limited-production, special-edition Mystichrome Cobra. We do not collect any financial profiles, Social Security numbers, or credit card information from any registered User.
Usage Data
Usage Data is collected automatically when using our Services, and it may include information such as your Device’s unique Internet Protocol (IP) address, Internet Service Provider (ISP), browser type and version, the Site pages of our Services that you visit, the time and date of your visit, the time spent on those pages, unique Device identifiers, and other diagnostic data.
When you access our Services by or through a mobile Device, we may collect certain information automatically, including but not limited to the type of mobile Device you are using, your mobile Device’s unique ID, the IP address of your mobile Device, your mobile Device’s telecommunications and Internet Service Provider, your mobile Device’s operating system, the type of mobile Internet browser you are using, unique Device identifiers, and other diagnostic data.
We may also collect information that your browser sends whenever you visit our Site or whenever you access our Site by or through a mobile Device.
Tracking Technologies & Cookies
We use Cookies and similar tracking technologies to track activity on our Site and store certain information. Tracking technologies utilized are beacons, tags, and scripts to collect and track information and to improve and analyze our Services. The technologies we use may include the following:
- Cookies or Browser Cookies: A Cookie is a small file containing a string of information that our Site stores on a User’s Device and that the User’s browser provides to our Site each time the User returns. You can instruct your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if you do not accept Cookies, you may not be able to use some parts of our Site and Services. Unless you have adjusted your browser settings so that it will refuse Cookies, our Site may use Cookies.
- Web Beacons: Certain sections of our Site and our emails may contain small electronic files known as web beacons (also referred to as clear GIFs, single-pixel GIFs, and pixel tags) that permit the Company, for example, to count Users who have visited those Site pages or opened an email and for other related Site statistics (for example, recording the popularity of a certain section and verifying system and server integrity).
Cookies can be “Persistent” or “Session” Cookies. Persistent Cookies remain on your Device after you are no longer online and go offline, and Session Cookies are deleted as soon as you close your web browser. We use both Session and Persistent Cookies for the purposes set out in the following:
- Necessary and Essential Cookies
Type: Session Cookies
Administered by: The Mystichrome Cobra Authority
Purpose: These Cookies are essential in providing you with Services available through the Site and enabling you to use some of its features. They help to authenticate Users and prevent fraudulent use of User Accounts. Without these Cookies, the services that you have requested cannot be provided, and we only use these Cookies to provide you with those services. - Cookie Policy and Notice Acceptance Cookies
Type: Persistent Cookies
Administered by: The Mystichrome Cobra Authority
Purpose: These Cookies identify if Users have accepted the use of cookies on our Site. - Functionality Cookies
Type: Persistent Cookies
Administered by: The Mystichrome Cobra Authority
Purpose: These Cookies allow us to remember choices you make while using our Site, such as remembering your log-in details or language preference. The purpose of these Cookies is to provide you with a more personal experience and to avoid requiring you to re-enter your preferences every time you use our Site. - Tracking and Performance Cookies
Type: Persistent Cookies
Administered by: Third-party entities
Purpose: These Cookies are used to track information about traffic to our Site and how Users use our Site. The information gathered through these Cookies may directly or indirectly identify you as an individual User. This is because the information collected is typically linked to a pseudonymous identifier associated with the Device used to access our Site. We may also use these Cookies to test new pages, features, or new functionalities of our Site to see how our Users react to them.
For more information about and your choices regarding the Cookies we use, please visit the Cookies section of our Privacy Policy.
Use of Your Personal Data
The Company may use Personal Data for the following purposes:
- To provide and maintain our Site, including to monitor the usage of our Services.
- To manage User Accounts by facilitating your registration for our Services as either a General Enthusiast or a Mystichrome Cobra Owner. The Personal Data that you provide can give you access to different functionalities of our Site and Services that are available to you as a registered User.
- For the performance of a contract, including the development, compliance, and undertaking of the purchase contract for the products, items, or services you have purchased or of any other contract with us through our Services.
- To contact Users by email, phone calls, SMS, or other equivalent forms of electronic communication, such as a mobile Device’s application’s push notifications regarding updates or informative communications related to the functionalities, products, or contracted Services, including any security updates, when necessary or reasonable for their implementation.
- To provide Users with newsworthy information regarding the limited-production, special-edition Mystichrome Cobra and any other general information about any other goods, Services, and events which we may offer that are similar to those that you have already purchased or inquired about unless you have opted to not receive such information.
- To attend and manage requests made by Users to us.
- For business transfers, if in such event, so that we may use your information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by us about our registered Users is among the assets transferred.
- For other purposes, so that we may use your information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns, and to evaluate and improve our Services, products, marketing, and your User experience.
We may share or disclose your Personal Data only in the following situations:
- With other registered Mystichrome Cobra Owners, who wish to evaluate potential transactions with other registered Mystichrome Cobra Owners.
- With third-party vendors, who may gain access to certain Personal Data on a need-to-know basis for service eligibility to maintain the overall health and condition of the Site.
- For business transfers, if in such event, so that we may use your information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by us about our registered Users is among the assets transferred.
- With law enforcement agencies, in order to comply with a request from such an agency to release such Personal Data.
- With judicial courts, in order to comply with a court order or subpoena from such a court to release such Personal Data.
- With your consent, in which we may disclose your Personal Data for any other purpose with your consent.
Retention of Your Personal Data
The Company will retain your Personal Data only for as long as is necessary for the purposes set out in this CalOPPA Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.
The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Site and Services, or we are legally obligated to retain this data for longer time periods.
Transfer of Your Personal Data
Your information, including Personal Data, is processed at the Company’s operating offices and in any other places where the parties involved in the processing are located. It means that this information may be transferred to and maintained on computers located outside of your state or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to such transfer.
The Company will take all steps reasonably necessary to ensure that your Personal Data is treated securely and in accordance with this Privacy Policy, and no transfer of your Personal Data will take place to an organization unless there are adequate controls in place, including the security of your data and other personal information.
Disclosure of Your Personal Data
Business Transactions
If the Company is involved in a merger, acquisition, or asset sale, your Personal Data may be transferred. We will provide notice before your Personal Data is transferred and becomes subject to a different Privacy Policy.
Law Enforcement
Under certain circumstances, the Company may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).
Other Legal Requirements
The Company may disclose your Personal Data in a good-faith belief that such action is necessary to:
- Comply with a legal obligation.
- Protect and defend the rights or property of the Company.
- Prevent or investigate possible wrongdoing in connection with the Services.
- Protect the personal safety of Users of our Site and Services or the public.
- Protect against legal liability.
Security of Your Personal Data
The security of your Personal Data is important to us, but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
“Do Not Track” Policy Requirement
We are specifically required by CalOPPA to disclose our “Do Not Track” (“DNT”) policy.
Our Site does not respond to DNT signals. However, some third-party websites do keep track of your browsing activities. If you are visiting such websites, you can set your preferences in your Device’s web browser to inform websites that you do not want to be tracked. You can enable or disable DNT by visiting the preferences or settings page of your Device’s web browser.
Privacy Regarding Minors
Our services are geared toward the responsible ownership and maintenance of the limited-production, special-edition Mystichrome Cobra, and we recognize that such interest is naturally oriented toward adults of a responsible age and with the financial means to successfully maintain such a vehicle at a high level. Therefore, our Services do not and will not address minors (by law, described as any person under 18 years of age), and we do not knowingly collect any Personal Data from anyone under 18 years of age. Upon applying to register an Account, we specifically require each applicant to state their date of birth and confirm that they are an adult at least 18 years of age, and the applying User’s date of birth is the only piece of PII that is used to legally confirm a User’s adulthood status.
If you are a parent or guardian and you are aware that your child has registered an Account on our Site by providing us with Personal Data, please contact us immediately in the contact details provided. If we discover that minors under 18 years of age have registered an Account on our Site by providing us with Personal Data, we will delete the Account and Personal Data from our servers immediately. Although the legal age of obtaining and maintaining a driver’s license is 16 years of age in many parts of the United States of America, we stand firm on our belief that responsible ownership of a collectible vehicle is a privilege for adults of a responsible age and with the financial means to successfully maintain such a vehicle at a high level. While this may accurately describe certain adults that are much older than 18 years of age, we cannot and will not discriminate against any adult of legal age for registering an Account, and thus, nobody under 18 years of age shall register an Account on our Site.
Links to Other Websites
Our Site may contain links to other third-party websites that are not operated by us. If you click on a third-party website link, you will be directed to that third-party’s website. We strongly advise you to review the privacy policy of every third-party website that you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party websites or services.
Changes to This Privacy Policy
We may update our CalOPPA Privacy Policy from time to time. We will notify you of any changes by posting the updated CalOPPA Privacy Policy on this page. We will let you know via email and/or a prominent notice on our Site prior to the changes becoming effective, and we will update the “Last Updated” date at the top of this page. You are advised to review this CalOPPA Privacy Policy periodically for any changes, and any such changes are effective when they are posted on this page.
Contact Us
If you have any questions about any of our California Privacy Statements, please contact us at administrator@mystichrome.com with “CA Privacy” in the subject line.