Source of Sources Privacy Policy

PRIVACY POLICY

Effective Date: June, 2025

  1. Subject to Universal Terms of Service.  The following PRIVACY POLICY (“Privacy Policy”) supplements and is subject to Jessa and Waffle, LLC d/b/a Source of Source’s (the “Company”) Universal Terms of Service (“UTOS”), which are incorporated herein by reference.  Capitalized terms used and not otherwise defined herein shall have the meanings set forth in the UTOS.  In the event of a conflict between this Privacy Policy and the UTOS, this Privacy Policy shall control.  Customer acknowledges that Customer has read this Privacy Policy and the Company’s User Agreement.
  2. Agreement to Abide by Privacy Policy.  BY ACCESSING THE WEBSITE OR SIGNING UP FOR OR USING THE SERVICES, CUSTOMER AGREES TO BE BOUND BY THIS PRIVACY POLICY AND THE AGREEMENTS.  The Company’s collection of Personal Information is required to serve the Website and deliver the Services.  Refusal to provide required Personal Information may delay or prevent access to the Website and/or provision of the Services.
  3. Privacy Policy.  This Privacy Policy explains how the Company collects Personal Information, what Personal Information it collects, and how the Company uses that Personal Information.  This Privacy Policy also describes the Customer’s rights to access, update, or otherwise control Personal Information subject to processing by the Company or its sub-processors.  For questions about the Company’s data control practices or the Customer’s rights, as described below, please contact the Company by email at [email protected].
  4. Changes to the Privacy Policy.  The Company reserves the right, in its sole discretion, to amend this Privacy Policy, for any reason, which amendment(s) will be effective upon posting to the Website(s).  The date of the last revision to this Privacy Policy will be indicated by the “Effective Date” located at the top of this Privacy Policy.  By accessing the Websites, or by signing up for or using the Services, after changes or modifications have been made to this Privacy Policy will constitute the Customer’s acceptance of the Privacy Policy as of the Effective Date.  The Company may occasionally notify the Customer of changes or modifications to this Privacy Policy by email but is not required to do so.  It is the Customer’s responsibility to keep the information it its Customer Account accurate.  The Company assumes no liability or responsibility for Customer’s failure to receive an email or other electronic notification if such failure results from the Customer’s failure to provide accurate information.
  5. Information the Company Collects.
    1. Personal Information.  The Company collects information that the Customer provides when using the Website, signing up for or using the Services, or otherwise interacting with the Company (the “Personal Information”).  Categories of Personal Information collected include, but are not limited to, the Customer’s name, address, telephone number, email address, Internet Protocol (“IP”) address, telephone number, birth date, billing and delivery information, credit card or other financial account information, Queries posted and responded to, and other identifying information about the Customer.
    2. Non-Personal Information.  The Company may also collect information that is not Personal Information (“Non-Personal Information”) when the Customer uses the Website or Services.  Categories of Non-Personal Information include, but are not limited to, search terms, new or returning user information, browser information, computer type, operating system, internet service providers, website usage, referring/exit pages, platform type, date/time stamps, number of clicks and movements within a webpage, and advertisements viewed.
    3. Purposes of Information Collection.  The Company uses the Personal and Non-Personal Information collected for the following purposes:
      1. Registration.  Information is used to register and manage the Customer’s account, including to allow access to and use of the Services, to process payments or credits, and to offer promotional programs.
      2. Improve the Website and Services.  Information is used for analytical purposes and to enable the Company to improve the Website and Services, and to provide a tailored and optimized user experience.
      3. Individualization.  Information is used to notify the Customer about special offers or services available from the Company or its affiliates and partners.
      4. Customer Service and Communication.  Information is used to communicate with the Customer or facilitate communication between the Customer and the Company or its affiliates and partners; to conduct, monitor, and record interactions with the Company, Website and the Services; to host reviews, forum posts, photos, videos, and other content; to respond to requests, questions, and comments.
      5. Legal Compliance.  Information is used to resolve disputes or troubleshoot problems; to prevent fraud and other potentially prohibited or unlawful activities; to comply with relevant laws and regulations; to respond to legal requests and protect the Company’s rights; to provide payment services, including detection and prevention of money laundering, fraud, and security incidents; to comply with the Company’s legal obligations; and to enforce any applicable terms of service.  If the Company uses automated decision-making technologies to process Personal Information, the Company will implement appropriate measures required to safeguard the Customer’s rights, including Customer’s right to obtain human intervention.
      6. Advertising.  Information is used to serve the Customer with relevant ads and to serve other customers who have similar profiles with relevant advertising through custom audiences and look-alike audiences.  Information is also used to measure and track the effectiveness of advertising campaigns and carry out other administrative and accounting activities with respect to ad campaigns.
      7. Security.  Information is used to detect threats and protect against malicious or fraudulent activity.
      8. Purposes Disclosed at Collection.  The Company may use your information for a purpose not disclosed above.  In that case, the purpose of the usage will be disclosed at the time the information is collected.
      9. Legitimate Business Purposes.  The Company may use your information for legitimate business purposes that are compatible with the above purposes for collecting your personal data and that are not prohibited by law.
    4. Cookies.  Cookies are small files stored on your computer as you use the Internet that record information about how you interact with the websites you visit.
      1. Purposes.  The Company uses cookies for the following purposes: 
  • To allow you to browse the Website and use its features;
  • To serve you with relevant advertising and measure the effectiveness of such advertising;
  • To ensure that you are not shown an advertisement more than you should be (called “frequency monitoring”);
  • To learn more about the way you interact with the Website and Services;
  • To help us improve your experience when visiting the Website;
  • To remember your preferences, such as language and geographic region, to avoid entering that information every time the Customer visits the Website;
  • To identify errors and resolve them;
  • To analyze how the Website is performing.
      1. Types of Cookies.
        1. Strictly Necessary Cookies.  These cookies (sometimes called “essential cookies”) allow a website page to load or provide essential functionality, without which the Website would not function.  For example, cookies are used to store online shopping cart data.
        2. Functional Cookies.  These cookies allow a website to remember your settings and preferences, including language and geographic region, when you return to the website.  These preferences make browsing more convenient, efficient, and user-friendly.
        3. Advertising Cookies.  These cookies are used to learn about your general interests based, for example, on the websites you visit and the services and products you utilize and purchase.  That data allows the Company to send you ads for products and services that better fit your needs and preferences.  It also allows the Company to limit the number of times you see the same advertisement. 
        4. Analytics Cookies.  These cookies tell the Company how you use the Website.  For example, which pages you visited and which links you clicked.  This data helps the Company measure and improve the performance of our Website.  The Company uses different analytics cookies in different jurisdictions.  In many cases, we use Google Analytics cookies to monitor Website performance.  Our ability to use and share information collected by Google Analytics about your visits to our sites is restricted by the Google Analytics Terms of Use and the Google Privacy Policy.
  1. How the Company Collects Information.  The Company collects Personal and Non-Personal Information via the following methods:
    1. When Shared Directly.  The Customer gives the Company information when signing up for an account on the Website or when purchasing the Services.  The Company may ask for information like your name, email address or home address, date of birth, payment information, age, gender, the number of people in your family, and the Customer’s preferences for communications about the Services.
    2. When the Customer Interacts with the Website and Emails.  The Company may use technologies that automatically collect information when you visit the Website, view our advertisements, or use the Services.  For example, the Company uses cookies to identify the browser and operating system the Customer is using, IP address, and online activities such as websites visited, links clicked, and emails opened.
    3. When the Customer Connects with Partners or Third Parties.  The Company may receive information that other companies share with or sell to us.  For example, you may have given consent for another company to share your information with us when you have signed up for its services.  Where possible, the Company may also collect personal data from publicly available sources, such as websites, blog posts, online videos, or social media sites.  The Company may also receive information from other companies, such as consumer data resellers, who are in the business of collecting or aggregating information about you sourced from publicly available databases or from consent you might have given to their use and, subsequently, our use of your personal data.  This information may include your income level, age, gender, household size, and products and services you have purchased online or in stores.
  2. How the Company Uses and Shares Information.
    1. Minimization of Data Collection.  The Company is committed to minimizing the data it collects and limiting the use of that data to only (a) purposes for which the Company has been given permission, (b) as necessary to deliver the Website or Services, or (c) as the Company may be required or permitted for legal compliance or other lawful purposes.
    2. Use of Personal Information.  Once collected, the Company may use Personal Information for purposes including, but not limited to:
      1. Research and development to improve the Website and Services;
      2. Providing support to and communicating with the Customer, including bill reminders, order confirmations, program registrations, and customer service messages;
      3. Personalizing the function, user experience, and performance of the Website and Services;
      4. Marketing and promoting the Website and Services to the Customer;
      5. Enhancing the safety and security of the Website and Services;
      6. Detecting and preventing fraud and abuse of the Website and Services;
      7. Aggregating statistics about use of the Website and Services;
      8. Analyzing the Customer’s use of the Website and Services;
      9. Delivering and processing surveys; and
      10. Protecting our legitimate business interests and legal rights, as described herein.
    3. Disclosure of Personal Information.  To ensure the continued functionality of the Website and Services, the Company may disclose Personal Information through the Services and to certain third parties.  Please note that information about you, your devices, and your behavior collected through third-party cookies, pixels, tags, or other tracking technologies for purposes of cross-context behavior advertising may be considered a “sale” or “share” under certain U.S. state laws. However, the Company is not a data broker, and we do not sell personal information for monetary consideration. 
    4. Disclosure to Other Service Users.  When you use the Services, we disclose certain information about you to other Service Users for the following purposes:
      1. To enable collaboration features within the Services;
      2. Account management and administration;
    5. Disclosure to Third Parties.  We disclose information to third parties that help us operate, provide, improve, integrate, customize, support, and market our Services.  These third parties include, but are not limited to:
      1. Service Providers.  The Company works with third-party service providers for website and application development, hosting, maintenance, backup, storage, virtual infrastructure, payment processing, analysis, marketing, and other services, which may require them to access or use Personal Information.  When a service provider needs to access Personal Information to perform services on the Company’s behalf, they do so pursuant to appropriate security and confidentiality procedures designed to protect Personal Information.
      2. Company Partners.  We work with third parties who provide consulting, sales, support, and technical services to deliver and implement customer solutions related to the Services.  We may disclose your information to these third parties in connection with their services, such as to assist with billing and collections, to provide localized support, and to provide customizations related to the Services.  We may also disclose information to these third parties where you have agreed to that disclosure. 
      3. Affiliated Companies.  Affiliated companies are companies owned or operated by the Company.  We may disclose information we have about you to other Company corporate affiliates to operate and improve products and services and to offer other Company-affiliated services to you.  This includes companies that own or operate the Services.  Additionally, the Company may disclose or transfer information we collect under this Privacy Policy in connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.  You will be notified vi email or a prominent notice on the Website and Services if such a transaction takes place, as well as any choices you may have regarding your Personal Information.
      4. Third Party Apps.  You, your administrator, or other Service users may choose to add new functionality or change the behavior of the Services by installing third party apps within information about you like your name and email address, and any content you choose to use in connection with those apps.  If you are an administrator, or a technical or billing contact listed on an account, we disclose your details to the third-party app provider upon installation.  Third-party app policies and procedures are not controlled by the Company, and this privacy policy does not address how third-party apps use your information. 
      5. Links to Third Party Websites.  The Services may include links that direct you to other websites or services whose data privacy practices may differ from ours.  If you submit Personal Information to those third parties, your information is governed by their privacy policies, not this one. 
      6. Third Party Widgets.  Some of our services contain “widgets” and social media features, such as the Twitter/X “tweet” button or Facebook “like” button.  These widgets and features may collect your IP address, record which page you are visiting on the Services, and may set a cookie to enable the feature to function properly.  Use of Personal Information collected from third party widgets is governed by those third parties’ privacy policies, no this one.
      7. With the Customer’s Consent.  We disclose information about you to third parties when you give us consent to do so.  For example, we may display personal testimonials of satisfied customers on public websites.
      8. Compliance with Enforcement Requests and Applicable Laws; Enforcement of Our Rights.  In exceptional circumstances, the Company may disclose Personal Information if required to do so by law or in the good faith belief that such action is necessary to:
  1. Conform to legal requirements or comply with legal process serviced on the Company, including, but not limited to, compliance with legal, regulatory, and law enforcement requests.  In such circumstances, the Company will disclose any information about the Customer to government or law enforcement agencies or private parties as the Company, in its sole and absolute discretion, believes is reasonably necessary or appropriate to respond to claims and legal process (such as preservation request, warrants, subpoenas, or court orders), to protect the Company’s property and rights or those of a third party, to prevent or stop activity the Company considers to be illegal or unethical, among other valid legal reasons.  To the extent the Company is legally permitted to do so, the Company will take reasonable steps to notify the Customer in the event that the Company is required to disclose Personal Information to third parties as part of the legal process;
  2. Protect or defend the rights or property of the Company;
  3. Protect the personal safety of Company personnel or members of the public in appropriate circumstances; or
  4. If the Company and/or its assets (or a portion thereof) are sold, assigned, transferred, or merged, or if the Company undergoes some other change, including a change to its corporate form as part of a bankruptcy proceeding or otherwise.
  1. How the Company Stores and Protects Information.
    1. Information Storage and Security.  The Company uses commercially reasonable, industry standard data security measures to protect Personal Information against unauthorized access, unauthorized alteration, disclosure, or destruction.  The Company restricts access to Personal Information to certain companies who may require the information to operate, develop, or improve the Website or Services.  These individuals or organizations are bound by confidentiality obligations and agreements, and may be subject to discipline, including termination and civil or criminal prosecution, for failure to meet these obligations.  The Company cannot guarantee or warrant the security of any information the Customer transmits to the Company, or to or from the Website or Services.
    2. Data Retention.  The length of time that the Company retains the Customer’s Personal Information depends on the type of information, as set forth below.  After such time, the Company will either delete or de-identify your information.  If this is not possible (for example, because the information has been stored in backup archives), then we will securely store the Customer’s Personal Information and isolate it from any further use until deletion is possible.
      1. Account Information.  The Company will retain account information for as long as the Customer’s account is active and for a reasonable period thereafter in case the Customer decides to re-activate the Services.  We also retain Personal Information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations, and to continue to develop and improve the Services.  Where the Company retains information for Service improvement and development, we take steps to eliminate information that directly identifies the Customer, and we only use information to analyze use of the Services, not the Customer’s personal characteristics.
      2. Information Shared on the Services.  If the Customer’s account is deactivated or disabled, some of your information and the content you have provided will remain to allow team members or other users to fully utilize the Services.
    3. Managed Accounts.  If the Services are made available to you through an organization (e.g., your employer), we retain your information as long as required by the administrator of your account. 
    4. Marketing Information.  If the Customer has elected to receive marketing emails from the Company, we retain information about your marketing preferences for a reasonable time from the date you last expressed interest in the Services, such as when the Customer last opened an email from the Company or ceased to use the Services.  We retain information derived from cookies and other tracking technologies for a reasonable length of time from the date such information was created.
  2. How the Customer Can Access and Control Personal Information.
    1. Customer’s Rights.  Where applicable, under local law, you may have certain rights with respect to Personal Information.  For information about specific jurisdictions, please see the State Disclosures section.  In certain jurisdictions, the Customer may have the right to request information about the Company’s processing of Personal Information, to request a copy of the Customer’s information, to object the Company’s use of Personal Information (including for marketing purposes), to request deletion or restriction of Personal Information, to request delivery of the Customer’s Personal Information in a portable digital format, to correct or update Personal information, to opt out of sales or sharing of Personal Information and targeted advertising (as these terms are defined under applicable law), and to opt out of certain profiling activities.  The tools and processes for making such requests are set forth below.  The Customer may exercise some of these rights by logging into the Website or Services and using settings available therein.  Where the Services are administered for you by an administrator, the Customer may need to contact its administrator first to assist with the request.  For all other requests, the Customer may contact us as provided in the Contact Us section, below.
      1. Access and Update Personal Information.  The Services and related documentation provide the ability to access and update certain Personal Information from within the Website or Services.  For example, the Customer can access and update profile information from their account settings page.
      2. Deactivate Account.  The Customer or their administrator may be able to deactivate the Customer’s account via the account settings page.  If neither the Customer nor their administrator can deactivate the account, please contact the appropriate support team through the Company’s support pages.  Please be aware that deactivating an account does not delete Personal Information.  As set forth above, that information remains in use by the Company unless the Customer deletes it.
      3. Delete Personal Information.  The Customer has the ability to delete certain Personal Information from within the Services.  Please note, however, that the Company may need to retain certain information for record keeping purposes, to complete transactions, or to comply with legal obligations.
      4. Request That the Company Stop Using the Customer’s Personal Information.  In some cases, the Customer may request that the Company stop accessing, storing, using, or otherwise processing Personal Information where the Customer believes that the Company does not have appropriate rights to do so.  For example, if the Customer believes a Services account was created without their permission, the Customer can request that we delete your account as provided in this Privacy Policy.  Where the Customer gives consent to use Personal Information for a limited purpose, the Customer can contact the Company to withdraw that consent, but this will not affect any processing that has already taken place at the time the request is made.  The Customer can also opt-out of the Company’s use of Personal Information for certain marketing purposes by contacting the Company.  The Company may require time after such a request is made to investigate and facilitate the request.  If there is a delay or dispute as to whether the Company has the right to continue using the Customer’s Personal Information, we will restrict any further use of that information until the request is honored or the dispute is resolved.
      5. Opt Out of Communications.  The Customer may opt out of receiving promotional communications from the Company by using the “unsubscribe” link within each email, by updating email preferences within the Customer’s Service account settings menu, or by contacting the Company as provided below.  Even after the Customer opts out of promotional messaging, you will continue to receive transactional messages from the Company regarding the Services.  You can opt out of some notification messages in the Customer’s account settings.  Please note that you will continue to receive generic advertising. 
      6. Opt Out of Targeted Advertising.  Where applicable under local law, the Customer may have the right to opt out of targeted advertising by following the instructions on our website.  Additionally, the Customer may be able to opt out of receiving personalized advertising from other companies who are members of the Network Advertising Initiative or who subscribe to the Digital Advertising Alliance’s Self-Regulatory Principles for Online Behavioral Advertising.  For more information about this practice and to understand your options, please visit https://www.aboutads.info, http://optout.networkadvertising.org, and http://www.youronlinechoices.eu.
      7. Turn Off Cookie Controls.  Relevant browser-based cookie controls are described in our Cookies & Tracking Notice.
      8. Send “Do Not Track” Signals.  Some browsers have incorporated “Do Not Track” (DNT) features that can send a signal to the websites you visit indicating that you wish not to be tracked.  The Website may not respond to all browser-based DNT signals.  However, the Website does respond to Global Privacy Control (GPC) to opt-out of sales of Personal Information and targeted advertising in certain locales.  For more information on the GPC and how to use a browser or browser extension incorporating the GPC signal, see https://globalprivacycontrol.org.  The Customer can also use the range of other tools we provide to control data collection and use, including the ability to opt out of receiving marketing, as described above.
      9. Data Portability.  Data portability is the Customer’s ability to obtain Personal Information in a format the Customer can move from one service provider to another.  Depending on the context, this applies to some Personal Information, but not all.  If the Customer requests it, we will provide an electronic file of basic account information and the information created in spaces under the Customer’s sole control.
  3. How the Company Transfers Personal Information Internationally.
    1. International Transfers of Personal Information.  The Company collects information globally and may transfer, process, and store information outside of the Customer’s country of residence, to wherever the Company or third-party service providers operate for the purpose of providing the Services.  Whenever the Company transfers Personal Information, we take steps to protect it.
    2. International Transfers Within the Company.  To facilitate global operations, the Company transfers information globally and allows access to that information from countries in which the Company and its affiliates have operations for the purposes described in this Privacy Policy.  These countries may not have privacy and data protection laws that are equivalent to the laws of many of the countries where our customers and users are based.  When we disclose information about you within and among Company corporate affiliates, we employ the Data Privacy Framework to receive personal data transfers to the United States from the European Union/European Economic Area and the standard contractual data protection clauses that have been approved by the European Commission to safeguard the transfer of Personal Information collected in the European Economic Area, the United Kingdom, and Switzerland.
    3. International Transfers to Third Parties. Some of the third parties described in this Privacy Policy, who provide services to the Company under contract, are based in other countries that may not have privacy and data protection laws equivalent to the country in which the Customer resides.  When the Company discloses Personal Information of customers in the European Economic Area, the United Kingdom, or Switzerland, we employ the European Commission-approved standard contractual data protection clauses, binding corporate rules for transfers to data processors, and other appropriate legal mechanisms to safeguard the transfer.
  4. Age Restrictions.  The Services are not directed to individuals under 18.  We do not knowingly collect personal information from children under 18.  If we become aware that a child under 18 has provided the Company with Personal Information, we will take steps to delete such information.  If you become aware that a child has provided the Company with Personal Information, please contact the appropriate support team.
  5. Contact Information.  The Customer’s information is controlled by Source of Sources.  If you have questions or concerns about how your Personal Information is handled, please direct your inquiry to Source of Sources, which we have designated to be responsible for facilitating such inquiries. 

Jessa and Waffle, LLC d/b/a/ Source of Sources

350 West 42nd Street

New York, NY 10036

[email protected]

With a Copy to:

Jerry S. Goldman, Esquire

Anderson Kill P.C.

7 Times Square, 15th Floor

New York, NY 10036

[email protected]

***