Bluenose Gopher Brewery
CYBERSECURITY POLICY

Last updated: (12/19/2016) BLUENOSE GOPHER BREWERY (“us”, “we”, or “our”) operates http://www.bluenose.coop (the “Website”). This page informs you of our policies regarding the collection, use and disclosure of Personal Information we receive from users of the Website. We use your Personal Information only for record keeping purposes and to contact you. By using the Website, you agree to the collection and use of information in accordance with this policy.

Information Collection and Use
While using our Website, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to your full name and mailing address (“Personal Information”). Personal Information such as y
our credit or debit card number is collected by Stripe. To view Stripe’s Privacy Policy, click here.

Checkout Users (from Stripe)
This Website uses Stripe Checkout to process payments. When you use Stripe Checkout on a merchant’s website to store your payment credentials, Stripe will gather and store your payment card information, your email address, your mobile phone number, and billing and shipping address. Stripe will use this information to complete purchases that you choose to make on other websites or applications that also use Stripe Checkout, but only with your permission. Stripe may also share your contact information, but not your card information, with merchants as part of your purchases. Stripe will not share this information with other third parties except as a necessary part of providing our Website and Services. You should carefully review merchants’ privacy policies to better understand how each uses your information.

Preventing a cybersecurity attack or data breach that result in the disclosure, or potential disclosure, of purchasers' confidential or personally identifiable information

We take reasonable and appropriate measures to protect Personal Information from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the risks involved in the processing and the nature of the Personal Information. We use Squarespace to host our Website and enabled a Secure Sockets Layer, or SSL, which is a technology that secures the connection between your browser and the website you’re visiting. To verify that SSL is protecting a page, look for a URL beginning with https://, instead of http://, and a green, closed padlock icon. This allows visitors to navigate the website and submit information through a secure connection. SSL provides three important security benefits:

To learn more about how Squarespace’s SSL works, click here.

We use Google Drive, Squarespace, and MailChimp to store your contact information (full name, mailing address, phone number, and email address). All of our accounts require a username and password to log in. We keep our username and password secure, change our password every three to six months, and never disclose it to a third party.

Security
The security of your Personal Information is important to us, but remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.

Reporting of a Cybersecurity Attack or Data Breach

Disclosure of Personal Information

Bluenose Gopher Brewery shall disclose any breach of the security of the system following discovery or notification of the breach in the security of the data to any resident of this state whose unencrypted personal information was, or is reasonably believed to have been, acquired by an unauthorized person. The disclosure must be made in the most expedient time possible and without unreasonable delay, consistent with the legitimate needs of law enforcement, or with any measures necessary to determine the scope of the breach, identify the individuals affected, and restore the reasonable integrity of the data system. Bluenose Gopher Brewery shall notify the owner or licensee of the information of any breach of the security of the data immediately following discovery, if the personal information was, or is reasonably believed to have been, acquired by an unauthorized person.

Notice of Cybersecurity Attack or Data Breach

Bluenose Gopher Brewery will provide written notice to the most recent available address of the person or business we have in our records; or electronic notice, if the person's primary method of communication with us is by electronic means.

Reporting of a Cybersecurity Attack or Data Breach

MNvest issuers and portal operators must report to the administrator any action taken by the MNvest issuer or portal operator to meet the reporting requirements of Minnesota Statutes, section 325E.61. The report sent to the administrator must not include any confidential or personally identifiable information of those individuals whose data were improperly accessed or acquired, unless the information is requested by the administrator. The report must include:
(1) a general description of the type of data that were accessed or acquired; (2) the number of individuals whose data were improperly accessed or acquired; and (3) a description of the steps taken by the MNvest issuer or portal operator to notify the individuals whose data were improperly accessed or acquired. The report must be mailed or sent electronically to the administrator within 60 days of the MNvest issuer's or portal operator's discovery of the cybersecurity attack or data breach.


Changes to This Policy
This policy is effective as of (12/19/2016) and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page. We reserve the right to update or change our Cybersecurity Policy at any time and you should check this policy periodically. Your continued use of the Service after we post any modifications to the Cybersecurity Policy on this page will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified policy. If we make any material changes to this policy, we will notify you either through the email address you have provided us, or by placing a prominent notice on the Website.