Last Updated: August 23, 2025

This User Consent and Opt-In Practices policy explains how Double M Merchandise Inc. (doing business as New York Watch Outlet, referred to as “Double M,” “we,” “us,” or “our”) obtains, records, and respects your consent for various activities on our website (https://newyorkwatchoutlet.com) (“Site”). It covers how you agree to our Terms & Conditions and Privacy Policy during checkout, how we handle email marketing sign-ups, how you can opt out of communications, and how we use cookie consent tools – all in compliance with applicable U.S. laws (including the California Consumer Privacy Act as amended by the CPRA, the Colorado Privacy Act, and the Virginia Consumer Data Protection Act) and federal laws like CAN-SPAM and TCPA. We are committed to industry best practices (including those recommended for Shopify-based online stores) to ensure your choices are clear, informed, and respected.

By using our Site and services, or by engaging with our marketing communications, you acknowledge and agree to the practices described in this policy. If you do not agree with these practices, please do not proceed with the relevant activities (for example, do not check the agreement box at checkout, or do not sign up for our newsletter). Keep in mind that some services (like placing an order) are available only if you provide the necessary consent (e.g. agreeing to the Terms). We may update this policy from time to time to reflect changes in our practices or legal requirements. If we make material changes, we will update the “Last Updated” date above and may provide additional notice (such as on our homepage or via email). We encourage you to review this policy periodically to stay informed about how we seek and honor your consent. Your continued use of the Site following the posting of any changes to this policy (or to our Terms & Conditions) will constitute your acceptance of those changes, to the extent permitted by law.

1. Checkout Consent

When you checkout on our Site, you will be required to affirmatively agree to our Terms & Conditions and Privacy Policy before placing your order. During the online checkout process, a clear and unambiguous checkbox is presented (for example, next to text such as “I have read and agree to the Terms & Conditions and Privacy Policy”). You must manually check this box to indicate your consent. The Terms & Conditions and Privacy Policy are always accessible via hyperlink at that checkbox, giving you the opportunity to review them in detail prior to agreeing. Orders cannot be finalized unless this checkbox is checked – meaning if you do not agree, the system will not allow you to complete your purchase. This ensures that no order is placed without your explicit acknowledgment of and agreement to our policies.

This “click-to-agree” (clickwrap) method of obtaining consent at checkout is in line with legal best practices for online contracts. Courts have widely recognized that an electronic click or checkbox can form a binding agreement if the user is given reasonable notice and must take an affirmative action to consent[1]. Under New York law in particular, clickwrap agreements are enforced so long as the consumer has a fair opportunity to read the terms and is provided an unambiguous way to accept or decline them[1][2]. By requiring you to actively check an agreement box (as opposed to merely presenting terms in a link, which would be “browsewrap”), New York Watch Outlet ensures that your assent to our Terms and Privacy Policy is knowing, voluntary, and documented. Claims that a user “didn’t see or read” the terms typically will not invalidate the agreement when a properly presented clickwrap was in place and affirmatively accepted[3]. In short, our checkout process is designed to make sure you are fully aware that you are agreeing to our Terms and policies, and it prevents any order from being placed without this clear consent.

2. Contact and Inquiry Form Consent

If you fill out a contact form or inquiry form on our Site (for example, to ask a question or request information), we will ensure you consent to our use of that information to respond to you. Specifically, we include a clear notice alongside our contact form indicating that by submitting the form, you agree we may use your information to respond to your inquiry in accordance with our Privacy Policy. For instance, near the “Submit” button, we may state: “By submitting this form, you consent to our use of your information to respond to your inquiry, as described in our Privacy Policy.” In some cases, we might even present a required checkbox (unchecked by default) for you to explicitly confirm your agreement to the Privacy Policy before the form can be submitted. This extra step ensures you are fully aware of and agree to how your information will be used when you reach out to us.

Any information you provide through a contact or inquiry form will be used only for the purpose of addressing your request or question, unless you separately consent to other uses. For example, if you write to us for product information, we will use your contact details to respond to that inquiry and will retain the correspondence as needed for customer service records. We will not add you to marketing lists or use your data for any purpose unrelated to responding to your inquiry, unless you opt in to such communications. By requiring this form of consent on our contact form, we make sure that even in one-time interactions you have given permission for us to use your data to reply, and we maintain a record of that permission. This practice follows privacy best practices and provides legal clarity – if you contact us, you should expect and agree that we will contact you back using the information you provided, and we document that understanding for our records. It’s a simple step that helps us comply with data protection principles (for example, ensuring a user from California or any other state understands how their submitted information will be handled) and builds trust through transparency.

3. Email Opt-In Practices

We take a 100% opt-in approach to email marketing and newsletters. This means you will only receive promotional or newsletter emails from New York Watch Outlet if you choose to sign up for them. We will never automatically subscribe you to marketing emails without your consent, and we do not use pre-ticked boxes or any “hidden” consents for email marketing. Our practices include:

• Voluntary Subscription Only: You will not be added to our email marketing list unless you take a direct action to opt in. For example, you might enter your email into a newsletter sign-up form on our Site, or check a voluntary box at checkout or account creation indicating you want to receive our newsletter or deals. If you do not opt in, we will not include you in promotional mailings (though we may still send necessary transactional emails about your orders, account, or customer service matters, which are not marketing communications).
• No Pre-Checked Boxes: Any option to subscribe to marketing emails (such as a checkbox offering “Subscribe to our newsletter for updates and offers”) will be unchecked by default, requiring you to actively check it to give consent[4]. This ensures your consent is explicit and unambiguous. We avoid pre-ticked boxes or passive “consent by default” for email sign-ups, in line with industry best practices and global anti-spam standards[4].
• Confirmation and Double Opt-In (If Applicable): In some cases, we may use a double opt-in process for added security – for instance, after you submit your email to sign up, we might send a confirmation email asking you to click a link to verify your subscription. While double opt-in is not mandatory under U.S. law, it is a best practice for ensuring the owner of the email address intended to subscribe. Whether single or double opt-in, all marketing email subscriptions will only be activated with your conscious consent. (If we implement double opt-in, the initial sign-up is one consent and clicking the confirmation link is a second confirmation of consent.)
• Consent Records for Emails: When you do opt in to our emails, we keep a record of how and when you gave consent (see Section 5 below for more on consent logs). For example, we may log that you signed up via the newsletter form on a certain date, or that you checked the opt-in box during checkout, along with a timestamp. This way, we have evidence that you wanted to receive our messages, and we can honor and track your preferences accurately.
• Respecting Your Email Preferences: Every marketing email we send will remind you why you are receiving it (e.g. “You are receiving this because you subscribed on our website”). If you ever change your mind, you will always have the option to unsubscribe easily – we do not want to send emails to anyone who doesn’t want them. We do not share or sell your email address to third parties for their own marketing without your consent, and your decision to subscribe or not subscribe will not affect any purchases you make (aside from receiving the promotional content itself).
• CAN-SPAM Compliance: New York Watch Outlet adheres to the CAN-SPAM Act and other applicable laws governing email marketing. While CAN-SPAM does not require prior opt-in consent for emails in the U.S., it does set strict requirements that we follow for any commercial email: for example, our emails will always contain our valid physical mailing address, will not use deceptive subject lines or sender information, and will include a clear unsubscribe link (details on unsubscribe in the next section)[5]. We choose to go above the legal minimum by using an opt-in model, because it’s better for our customers and our email deliverability. In summary, you will only get promotional emails if you asked for them, and our emails will always give you a straightforward way to opt out again.

4. Unsubscribe and Opt-Out Mechanisms

We make it easy for you to opt out of marketing communications at any time. If you have previously given consent to receive our emails (or in the future, text messages), you are free to withdraw that consent through any of the methods below. We will process opt-outs as quickly as possible and in accordance with all legal requirements. Here are the ways you can unsubscribe or opt out:

• Email Unsubscribe Link: Every promotional or newsletter email we send includes an “Unsubscribe” link (usually at the bottom of the email). This link allows you to instantly remove yourself from our mailing list with a single click. The unsubscribe mechanism is designed to be prominent, clear, and effective, as required by law[6]. Once you click the unsubscribe link and confirm, you will stop receiving marketing emails from us. (Please note it may take a few days to process the removal, but we strive to remove you immediately. Even after you unsubscribe, we may still send you non-promotional emails as needed for transactions or customer service, but no more marketing content.)
• Unsubscribe by Contacting Us: If you prefer, you may also unsubscribe or adjust your communication preferences by contacting us directly. Just send an email to Info@newyorkwatchoutlet.com or use the contact information in the Contact Us section below, and let us know that you no longer wish to receive marketing emails (or specify which communications you want to opt out of). We will manually remove you from the respective list and confirm once it’s done. You can also reply to any of our emails with a request to unsubscribe, and we will take care of it. There is no charge or penalty for unsubscribing – we want it to be as easy as possible for you to stop emails you don’t want.
• Future SMS/Text Message Opt-Out: At present, we do not send marketing text messages (SMS) to customers. If we introduce SMS marketing in the future, we will ensure it is strictly opt-in – meaning we will ask for your explicit written consent (for example, by having you check a box or enter your phone number and agree to SMS terms) before sending any promotional texts[7]. Moreover, any SMS we send will include a clear opt-out mechanism. Typically, this will be instructions to reply “STOP” (or a similar keyword like “UNSUBSCRIBE”) to immediately opt out of further texts. We will prominently include such instructions in each text message, per best practices and TCPA (Telephone Consumer Protection Act) requirements. If you send a STOP request to us, or any recognized opt-out keyword, we will promptly remove your number from the SMS list and cease further texts to you[8]. (The TCPA requires that businesses honor SMS opt-out requests and avoid sending any more marketing texts after an opt-out; companies generally must process a text opt-out within a short period, no longer than 10 business days[9], and we plan to honor it almost immediately.) In short, we will respect all STOP requests for texts. Additionally, if at any time you want to opt out of SMS but prefer to do so through another channel (say, emailing us your number and request), we will handle that as well. All future SMS programs, if any, will also comply with the CTIA guidelines and any other applicable state/federal laws to protect you from unwanted messages.

Note: Opting out of marketing communications does not affect transactional communications. We may still email you about important order updates, receipts, shipping notifications, or responses to customer service inquiries even if you’ve unsubscribed from marketing, as those are not promotional but rather part of the services you use. If you have an account on our Site, you may also be able to manage your communication preferences in your account settings (where available). And of course, you can always reach out to us if you need any assistance with unsubscribing or adjusting your preferences.

5. Consent Records and Preference Management

We maintain detailed records of user consents to ensure we can demonstrate compliance and honor your choices. Whenever you take an action to give consent on our Site, we attempt to log the pertinent details in our systems. This includes:

• Logging of Consent Details: For each type of user consent (e.g., agreeing to Terms at checkout, subscribing to emails, accepting cookies via our banner), New York Watch Outlet will store a record that you consented. This record typically contains a timestamp (date and time when the consent was given), the method by which you gave consent (for example: “Checkout page checkbox accepted” or “Newsletter form submitted”), and what exactly was consented to (e.g., “Agreed to Terms & Conditions v1.0 and Privacy Policy” or “Opted in to promotional emails”). Where feasible, we may also log additional context such as the IP address or device/browser information at the time of consent, to have a verifiable audit trail[10]. These records are kept securely and are used strictly for compliance and documentation purposes. They help us demonstrate, if ever needed (for instance, to regulators or if you have questions), that we obtained the necessary consent from you for the activity in question. They also aid in managing preferences – for example, to ensure we don’t accidentally email someone who has unsubscribed, we reference these consent logs.
• Preference Management & Withdrawal of Consent: Consent is not a one-time, irrevocable decision. You have the right to change or withdraw your consent at any point, and we provide mechanisms to do so easily. If you previously consented to receive marketing emails, you can later unsubscribe (withdraw that consent) through the methods described in Section 4. If you consented to certain cookies, you can later adjust your cookie settings or use browser controls to revoke that consent (Section 6 below). If you agreed to our Terms and no longer wish to be bound, your remedy would generally be to stop using the Site (though note that you would still be bound for past transactions already completed). We honor all revocations of consent promptly. Withdrawing consent will not retroactively affect actions already taken while the consent was in effect, but it will stop future use or communication that relies on that consent. For example, if you unsubscribe from our newsletter, we won’t send new marketing emails, but we cannot “unsend” emails that were already sent while you were subscribed. We make efforts to ensure that changing your preferences is as easy as giving consent in the first place. Our emails and cookie banner include direct links to manage your settings, and you can always contact us for help. In compliance with privacy regulations, if a law grants you a specific right to revoke consent or opt out (such as the CCPA/CPRA giving California consumers the right to opt out of sale/sharing, or GDPR/VCDPA giving the right to withdraw consent at any time), we will uphold those rights. Your ability to withdraw consent at any time is a key privacy principle that we respect[11].

In summary, New York Watch Outlet keeps verifiable consent logs and provides user-friendly tools for you to view or change your preferences. We believe in transparency and control: you should know what you agreed to and be able to say “no” later if you wish. Our team periodically reviews our consent records and procedures to ensure ongoing compliance and to address any issues (for instance, if someone unsubscribed but still got an email, we would investigate our systems to fix any glitch). We also maintain these records to comply with any legal obligations to demonstrate consent (for example, certain laws or potential audits require proof that individuals on a mailing list opted in – we have that proof on file[12]). From a business perspective, these records serve as an important safeguard: if any question or dispute ever arises about whether you agreed to a particular term or communication, we can refer to our records as conclusive evidence of your consent. Rest assured, we treat your consents and preferences with the same care as we treat your personal data – with security and respect for your privacy.

6. Cookie Consent and Tracking Technologies

Like most e-commerce websites, our Site uses cookies and similar tracking technologies to provide functionality, analyze traffic, and deliver a personalized experience. However, we do not set non-essential cookies on your browser without your consent. We have implemented a cookie consent banner/system to manage this process in a compliant and user-friendly way:

• Cookie Consent Banner: When you first visit our Site, you will see a cookie notice or banner that informs you about our use of cookies. This banner lets you choose your cookie preferences. Typically, you will have the option to either “Accept All” cookies (consenting to all categories of cookies we use, such as analytics and advertising cookies), “Reject All” non-essential cookies (while still allowing strictly necessary cookies that are needed for the website to function), or “Customize/Preferences” to select which types of cookies you want to allow. We categorize cookies (for example, into Essential, Functional, Analytics, Advertising, etc.) and provide information about each category’s purpose (see our Privacy Policy for more details on the types of cookies and trackers we use and what they do). Non-essential cookies (like those used for analytics or advertising) will not be deployed unless and until you give consent via the banner or settings. Our cookie banner is designed to be conspicuous and to obtain clear affirmative consent in jurisdictions where required. Even if not required by every law in the U.S., we believe giving you control over cookies is good practice and builds trust.
• Changing Preferences: You can change your cookie preferences at any time. If you accepted certain cookies and later change your mind, you can usually re-open the cookie preferences (for example, via a “Cookie Settings” link in our website footer or by clearing your cookies to trigger the banner again) and modify your choices. You can also use your browser settings to delete or block cookies. Most modern browsers allow you to refuse cookies or delete them — just note that if you disable cookies entirely (especially essential ones), some parts of our Site might not work properly (for example, the shopping cart might not remember your items). We do not currently respond to legacy “Do Not Track” browser signals (which are different from the newer Global Privacy Control signals discussed below), because there is no broadly agreed standard for DNT. However, we do provide the controls described here for you to manage tracking.
• Global Privacy Control & Opt-Out Signals: We honor global opt-out signals such as Global Privacy Control (GPC) for cookies and data sharing, to the extent these signals are recognized by law. GPC is a browser or extension setting that, when enabled, broadcasts a “do not sell or share my data” preference to websites you visit. Under California law, businesses are required to treat a user-enabled GPC signal as a valid request to opt out of the sale or sharing of personal information[13]. We fully comply with this: if we detect a GPC signal from your browser, our Site will automatically treat it as if you opted out of any “sale” of personal data and out of any targeted advertising cookies or trackers. In practice, that means we will not set advertising cookies or share your data with third-party advertising partners for that session, unless you later explicitly override the signal by providing consent. You do not need to click anything – the browser signal itself is sufficient, per California’s requirements. Additionally, other states have begun to require recognition of similar universal opt-out mechanisms. Notably, the Colorado Privacy Act requires that, starting July 1, 2024, covered businesses must recognize and honor opt-out preferences communicated by a universal opt-out mechanism (which includes browser signals like GPC)[14]. The Colorado Attorney General has even identified GPC as an approved mechanism for this purpose. We hereby affirm that we will honor legally recognized browser signals for privacy preferences in any state: this includes California’s and Colorado’s requirements, and we will extend the same courtesy to any global opt-out signals recognized in other jurisdictions as well. In short, if your browser is broadcasting a known “do not sell/share” or opt-out signal, our systems will interpret and honor it – we consider it as an opt-out of cookies for targeted advertising and an opt-out of any sale of personal data. We want to give users seamless privacy control without needing to click through banners if they’ve already expressed a preference via their browser.

Even with a global signal, you can still manually manage cookies on our site if you choose. The global signal just sets a baseline (opt-out) which we will not override unless you actively consent. For example, if GPC is on and you visit our site, you might automatically be opted out of advertising cookies; but you could still choose to opt in to them via our banner if you wished (though few would do that unless intentionally toggling settings). If you have any questions about how our cookie consent tools work or encounter any issues (like the banner not appearing), please contact us and we’ll assist. Our goal is to be fully transparent and compliant with all cookie consent requirements and to give you meaningful control over what data is collected about you online.

7. Ongoing Compliance and Future Practices

New York Watch Outlet is committed to keeping our user consent practices up-to-date with the latest laws and best practices. The digital landscape and legal requirements can evolve, so we proactively “future-proof” our policies and systems as much as possible. Here’s what you can expect going forward:

• Adaptation to New Laws: We closely monitor developments in privacy and marketing laws across the United States (and, where relevant, globally). Our consent and opt-in practices will be adjusted as needed to remain fully compliant with all applicable laws, including federal laws like the CAN-SPAM Act (for email) and the TCPA (for SMS/telephone marketing), as well as state laws such as the California Consumer Privacy Act (including the CPRA amendments), the Colorado Privacy Act, the Virginia Consumer Data Protection Act, and similar laws in other states that may come into effect. For example, if a new state law creates a requirement for a specific form of consent or a new opt-out right, we will implement those requirements for residents of that state (and often, we adopt such measures universally for simplicity and consistency). We already ensure that consent in all cases is “opt-in” (affirmative) where required – note that some laws like Virginia’s VCDPA specifically mandate opt-in consent for processing sensitive personal data[15][16], and we will always obtain necessary consent before processing sensitive information if that ever applies to our business. We also provide opt-out mechanisms for activities like targeted advertising and sale of data as required by laws (you can find those in our Privacy Policy and in sections above on cookie signals). Our team maintains consent logs and procedures not just for our own use, but also so we can demonstrate compliance if audited or asked by regulators. We consider compliance an ongoing effort; as regulations change or new guidance is issued, we will update our practices and this policy accordingly. We want our customers to have peace of mind that when you interact with our Site, your rights are protected by design.
• Future Channels and Technologies: This policy is intended to cover our current methods of obtaining consent (web checkout, emails, cookies, etc.), but if we introduce new methods of outreach or data collection, we will apply the same core principles. For instance, if in the future we launch a mobile app and want to send push notifications, we will ask for your permission via the app’s notification settings before sending promotional pushes. If we start a loyalty program or refer-a-friend program that involves new uses of your data, we will present clear terms and opt-in choices for those. Any new marketing channel (such as SMS, as discussed; or perhaps marketing via social media messaging) will be used on an opt-in basis only. We will also ensure any new technology (like if we ever use facial recognition in-store, hypothetically) would only be used with proper notice and consent, in compliance with applicable laws. In essence, no matter how our business or technology evolves, your ability to know about it and consent to it (or decline) will remain a priority.
• Transparency and Notifications: We will keep you informed about significant changes in our user consent practices. If we materially change how we obtain or use consent, we will update this policy and change the “Last Updated” date. In some cases, we may also provide a more prominent notice – for example, a banner on our website or an email notification – especially if the change involves something new like a different type of communication. We encourage you to review our Privacy Policy and this Consent & Opt-In Policy from time to time, so you stay aware of how we’re collecting and using your information with respect to consent. If you ever have a question about whether something requires your consent or how to withdraw consent for something, please reach out to us (see Contact Us below). We value open communication with our customers.
• Legal Protection and User Empowerment: This policy not only protects you as a consumer by informing you of your rights and our practices, but it also helps protect our company by ensuring we have proper consent (which reduces the risk of legal violations or customer dissatisfaction). We have crafted this policy to be in line with best practices for Shopify-based online stores and general e-commerce standards, meaning we follow the typical frameworks that Shopify merchants use for obtaining cookie consent, email sign-ups, etc., enhanced by the specific compliance measures needed for U.S. privacy laws. By adhering to these practices, we aim to provide a safe and trustworthy shopping environment. We want you to feel comfortable shopping with us, knowing there won’t be surprises like hidden terms or unwanted spam – everything we do is with permission. This approach is not just about legal compliance, but about earning and maintaining your trust.

In summary, New York Watch Outlet will continue to prioritize user consent and privacy in all our present and future endeavors. We stand by a simple principle: your data and communication preferences belong to you. We will only use your data or contact you in ways that you have agreed to, and we make opting out or saying “no thanks” just as easy as opting in. As laws evolve to give consumers even more control (such as global opt-out signals, new privacy rights, etc.), we are on board and often ahead of the curve in implementing those controls. Our commitment is that consent is not a mere formality for us – it’s an integral part of how we operate our business ethically and transparently.

8. Contact Us

If you have any questions, concerns, or requests regarding this User Consent and Opt-In Practices policy or about how New York Watch Outlet handles your preferences, please do not hesitate to contact us. We are here to help and ensure that your rights are respected.

Business Address: 888C 8th Avenue, Unit 122, New York, NY 10019, USA
Email: Info@newyorkwatchoutlet.com

You may reach out to us by mail or email for any reason, including: asking for more information about our consent practices, requesting assistance with unsubscribing or adjusting your preferences, or to provide feedback. If you believe you gave consent in error or want to withdraw consent for something but are not sure how, simply contact us and we will gladly assist in resolving the issue. We aim to respond to inquiries promptly and at least within any timeframe required by law.

Thank you for reading our User Consent and Opt-In Practices policy. Your privacy choices matter to us. We are dedicated to providing a transparent, secure, and user-centric experience as you shop for your new timepiece. By empowering you with control over what you agree to and what you receive from us, we hope to build a long-lasting relationship of trust. Happy shopping, and please let us know if there’s anything we can do to further improve your experience!

Sources:

• Freiberger Haber LLP – “Terms of Service in ‘Clickwrap’ Agreement Sufficient to Bar Negligence Claim” (discussion of enforceability of online clickwrap agreements under NY law)[1][2].
• SmartReach Blog – “How to Get Email Marketing Consent the Right Way in 2025” (email consent best practices, emphasizing no pre-checked boxes and record-keeping)[4][10].
• SmartReach Blog – CAN-SPAM Act Requirements (U.S. email law mandates clear unsubscribe in emails)[5].
• ActiveProspect – “TCPA Text Messages: Rules and Regulations Guide for 2025” (explains that prior express written consent is required for marketing texts and that every message must allow opting out by replying “STOP,” with opt-outs processed within 10 days)[8][9].
• ActiveProspect – TCPA Compliance and Record-Keeping (importance of maintaining detailed consent records including date, method, and content of consent)[17].
• Global Privacy Control – Official Site (noting that the CCPA/CPRA requires businesses to honor the GPC signal as a valid opt-out of sale/sharing of personal information)[13].
• Colorado Attorney General – Colorado Privacy Act Rules (universal opt-out mechanism requirements effective July 1, 2024, and recognition of GPC as an approved signal)[14].
• Virginia Consumer Data Protection Act – § 59.1-575 (requirement for opt-in consent to process sensitive personal data).

10. Do Not Sell or Share My Personal Information

Last Updated: August 23, 2025

This Do Not Sell or Share My Personal Information policy explains how Double M Merchandise Inc. (doing business as “New York Watch Outlet,” “we,” “us,” or “our”) provides you with the ability to exercise your right to opt out of the sale or sharing of your personal information. We provide this page in accordance with applicable U.S. privacy laws, including the California Consumer Privacy Act (as amended by the CPRA), the Colorado Privacy Act, and the Virginia Consumer Data Protection Act, among others.

We do not sell personal information for money. However, like many online businesses, we may share certain information with analytics and advertising partners (such as cookie identifiers and browsing behavior) to deliver insights or tailored advertising. Some state privacy laws classify this activity as a “sale” or “sharing” of personal information, even if no money is exchanged. For example, under California’s CPRA, sharing data with third parties for cross-context behavioral advertising can be considered “sharing” equivalent to a sale for opt-out purposes. We want to be transparent that if we use cookies or similar technologies for advertising or analytics, those could fall under these definitions.

If you are a resident of California, Colorado, Virginia, or another state with similar laws, you have the right to opt out of such sale or sharing of your personal information. We will not discriminate against you for exercising this right – meaning we will not deny you goods or services, charge you a different price, or provide a lesser quality of service just because you opted out of the sale or sharing of your data (except if a difference is permitted by law, such as if it's reasonably related to the value of your data, but we do not presently offer any data-based price differences).

How to Opt Out

You may exercise your right to opt out of the sale or sharing of your personal information in any of the following ways. Whichever method you choose, we will honor your request in accordance with applicable laws:

• Opt-Out Form (below): Complete and submit the form on this page. Once you click the “Submit Opt-Out Request” button, you will immediately see an on-screen confirmation message that your request has been received. We will not send follow-up emails or additional confirmations unless necessary. From that point, we will process your request in accordance with applicable law.
• Email: Send an email to Info@newyorkwatchoutlet.com with the subject line “Opt-Out Request.” In the body of the email, please state that you want to opt out of the sale or sharing of your personal information. If the email is successfully delivered to us, we will treat it as a valid opt-out request and process it. We generally will not send a confirmation email for opt-out requests (unless we need additional information to verify your identity or authority to make the request).
• Global Privacy Control (GPC): Enable the Global Privacy Control (GPC) signal in your browser or browser extension. Our website recognizes and honors GPC as a valid opt-out request (including as a universal opt-out mechanism under laws like the CPRA and Colorado Privacy Act). If we detect a GPC signal from your device, we will automatically treat it as a Do Not Sell or Share request for that browser/device, without you needing to do anything else. In practice, this means we will not sell your personal information or use/share it for targeted advertising purposes whenever the GPC signal is present.

Once you submit an opt-out request through any of the methods above, we will confirm receipt of your request by either: immediately displaying the on-screen confirmation (for form submissions), or relying on the successful delivery of your email (for email requests). We will then process your request within the timeframe required by law (generally within 45 days, with one possible 45-day extension if necessary). If we need more time, we will let you know within the initial 45-day period. If your request cannot be verified or must be denied due to a specific exception allowed by law, we will notify you via email (or through another appropriate channel) and provide additional information, including how you can appeal our decision if applicable.

Please note: Opting out of the sale or sharing of your personal information prevents us from selling your data or sharing it with third parties for targeted advertising going forward. It does not automatically delete the personal information we already maintain about you. If you also wish to request deletion of your personal information, or to exercise other privacy rights (such as the right to access or correct your data), please see our Privacy Policy – specifically Section 5: Your Rights and Choices – for more information on how to do so.

Opt-Out Request Form

If you choose to use our web form to submit your opt-out request, the form will ask for the following information so we can process your request:

Required Information:

• Full Name (First and Last Name)
• Email Address (the email associated with your interactions or orders with us)
• State of Residence (to help us determine which privacy laws apply to your request)

Optional Information:

• Phone Number (in case we need additional verification or to contact you about your request)
• Alternate Email or Order Number (this can help us locate your records if the primary email provided doesn’t match our files)
• Additional Details (a free-text field where you can provide any other information that might help us honor your request, such as a specific context in which you interacted with us)

Acknowledgment Checkbox:
☐ “I declare that I am the consumer (or the authorized agent of the consumer) whose information is subject to this request, and that the information provided is accurate.”

Submit Button:
“Submit Opt-Out Request”

When you fill out and send the form, we rely on the information you provide to identify your records and apply the opt-out. The acknowledgment checkbox is there to confirm that the request is coming from you (or an agent properly authorized by you) and that the information submitted is truthful. We take verification seriously to protect your privacy – in some cases, if we have reason to doubt the details provided, we may reach out for a bit more information (for instance, asking for confirmation of an order number or other identifier) just to make sure we correctly identify you in our system. However, we’ll never ask for sensitive information just to process an opt-out request. The details above are typically sufficient.

On-Screen Confirmation Message

After you submit the form, you will see the following message displayed on your screen to let you know your request was received:

“Your opt-out request has been received. We will process your request in accordance with applicable privacy laws. No further confirmation will be sent. Thank you.”

This message is your confirmation that we have logged your opt-out. As noted, we generally won’t send a separate email or communication after this – instead, we will simply ensure that your preferences are updated in our systems. If, for some reason, you do not see the confirmation message or are unsure whether your request went through, feel free to contact us using the information below, and we can verify for you.

Contact Us

If you have any questions or concerns about this Do Not Sell or Share My Personal Information policy, or if you need help submitting an opt-out request, you may contact us at any time. We are here to assist you and to ensure your privacy choices are respected.

Double M Merchandise Inc. (d/b/a New York Watch Outlet)
888C 8th Avenue, Unit 122
New York, NY 10019, USA
Email: Info@newyorkwatchoutlet.com

You can reach out by email or mail at the above contacts. Please include your name and a way to contact you back (if via mail, an email or phone) along with your question or issue. For example, if you have trouble with the opt-out form or want to confirm that your request was processed, let us know and we will gladly help. If we ever deny an opt-out request because we could not verify your identity or due to a legal exception, and you believe this is in error, contacting us is also the way to initiate an appeal of that decision (as required by laws like the VCDPA). We will review any appeal and respond within the timeframe the law specifies (generally 45 days). Our goal is to make the exercise of your privacy rights as straightforward and transparent as possible.

Compliance and Best-Practice Review

The revised User Consent and Opt-In Practices policy and Do Not Sell or Share My Personal Information policy above have been expanded to align with legal requirements and industry best practices. Below is a brief review of key compliance points and additional considerations to ensure these policies provide maximum legal protection and clarity:

• Affirmative Consent and Records: The User Consent policy now explicitly covers consent via checkout, contact forms, email sign-ups, and cookie usage, reflecting best practices such as unchecked opt-in boxes and clear notices. It emphasizes maintaining detailed consent records (timestamps, method, IP, etc.) and notes that these records serve as crucial evidence of user agreement[12]. This aligns with laws like the GDPR (if ever applicable) and general best practices for legal defense. We have strengthened the language to highlight that these records are a key legal safeguard in the event of disputes.
• Contact Form Consent: A new section on contact/inquiry forms has been added, ensuring that even general inquiries are covered by a consent notice. This is a best practice to avoid any ambiguity about using personal data submitted through such forms. It helps demonstrate compliance with transparency requirements (e.g., informing users how their data will be used) and ensures users are not surprised by follow-up communications.
• Continued Use = Acceptance: We added an explicit statement that continuing to use the Site after updates to policies constitutes acceptance of the revised terms. This “continued use” clause is standard in Terms and Conditions and is now mirrored in the consent policy to give the website owner flexibility to update policies and an argument that users are bound by those updates (provided changes are properly communicated). This clause is enforceable in many jurisdictions as long as users have notice[18], though material changes should still be highlighted.
• Opt-Out Rights and Mechanisms: The Do Not Sell/Share policy clearly outlines how users can opt out and affirms compliance with CCPA/CPRA, CPA, and VCDPA requirements. All required methods are provided: a web form, an email address, and recognition of the Global Privacy Control signal as a universal opt-out. The policy commits to honoring GPC automatically, which is explicitly required in California and Colorado[13][14]. The opt-out process timeline (45 days, plus 45-day extension if needed) and the inclusion of an appeal process for denied requests cover the obligations under Virginia’s VCDPA and Colorado’s CPA. We have also included a non-discrimination assurance, which is mandated by laws like CCPA/CPRA, ensuring users know they won’t be retaliated against for exercising opt-out rights.
• Clarification of “Sale” vs “Sharing”: The Do Not Sell/Share policy clarifies that while the company doesn’t sell data for money, certain data sharing for targeted advertising (like using advertising cookies or analytics) could be deemed a “sale” or “sharing” under modern privacy laws. It explicitly references the CPRA concept of “sharing” for cross-context behavioral advertising, thereby aligning the language with legal definitions. This transparency is important for legal compliance and user understanding, especially as many consumers might not realize analytics/ads could fall under “sale” in legal terms.
• Opt-Out Form Details and Verification: The opt-out form fields and the acknowledgment checkbox have been detailed, which is good for demonstrating that you obtain the necessary attestation from the consumer or their authorized agent. For full compliance, consider if any additional verification steps need to be mentioned: for instance, California requires that if an authorized agent submits a request, the business may ask for proof of authorization. The form’s checkbox covers this in principle (by having the agent declare they are authorized), but internally you should be prepared to request additional documentation if something seems amiss. As a best practice, the policy could state that if an authorized agent makes a request on behalf of a consumer, we may require proof of the agent’s written permission to ensure the request is legitimate. This is not explicitly added to the text above to avoid burdening the user with legalese, but it’s something to keep in your procedures.
• Appeals Process: The policy mentions that if a request is denied, an appeal process will be offered (in line with VCDPA and CPA requirements). We’ve ensured the Contact Us section notes that contacting us is the way to initiate an appeal. Internally, be sure you have a process to review appeals within 45 days (as Virginia requires) and to communicate the outcome. If you wanted to be extra transparent, you could add a sentence like, “If we deny your request, you have the right to appeal our decision by contacting us within a reasonable period. We will review and respond to appeals within 45 days as required by law.” However, the current language (“including appeal rights if applicable” and the invitation to contact us) is likely sufficient.
• Privacy Policy Alignment: These two policies are part of a broader privacy framework. It’s important that your main Privacy Policy (referenced in these documents) is fully up-to-date and includes: categories of data collected, purposes of use, categories of third-party sharing, and a comprehensive list of consumer privacy rights (access, deletion, correction, opt-out, non-discrimination, authorized agent, etc.)[19][20]. The ChatGPT Policy Info document recommended ensuring the Privacy Policy contains those elements, and we see references to “Privacy Policy – Section 5: Your Rights and Choices” which presumably covers access, deletion, correction, and contact methods. Double-check that the Privacy Policy explicitly covers the right to non-discrimination (the Do Not Sell page now does, but CCPA also requires it in the Privacy Policy itself), as well as instructions for using an authorized agent and how a consumer can submit requests (mail, email, web form), which you have partly implemented through these pages. Also confirm it lists the contact information for general privacy inquiries (which it likely does in “Contact Information” or similar section)[21].
• Other State Laws: In addition to CA, CO, VA, note that Connecticut and Utah enacted privacy laws in 2023 (Connecticut’s is similar to CO/VA in giving opt-out rights for sales/sharing and requiring an appeal process; Utah’s is somewhat more limited and doesn’t include sharing for ads in the definition of sale). Since you already choose to honor opt-out signals globally and apply practices universally, you are effectively covering Connecticut as well. It might be worth mentioning in your Privacy Policy or rights section that residents of other states (Connecticut, Utah, etc.) have applicable rights which you honor, even if not explicitly named. Your current language “or another state with similar laws” is a good catch-all that would include those states, so you are likely fine. Just ensure internally you’re aware of any nuance (e.g., Utah requires an opt-out for sale but not for targeted advertising unless for money, which you already don’t do; Connecticut requires recognizing opt-out preference signals by 2025, which GPC covers as you noted).
• Cookies and “Do Not Track”: The User Consent policy’s cookie section is thorough, including an explanation of not responding to legacy DNT signals and honoring GPC. This is in line with best practices and explicitly meets the CCPA/CPRA regulations that mandate acknowledgement of GPC. The policy also educates users on how to manage cookies and the impact of doing so, which is excellent for user experience and legal clarity (some state laws require describing these mechanisms in plain language, which you have done).
• Miscellaneous Best Practices: The tone of both policies is clear and accessible while still retaining legal rigor. They are formatted with headings and lists, making them easy to navigate. For direct website publishing, ensure that any cross-references (like “Privacy Policy – Section 5”) either link to the relevant section or are easily located by the reader. Maintaining the “Last Updated” dates and updating them whenever changes are made is important for transparency. It’s also wise to keep an archive or change log of policy versions in case you ever need to prove what version a user agreed to on a given date.

In conclusion, the policies above now incorporate all the major elements recommended in the guidance and current privacy laws. They require users to give explicit consent in all necessary places, document that consent for your protection, and inform users of their rights (with convenient methods to exercise them). With these enhancements – contact form consent, continued-use acceptance, robust opt-out tools, and strong record-keeping and compliance statements – New York Watch Outlet is well-positioned to defend itself legally and to provide users with clear choices.

Additional Recommendation: Continue to monitor legal developments (for example, any new federal privacy law or additional state laws). Privacy regulations are evolving, and maintaining a proactive stance (as reflected in your Ongoing Compliance section) will ensure you remain ahead of the curve. At least annually, review these policies for any needed updates. For instance, if you begin using new marketing tools (say, a Facebook Pixel or other trackers), update the Privacy Policy and consent disclosures to include those and offer opt-outs. Likewise, if your business expands internationally, you may need to address GDPR or other international laws, but that’s beyond the current U.S. scope.

Overall, with the current revisions, your policies demonstrate a comprehensive, good-faith effort to comply with U.S. privacy laws and follow industry best practices, which not only reduces legal risk but also builds trust with your customers.

 

[1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17] 8. User Consent Mechanisms.docx

file://file-HpMuNpy6zZafJHKuJBz2RP

[18] [19] [20] [21] ChatGPT Policy Info.docx

file://file-XGFTboHXZdfPiHFsc3xYrC