ARTICLE 1 – PERSONAL INFORMATION COLLECTED
When you make a purchase on our store, as part of our buying and selling process, we collect the personal information you give us such as your name, address and email address.
When you browse our store, we also automatically receive the Internet Protocol address (IP address) of your computer, which allows us to obtain more details about the browser and operating system you are using.
Email marketing (if applicable): With your permission, we may send you emails about our store, new products and other updates.
ARTICLE 2 - CONSENT
How do you get my consent?
When you provide us with your personal information to complete a transaction, verify your credit card, place an order, schedule a delivery or return a purchase, we assume that you consent to our collecting your information and using it to this end only.
If we ask you to provide us with your personal information for another reason, such as for marketing purposes, we will ask you directly for your express consent, or we will give you the opportunity to refuse.
How can I withdraw my consent?
If after giving us your consent, you change your mind and no longer consent to us contacting you, collecting your information or disclosing it, you can notify us by contacting us at firstname.lastname@example.org
ARTICLE 3 – DISCLOSURE
We may disclose your personal information if we are required by law to do so or if you violate our Terms and Conditions of Sale and Use.
ARTICLE 4 – SHOPIFY
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our services and products to you.
Your data is stored in Shopify's data storage system and databases, and in the general Shopify application. Your data is stored on a secure server protected by a firewall.
If you make your purchase through a direct payment gateway, then Shopify will store your credit card information. This information is encrypted in accordance with the Payment Card Industry Data Security Standard (PCI-DSS). Information relating to your purchase transaction is kept for as long as necessary to finalize your order. Once your order is finalized, the information relating to the purchase transaction is deleted.
All direct payment gateways are PCI-DSS compliant, managed by the PCI Security Standards Council, which is a joint effort of companies such as Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card data by our store and its service providers.
ARTICLE 5 – SERVICES PROVIDED BY THIRD PARTIES
In general, the third-party providers we use will only collect, use and disclose your information to the extent necessary to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies regarding the information we are required to provide to them for your purchase transactions.
With respect to these providers, we recommend that you read their privacy policies carefully so that you can understand how they will treat your personal information.
It should be remembered that some providers may be located or have facilities located in a jurisdiction different from yours or ours. So if you decide to proceed with a transaction that requires the services of a third-party provider, then your information may be governed by the laws of the jurisdiction in which that provider is located or those of the jurisdiction in which its facilities are located.
For example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, the information belonging to you that was used to complete the transaction may be disclosed under the laws of the United States. United States, including the Patriot Act.
You may be required to leave our website by clicking on certain links on our site. We assume no responsibility for the privacy practices exercised by these other sites and recommend that you read their privacy policies carefully.
ARTICLE 6 – SECURITY
To protect your personal data, we take reasonable precautions and follow industry best practices to ensure that it is not lost, misused, accessed, disclosed, altered or destroyed inappropriately.
If you provide us with your credit card information, it will be encrypted using the SSL security protocol and stored with AES-256 type encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
SECTION 7 - TYPES OF DATA COLLECTED
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally identifiable information may include, but is not limited to:
* E-mail address
* First and last name
* Cookies and usage data
We may use your personal data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any or all of these communications by following the unsubscribe link or instructions provided in the emails we send.
We may also collect information about how our Services are accessed and used (“Usage Data”). This Usage Data may include information such as your computer's IP address (IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, time spent on these pages, device identifier and other diagnostic data.
COOKIE DATA TRACKING
Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use the full functionality of our Service.
Examples of cookies we use:
* Session cookies. We use session cookies to operate our service.
* Preference cookies. We use preferences cookies to remember your preferences and various settings.
* Security cookies. We use security cookies for security purposes.
We use the data collected for various purposes:
* To provide and maintain our service
* To notify you about changes to our service
* To provide customer support
* To gather analytics or valuable information so that we can improve our service
* To monitor the use of our service
* To detect, prevent and solve technical problems
* To provide you with news, special offers and general information about other goods, services and events which we offer which are similar to those which you have already purchased or requested, unless you have opted out of receiving such information
SECTION 8 - DATA SECURITY
The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. Although we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.
SECTION 9 - LEGAL BASIS FOR PROCESSING PERSONAL DATA UNDER THE GENERAL DATA PROTECTION REGULATION (GDPR)
WE MAY PROCESS YOUR PERSONAL DATA BECAUSE:
* We need to perform a contract with you or ship purchased products to you.
* You have given us permission to do so
* The processing is in our legitimate interests and it is not overridden by your rights
* For payment processing
* To comply with the law
* We will retain and use your personal data as necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.
SECTION 10 - YOUR DATA PROTECTION RIGHTS UNDER THE GENERAL DATA PROTECTION REGULATION (GDPR)
If you are from the European Economic Area (EEA), you have certain data protection rights. We aim to take reasonable steps to allow you to correct, amend, delete or limit the use of your personal data.
If you would like to be informed what personal data we hold about you and if you wish to have it removed from our systems, please contact us.
IN CERTAIN CIRCUMSTANCES, YOU HAVE THE FOLLOWING DATA PROTECTION RIGHTS:
* The right to access, update or delete the information we have about you. Whenever possible, you can access, update or request the deletion of your personal data directly in the settings section of your account. If you cannot perform these actions yourself, please contact us for assistance.
* The right of rectification. You have the right to have your information corrected if that information is inaccurate or incomplete.
* The right to object. You have the right to object to the processing of your personal data.
* The right of restriction. You have the right to request that we restrict the processing of your personal information.
* The right to data portability. You have the right to receive a copy of the information we have about you in a structured, machine-readable and commonly used format.
* The right to withdraw consent. You also have the right to withdraw your consent at any time where we relied on your consent to process your personal information.
Please note that we may ask you to verify your identity before responding to such requests.
You have the right to complain to a data protection authority about our collection and use of your personal data. For more information, please contact your local data protection authority in the European Economic Area (EEA).
ARTICLE 11 – AGE OF CONSENT
By using this site, you represent that you are at least the age of majority in your state or province of residence, and that you have given us your consent to allow any minor in your charge to use this website.
If our store is acquired by or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, file a complaint, or simply want more information, contact our Privacy Compliance Officer at email@example.com