This Policy is effective on September 10, 2020.
Updates to this Policy
We may make changes to this policy, and may apply any changes to information previously collected, as permitted by law. When we make material changes to this policy, we will notify you by posting the updated policy on our website, and we will update the effective date listed in the policy.
- [IMPORTANT INFORMATION AND WHO WE ARE]
- [THE DATA WE COLLECT ABOUT YOU]
- [HOW IS YOUR PERSONAL DATA COLLECTED?]
- [HOW WE USE YOUR PERSONAL DATA]
- [DISCLOSURES OF YOUR PERSONAL DATA]
- [DATA SECURITY]
- [DATA RETENTION]
- [YOUR LEGAL RIGHTS]
[IMPORTANT INFORMATION ABOUT WHO WE ARE]
This website is not intended for children and we do not knowingly collect data relating to children under the age of 18. If you believe that your child under the age of 18 has submitted personal information to us in connection with our website, and without prior verifiable parental consent, please contact us at firstname.lastname@example.org so that we can take appropriate steps for the removal of the data.
You can contact us by clicking here
To contact us: email@example.com
US Toll Free: +1 (877) 366-2188
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us. If any of your personal data changes, please email us at firstname.lastname@example.org.
[THE DATA WE COLLECT ABOUT YOU]
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
- Identity Data includes first name, maiden name, last name, username or similar identifier, marital status, title, and date of birth.
- Contact Data includes billing address, delivery address, email address and telephone numbers.
- Financial Data includes bank account and payment card details.
Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
- Usage Data includes information about how you use our website, products and services, including the full Uniform Resource Locators (URL), clickstream to, through and from our website (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number.
- Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, gender, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
If you fail to provide personal data
Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
[HOW IS YOUR PERSONAL DATA COLLECTED?]
We use different methods to collect data from and about you including through:
Direct interactions. You may give us your Identity, Contact and Financial Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
- search for a product;
- place an order on our website;
- create an account on our website;
- subscribe to our service or publications;
- request marketing to be sent to you;
- participate in discussion boards or other social media functions on our website;
- enter a competition, promotion or survey; or
- Give us feedback or contact us.
Third parties, social media platforms or other publicly available sources. We will receive personal data about you from various third parties and public sources as set out below:
Technical Data from the following parties:
(a) analytics providers such as Shopify, Google and Facebook based inside or outside the US;
(b) advertising networks such as Google or Facebook based inside or outside the US; and
(c) search information providers such as Google based inside or outside the US.
We may work with third-party companies for advertising purposes, including to: serve advertisements across the Internet; track and categorize your activity and interests over time on our website and mobile application, and on third-party websites and mobile applications; and to identify the different device(s) you use to access websites and mobile applications. We share information with these companies, and these companies may collect information—including automatically collected information when you use our website —through the methods described in the "How We Collect Information" section above. These third-party companies also may possess or obtain information about you from your interactions: directly with the third-party companies; with other websites, mobile applications, or companies that the third-party companies work with; or from your interactions with advertisements the third-party companies help to display to you. The information that these companies collect or that we share may be used to customize or personalize the advertisements that are displayed to you.
[HOW WE USE YOUR PERSONAL DATA]
We use the information that we collect to conduct our business and to provide you with the best possible products, services, and experiences. We also may combine any or all of the information that we collect or obtain. Examples of how we use information include:
- To provide you with products and services, such as to: fulfill your orders and process your payments; process, maintain and service your account(s) and memberships; and to provide you with products and services that we think you will like;
- To respond to you, such as when you: place an order; call us; make a request or inquiry; complete a survey; or share a comment or concern;
- For personalization of your experiences with us, including to: remember your interests and preferences; customize the products and services we share with you; track and categorize your activity and interests on our website and mobile application, including by identifying the different devices you use; and to enrich your experience in on our website;
- For analytics, such as to: understand how you use our website and mobile application; understand how you shop with us; determine the methods and devices used to access our website and mobile application; and improve our website and mobile application;
- For our business purposes, such as: to operate and improve upon our business and lawful business activities; to maintain our programs, accounts, and records; for research; to determine your satisfaction with our products and services; to detect and prevent fraud or misuse of our services; and for any other business purpose that is permitted by law;
- For legal and safety purposes, such as to: defend or protect us, our customers, you, or third parties, from harm or in legal proceedings; protect our rights; protect our security and the security of our customers, employees, and property; respond to court orders, lawsuits, subpoenas, and government requests; address legal and regulatory compliance; and notify you of product recalls or safety issues.
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. We have established the following personal data control mechanisms:
Promotional offers from us
We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).
You will receive marketing communications from us if you have requested information from us or purchased goods from us and you have not opted out of receiving that marketing.
We will get your express opt-in consent before we share your personal data with any third party for marketing purposes.
You can ask us or third parties to stop sending you marketing messages at any time by logging into the website and checking or unchecking relevant boxes to adjust your marketing preferences OR by following the opt-out links on any marketing message sent to you OR by contacting us at any time at email@example.com.
Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a product/service purchase, warranty registration, product/service experience or other transactions.
[DISCLOSURES OF YOUR PERSONAL DATA]
We may share your personal data with the parties set out below for the purposes set out in the table above.
External Third Parties, as that term is defined in the Glossary.
Other companies and organizations as may be necessary for the purposes of shipping products to you.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Information you input into our website such as your name, address and contact details are stored in our Shopify account platform. Your personal information will be stored by Shopify in their data storage, databases, and the Shopify application. Shopify stores all personal information on a secure server behind a firewall and is encrypted and secured.
Information you input into our website during the purchase and payment process is stored via checkout. All credit or debit card information is stored by checkout and cannot readily be accessed by us. Your personal information will be stored by checkout behind a firewall and is encrypted and secured.
If you purchase a product via the direct payment gateway Shopify and checkout will store your credit or debit card data. Your credit or debit card data is encrypted through the Payment Card Industry Data Security Standards Council (PCI-DSS). Your credit or debit card data will be deleted as soon as the product has been purchased and your order has been completed. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council which is a joint effort of brands like Visa, MasterCard, American Express and Discover. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data including your credit or debit card information, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
We do not store credit card details nor do we share financial details with any 3rd parties.
We will only retain your personal data for as long as reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.
In some circumstances we will anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
[YOUR LEGAL RIGHTS]
Under certain circumstances, you have rights under data protection laws in relation to your personal data. If you wish to exercise any of those rights, please contact firstname.lastname@example.org.
California Privacy Rights
California law entitles residents to ask us for a notice describing what categories of personal information we share with third parties for the third parties' direct marketing purposes. Unless you request us to or consent to us doing so, we not sell any personal information to third parties for their own direct marketing purposes. If you have questions about these practices, please contact us at email@example.com.
Again, if you wish to exercise any of the above rights (or any additional rights not enumerated here) please contact firstname.lastname@example.org. What we may need from you. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
External Third Parties
Service providers acting as processors who provide processing, IT and system administration services and where applicable Privacy Policies are hyperlinked:
Shopify Inc (‘Shopify’) host our Website. Shopify is a Canadian corporation with offices at 150 Elgin Street, Suite 800, Ottawa, ON, K2P 1L4. If you are in the European Economic Area, your personal data will be processed by Shopify’s Irish affiliate, Shopify International Ltd. Your personal data may be transferred by Shopify International Ltd to other regions, including to Canada and the United States.
FAFS : Customer service sub-contractor. We share our customer orders and information when a customer calls the service.