Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser.
If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact on firstname.lastname@example.org
Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above.
CONSENT – AN OVERVIEW
How do you get my consent?
When you provide us with personal information to complete a transaction, verify your credit card or place an order, you consent us to collect your data and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will ask your specifically to opt in to hear from us.
How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time, by contacting us at email@example.com
Another way to do this, is to click ‘unsubscribe’ on the bottom of any email correspondence we send you that is not directly relating to an order you’ve placed with us.
RETENTION OF YOUR INFORMATION
We will not retain your information for any longer than we think is necessary.
Information that we collect will be retained for as long as needed to fulfil the purposes outlined in the ‘Use of my information’ section above, in line with our legitimate interest or for a period specifically required by applicable regulations or laws, such as retaining the information for regulatory reporting purposes.
When determining the relevant retention periods, we will take into account factors including:
- our contractual obligations and rights in relation to the information involved;
- legal obligation(s) under applicable law to retain data for a certain period of time;
- statute of limitations under applicable law(s);
- our legitimate interests where we have carried out balancing tests (see section on ‘How we use your personal information’ above);
- (potential) disputes; and
- guidelines issued by relevant data protection authorities.
Otherwise, we securely erase your information where we no longer require your information for the purposes collected.
Our store is hosted on Stripe. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Stripe data storage, databases and the general Stripe application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
Certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
We adopt robust technologies and policies to ensure the personal information we hold about you is suitably protected.
We take steps to protect your information from unauthorized access and against unlawful processing, accidental loss, destruction and damage.
Where you have chosen a password that allows you to access certain parts of the website, you are responsible for keeping this password confidential. We advise you not to share your password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will take steps to protect your information, we cannot guarantee the security of your data transmitted to the website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
Under data protection law, you may have a number of rights concerning the data we hold about you. If you wish to exercise any of these rights, please contact our Data Protection Officer using the contact details set out above. For additional information on your rights please contact your data protection authority and see below.
The right to be informed. You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this policy.
The right of access. You have the right to obtain access to your information (if we’re processing it). This will enable you, for example, to check that we’re using your information in accordance with data protection law. If you wish to access the information we hold about you in this way, please get in touch.
The right to rectification. You are entitled to have your information corrected if it is inaccurate or incomplete. You can request that we rectify any errors in information that we hold by contacting us.
The right to erasure. This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of certain of the information that we hold about you by contacting us.
The right to restrict processing. You have rights to ‘block’ or ‘suppress’ further use of your information. When processing is restricted, we can still store your information, but will not use it further.
The right to data portability. You have the right to obtain your personal information in an accessible and transferrable format so that you can re-use it for your own purposes across different service providers. This is not a general right however and there are exceptions. To learn more please get in touch.
The right to lodge a complaint. You have the right to lodge a complaint about the way we handle or process your information with the national data protection authority.
The right to withdraw consent. If you have given your consent to anything we do with your information (i.e. we rely on consent as a legal basis for processing your information), you have the right to withdraw that consent at any time. You can do this by contacting us. Withdrawing consent will not however make unlawful our use of your information while consent had been apparent.
The right to object to processing. You have the right to object to certain types of processing, including processing for direct marketing and profiling. You can object by changing your marketing preferences or disabling cookies as set out in the ‘Cookies’ and ‘Direct Marketing’ sections above.
AGE OF CONSENT
By using this site, you represent that you are at least the age of majority in your country of residence, or that you are the age of majority in your country of residence and you have given us your consent to allow any of your minor dependents to use this site.
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact us at firstname.lastname@example.org