SECTION 1 – WHAT DO WE DO WITH YOUR INFORMATION?
When you purchase something from our online store or other means, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address.
When you browse our online store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
Email marketing (if applicable): With your permission, we may send you emails about our store, new Products and other updates.
SECTION 2 – HOW LONG WILL YOU USE MY PERSONAL INFORMATION FOR?
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. In addition, this includes that we may retain personal information from closed accounts to comply with legal requirements, prevent fraud and resolve disputes. After it is no longer necessary for us to retain your personal information, we dispose of it securely according to our data retention and deletion policies.
When we determine the maximum retention duration of any personal data we hold we do so with regard to our legitimate interests to retain data, our obligation under the General Data Protection Regulation to minimise data we hold, the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law we may have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for a period of time after they cease being customers for tax purposes.
In some circumstances you can ask us to delete your data: see Request erasure in section 10. Your Legal Rights below for further information.
In some circumstances we may anonymize your personal information (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you
SECTION 3 – INTERNATIONAL TRANSFERS
Some of our external third parties are based outside the European Economic Area (EEA) so their processing of your personal information will involve a transfer of data outside the EEA.
Whenever we transfer your personal information out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal information to countries that have been deemed to provide an adequate level of protection for personal information by the European Commission. For further details, see European Commission: Adequacy of the protection of personal information in non-EU countries.
- Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal information the same protection it has in Europe. For further details, see European Commission: Model contracts for the transfer of personal information to third countries.
- Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal information shared between the Europe and the US. For further details, see European Commission: EU-US Privacy Shield.
Please contact firstname.lastname@example.org if you want further information on the specific mechanism used by us when transferring your personal information out of the EEA.
SECTION 4 – CONSENT
When you provide us with personal information to complete a transaction, verify your debit/credit card, place an Order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only. If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time, by contacting us at email@example.com
SECTION 5 – DISCLOSURE
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
SECTION 6 – DATA
Our store is an online e-commerce platform that allows us to sell our Products and services to you.
Your data is stored through a secure server behind a firewall.
SECTION 7 – THIRD-PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions. For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
SECTION 8– SECURITY
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your debit/credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
Most browsers automatically accept cookies, but you can modify your browser setting to decline cookies by visiting the Help portion of your browser’s toolbar. But note that some cookies may be necessary to allow you to use our web site and on-line store effectively.
SECTION 10 – YOUR LEGAL RIGHTS
Under certain circumstances, you have rights under data protection laws in relation to your personal data:
- Request access to your personal data.
- Request correction of your personal data.
- Request erasure of your personal data.
- Object to processing of your personal data.
- Request restriction of processing your personal data.
- Request transfer of your personal data.
- Right to withdraw consent.
If you wish to exercise any of the rights set out above, please contact us on firstname.lastname@example.org
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell Products to you.
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at (email@example.com).