SECTION 4 - SHOPIFY
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
INFORMATION WE COLLECT.
▪ Analytics. When you visit one of our Sites, we automatically collect the following types of information, some of which is anonymous: information about the devices you use to access the Internet (such as the IP address and the device, browser, and operating system type), URLs that refer you to our Sites and the dates and times of your visits, information on your shopping behavior on our Sites (e.g., page views, paths you take through our Sites, etc.), general geographic location information (e.g., country or city) that shows where you are when browsing our Sites, search terms that you enter to reach our Sites or enter on our Sites to find products, and the fact that you opened one of our emails. We utilize analytics services to help us track the efficacy of our Sites and help us learn more about our visitors’ shopping behavior.
▪ Social Media Features. Our Sites include social media features, such as the Facebook “Like” button and widgets, the “share this” widget, or interactive mini-programs that run on our site. These features may collect your IP address, which page you are visiting on our Site, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our Sites. Your interactions with these features are governed by the privacy statement of the company providing it.
▪ Web Beacons/Tags. We automatically collect aggregate anonymous information through web beacons. We may also deliver a file to you through the Sites (known as a “web beacon”) from an advertising network with which we have contracted. Web beacons allow advertising networks to provide anonymized, aggregated auditing, research and reporting for us and for advertisers.
▪ Log Files. As is true of most web sites, we gather certain information automatically and store it in log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. We may combine this automatically collected log information with other information we collect about you. We do this for troubleshooting and maintenance purposes.
We want to provide you with the best shopping experience on our Sites and in all channels that we manage (e.g., social media sites). We may use the information we collect in the following manner, including without limitation, to:
We do not rent or sell personally identifiable information to others. We may share information we collect with our business partners, advertising companies, and other third parties for the purposes described in this Policy. We occasionally make our mailing list (names and physical address only) and general shopping activity available to reputable third parties who follow the Direct Marketing Association’s privacy standards for the purpose of sending their own direct mail to you. We do not share email addresses with third parties for the purpose of sending their own emails to you. We contract with other companies to provide certain services, such as email distribution; shipping; name and address verification; market research; third-party advertising; and payment processing. These service providers are not authorized to use or disclose the information except as necessary to perform services on our behalf or comply with legal requirements.
In the event of a sale of some or all of our business or assets, or a merger with another business, or bankruptcy, we would share the pertinent customer information (which may include your personal information) with the other business entity (or entities) involved in the transaction by notifying you via email and/or a prominent notice on our Web site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
We may disclose specific information upon governmental request, in response to a court order, or when required by law to do so. We may also share information with companies assisting in fraud protection or investigation. We do not provide information to these agencies or companies for marketing or commercial purposes.
In the event we become aware that the security of the Sites has been compromised or users’ personally identifiable information has been disclosed to unrelated third parties as a result of external activity, including, but not limited to, security attacks or fraud, we reserve the right to take reasonably appropriate measures, including, but not limited to, investigation and reporting, as well as notification to and cooperation with law enforcement authorities. In the event of a data breach, we will make reasonable efforts to notify affected individuals if we believe that there is a reasonable risk of harm to the user as a result of the breach or if notice is otherwise required by law.