Last Updated 10/28/2020
SECTION 1 - WHAT INFORMATION DO WE COLLECT ?
When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address.
When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
Email marketing (if applicable): With your permission, we may send you emails about our store, new products and other updates.
SECTION 2 - CONSENT
What is the nature and scope of my consent?
By providing us with personal information necessary to complete a transaction (e.g. verifying your credit card, placing an order, arranging for delivery or return), you give us limited consent to collect such information and use it for specific purposes connected with your transaction.
Before using any personal information you provide us for reasons unrelated to your purchase (e.g. advertising, marketing), we will first seek your expressed consent for such use and provide you with an opportunity to opt out and protect your personal information
How can I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at firstname.lastname@example.org
SECTION 3 - DISCLOSURE
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
SECTION 4 - SHOPIFY
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
SECTION 5 - THIRD-PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
SECTION 6 - SECURITY
To protect your personal information, we take reasonable precautions and follow commercially reasonable practices in the industry to help protect against improper access, use, alteration or destruction. If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
SECTION 7 – USAGE INFORMATION AND COOKIES
Our servers automatically collect the Internet Protocol (“IP”) address associated with your computer when you visit our website. We may also collect additional information such as a browser type and version, the operating system of your device and language, country, as well as areas in the website you visit most frequently and when (“Usage Information”). This information is used to help us administer the website, remember your preferences, and diagnose technical problems. We also analyze the information for aggregate trends about how our website is used and to help improve our website.
Third Party Cookies and Tracking:
We use third-party service providers to assist us in collecting and understanding usage information and serving advertising. Most browsers can be set to detect browser cookies and to let a user reject them, but refusing cookies may affect usability of our websites To learn more about browser cookies, including how to manage or delete them, refer to the “Tools,” “Help,” or similar section of your web browser.
As with most sites, we do not honor “do not track” signals transmitted by web browsers as there is no industry standard for implementing such programs. For more information about third-party advertisers and how to prevent them from using your information, visit the NAI’s consumer website at http://www.networkadvertising.org/choices or http://www.aboutads.info/choices/. If you do want to opt out using these tools, you need to opt out separately for each of your devices and for each web browser (such as Chrome, Edge Firefox, Safari or others) that you use on each device.
Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
SECTION 9 – NOTICE FOR CALIFORNIA RESIDENTS
California residents have certain rights with respect to their personal information. Before we may fulfill your requests, we are required by law to verify your identity in order to prevent unauthorized access to your data. This may involve [briefly explain how you will verify identity – refer to the CCPA guidance for more information].
Right to Know and Access Information: You may access information we maintain about you using the methods below. If we grant your request, we will provide you with a copy of the personal information we maintain about you in the ordinary course of business. This may include what personal information we collect, use, or disclose about you. We may not fulfill some or all of your request to access as permitted by applicable law.
Deletion of Information: You may request that we delete your personal information. Depending on the scope of your request, we may refrain from granting your request, as permitted by applicable law. For example, we may be legally required to retain your information in our business records. You may submit a deletion request using the methods provided below.
Authorized Agent: California residents may use an authorized agent to exercise a privacy right on their behalf. If you are an authorized agent acting on behalf of a California resident to communicate with us or to exercise a privacy right listed above, you must be able to demonstrate that you have the requisite authorization to act on behalf of the resident and have sufficient access to their laptop, desktop, or mobile device to exercise these rights digitally. To exercise rights on behalf of one of our users, please contact us at the contact information below with supporting verification information, which includes a valid Power of Attorney in the State of California, proof that you have access to the consumer’s interface, and proof of your own identify.
To Exercise Your Rights
Your exercise of the rights described in this section is subject to certain exemptions to safeguard the public interest (for example, prevention or detection of crime) and our interests (for example, maintaining legal privilege). We will try to comply with your request as soon as reasonably practicable in accordance with legal requirements. Requests to exercise these rights may be granted in whole, in part, or not at all, depending on the scope and nature of the request and applicable law. Where required by applicable law, we will notify you if we reject your request and notify you of any reasons why we are unable to honor your request.
Categories of personal information we collect:
- Online identifier, Internet Protocol address,
- Personal information under subdivision (e) of California Business and Professions Code Section 1798.80 that we may collect includes your name, address, phone number, and credit card number
- Internet or other electronic network activity information related to your use of our website.
- If you call us, we will collect identifiers such as your name, email address, and phone number.
- If you choose to send us a question regarding our products, we will collect your name and email address.
- Commercial information, including records of products purchased or considered, and purchasing histories or tendencies.
Categories of sources from which the personal information is collected:
We collect the personal information directly from you.
Business or commercial purpose for collecting or selling personal information:
We collect your personal information to operate the website, respond to your requests and for the following business purposes:
- Maintaining or servicing the website and providing customer service.
- Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.
- Debugging to identify and repair errors that impair existing intended functionality.
- Sending you marketing communications
- Inferences drawn from your use of our website are used to enable interest-based advertising.
Categories of third parties with whom we share personal information:
We may share your personal information – specifically your IP address, device ID or similar online identifier, with certain third parties, such as social networks and advertising networks. We use this information is used to personalize advertising you see after you’ve visited our website.
Specific pieces of personal:
- Name, address, email address if you choose to provide them
- Credit card number if you choose to make a purchase
Information we have collected:
- Internet Protocol address, device ID
- Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with our website.
California “Shine the Light” Rights
If you are a resident of California, you may request certain information regarding our disclosure of personal information (if any) for marketing purposes. To make such a request, please contact us at Adina's Jewels, 1416 Avenue M, STE 501, Brooklyn, NY 11230.
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at email@example.com or by mail at:
[Re: Privacy Compliance Officer]
1416 Avenue M
Brooklyn, NY 11230