SECTION 1 - WHAT DO WE DO WITH YOUR INFORMATION?
When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address.
When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
Email marketing (if applicable): With your permission, we may send you emails about our store, new products and other updates.
SECTION 2 - CONSENT
How do you get my consent?
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at firstname.lastname@example.org.
SECTION 3 - DISCLOSURE
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
SECTION 4 - SHOPIFY
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service here or Privacy Statement here.
SECTION 5 - THIRD-PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
SECTION 6 - SECURITY
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
SECTION 7 - COOKIES
Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
SECTION 8 - AGE OF CONSENT
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at email@example.com.
(Modified 5/1 for GDPR Compliance)
Trunk Up takes the privacy of its users seriously, and We strive to comply with all national and global privacy regulations. The Company has adopted guidelines for our user relationships designed to respect the privacy and preferences of our users.
What Type of Information Do You Collect?
We only collect information that is provided with 1) consent, or 2) a legal basis, namely, a legitimate interest. Personal information collected by the Company may include:
- Name, postal address, phone number, social media account links, and e-mail address.
- Financial account information, such as credit card number and other payment information. Please note, We do not retain credit card information, as it is processed through a third-party server, [STRIPE, PAYPAL, AMAZON PAYMENTS, ETC.]
We may also collect information about you such as:
- If you create an account – your username, password, and other demographic information that you provide.
- If you purchase from the Company – what you buy, how frequently you buy, and other products you look at.
- If you opt-in for an email freebie our sign up for mailing list – your email address, interests as indicated by “checking the box,” your email opening rate, and your “click through” rate.
- If you connect your account to another service such as Facebook, Google, Amazon, Twitter, Teachable, Disqus, Pinterest, the other service may send us your registration or profile information on that service that you authorize. This information enables cross-platform data sharing to improve your user experience.
- Any of your personal data identified in this policy where necessary for the establishment, exercise or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure, namely for the protection and assertion of our legal rights, your legal rights and the legal rights of others.
How Do You Collect Data?
We may 1) collect data you submit to us through forms, check out modules, or other methods, or 2) automatically collect website use information when you visit our website, by utilizing cookies, Local Shared Objects, and web beacons.
Cookies are small data files stored on your hard drive by a website to, among other things, help us improve our site and your experience. In addition, this site uses targeting or advertising cookies to count visits to our site and to see which topics, products, and features are popular to our users. These cookies are used by third parties such as social networks and advertisers to collect information about your browsing habits and share it with other websites so they can display advertising relevant to you, provide services, and to allow “Like” buttons and “Share” buttons to work. Most browsers feature an “opt out” of cookie collection, and you can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. The methods for doing so change from browser to browser, and from version to version. You can obtain up-to-date information about blocking and deleting cookies via these links:
- https://support.google.com/chrome/answer/95647?hl=en (Chrome);
- https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences (Firefox);
- http://www.opera.com/help/tutorials/security/cookies/ (Opera);
- https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer);
- https://support.apple.com/kb/PH21411 (Safari); and
- https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy (Edge).
In addition, to identify Local Shared Objects on your computer and adjust your settings, visit: http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager.html. The information We gather may include information about your Internet service provider, your operating system, browser type, domain name, Internet protocol (IP) address, your access times, the website that referred you to us, the Web pages you request, and the date and time of those requests.
The Company may also collect aggregated or anonymized usage data that does not personally identify you, but will provide us with information on site usage.
How Do You Use Information About Me, a User?
We use and processes information which We have either 1) consent, or 2) a legal basis to process, namely a legitimate interest. The Company may use the information We gather to:
- Administer our website and business, provide our services, ensure the security of our website and services, and maintain back-ups of our databases;
- Enable and monitor your use of the website;
- Communicate with you about your orders, purchases, accounts, and requests for information;
- Allow us to process orders, registrations, and customer service inquiries;
- Provide you with information about content, products, and services We offer, and advertise/ market relevant content, products, or services to you;
- Allow us to better service you in responding to your customer service requests;
- Administer a contest, promotion, survey or other site feature;
- Quickly process your transactions;
- Keep proper records of transactions;
- Send periodic emails regarding your order or other products and services; or to
- Comply with, enforce, defend, or indemnify our or any other party’s legitimate legal interest.
How is my Personal Information Secured?
Company maintains appropriate physical, technical and administrative security to help prevent the loss, misuse, unauthorized access, disclosure or modification of personal information. We use strong passwords to protect all accounts containing user data, and keep hard copies (if required) of user data confidential.
1)We use SSL certificates to protect your data.
We maintain updated apps, programs, and passwords, and monitor add-ons for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.
While We take these steps to protect your personal information as much as We reasonably can, no system or transmission of data over the Internet or any other public network, or any storage of data, can be guaranteed to be 100% secure. If you are concerned about your user data, please contact us at firstname.lastname@example.org
What happens if there is a data breach?
If there is a data breach, We will notify you by email within seven (7) days.
How Can I Update My Personal Information?
Company offers choices for you to update your personal information and the way We communicate with you. Here are some of the ways you can request changes:
Follow the opt-out instructions in promotional emails We send you.
Sign in to your account, if you have one, and visit the Account Settings section to manage your preferences and to update your personal information.
If you opt out of receiving promotional communications from us, We may still send you transaction-based communications, such as emails about your accounts or our ongoing business relations with the Company.
Users can opt out of interest-based advertising through:
- Twitter at https://support.twitter.com/articles/20170405
- Facebook at http://www.aboutads.info/choices/
- LinkedIn via the privacy control setting within their LinkedIn account, or,
- For all targeted interest-based advertising information, by using a tool like http://optout.aboutads.info
How does our site handle Do Not Track signals?
We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
Does Company Share Personal Information With Third Parties?
We do not disclose your personal information except in the limited circumstances described here. We may share information with any Company subsidiary or holding company, insurers, professional advisors, website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when it's release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property or safety, and for the establishment, exercise, or defense of legal claims, whether in court proceedings or an administrative out-of-court procedure.
We retain the email addresses of those who send us email, who purchase goods and services via our website, who register for access to our site, and who subscribe to our email newsletters. We retain these email addresses, along with other information you provide, in our mail list service, GetResponse We do not disclose these email addresses to third parties by “list sharing” or selling your information.
We sometimes work with third parties or our carefully selected advertisers (“Third Party Services”) to analyze user’s preferences, provide content, products, or services of interest to that user, or to collect data for conversion tracking (that is, what actions you take after you click on an ad). Third Party Services used on this website include:
- Shopify, Google Analytics, Pinterest, Instagram, Twitter.
Non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses. We use anonymous aggregated data about our customers or users to allow us to create marketing profiles, determine site metrics, provide up-to-date information to potential advertisers, and provide other support services.
How does your website interact with Google?
Google's advertising requirements can be summed up by Google's Advertising Principles. You can access these principals at https://support.google.com/adwordspolicy/answer/1316548?hl=en
We utilize the following Google Services:
- Remarketing with Google AdSense
- Google Display Network Impression Reporting
- Demographics and Interests Reporting
- DoubleClick Platform Integration
We may update this policy from time to time by publishing a new version on our website. You should check this page occasionally to ensure you are happy with any changes to this policy. We may notify you of significant changes to this policy by email.
Contact, Questions, and Feedback