Privacy Policy

Dynacraft BSC, Inc., a Massachusetts corporation (together, “DYNACRAFT,” “We,” or “Us”) has created this privacy policy (“Privacy Policy”) to convey its commitment to privacy issues on the Internet. This Privacy Policy is a part of the Terms of Use for this website (“Site”). Capitalized terms used in this Privacy Policy and not otherwise defined shall have the meaning ascribed to them in the Terms of Use located on the Site.

THE PURPOSE OF THE PRIVACY POLICY IS TO DISCLOSE TO YOU WHAT TYPES OF INFORMATION DYNACRAFT COLLECTS, THE METHOD OF COLLECTING IT, WITH WHOM DYNACRAFT SHARES IT, AND CERTAIN OTHER MATTERS RELATING TO SUCH INFORMATION, INCLUDING THE CHOICES YOU HAVE REGARDING DYNACRAFT’S COLLECTION OF INFORMATION AND DYNACRAFT’S USE AND DISCLOSURE TO THIRD PARTIES OF INFORMATION DYNACRAFT MAY HAVE COLLECTED FROM YOU. PLEASE READ THE PRIVACY POLICY BELOW TO LEARN MORE ABOUT DYNACRAFT’S DATA COLLECTION POLICIES AND PRACTICES.

Types of Information Collected; Method of Collection. DYNACRAFT collects two types of information from visitors to the Site: 1.) personal data, including names and email addresses; and 2.) aggregated data, such as user traffic patterns for the Site.

INFORMATION COLLECTED

By Browsing. As you browse the Site, it collects log file, Internet protocol (IP) addresses of your computer, “cookies”1 (described below), web beacons, and other standard tracking data DYNACRAFT uses to evaluate Site traffic and usage patterns. Such information is aggregated with tracking data from all Site visitors.

By Site Requirement. Some portions of the Site may require you to give DYNACRAFT personally identifiable information such as your name, address, email address, transaction information, and/or other information by which DYNACRAFT may contact you.

By User’s Voluntary Submission. If you communicate with DYNACRAFT by email, or otherwise complete online forms, registrations, or surveys, any information provided in such communications may be collected as personal information.

Collection By Third Parties. DYNACRAFT relies upon NetSuite Inc. (“NetSuite”) to host the Site, and as a result, NetSuite may have access to personally identifiable information. NetSuite must operate and use personally identifiable information in a manner consistent with the current Privacy Policy, and is subject to contractual obligations to maintain this information as confidential, subject to certain exceptions. However, DYNACRAFT is not responsible for the privacy practices of NetSuite. Any questions regarding NetSuite and/or its privacy practices may be directed to: info@netsuite.com 1A “cookie” is a bit of data sent by the Site through your browser to your computer and enables the Site to return the results and preferences that you expect. DYNACRAFT uses temporary, session-specific cookies to ensure visits to the Site are smooth and tailored to your visit. DYNACRAFT does not use permanent or persistent cookies that remain on your computer after you leave the Site.

INFORMATION ON CHILDREN

DYNACRAFT is committed to protecting the privacy of children. When DYNACRAFT intends to process information from children, DYNACRAFT undertakes the following precautions pursuant to the Children’s Online Privacy Protection Act (“COPPA”):

A. About the Collection of Parent Email Addresses:

Consistent with the requirements of COPPA, in any instance where DYNACRAFT asks for age and determines the user is age 13 or under, DYNACRAFT will ask for a parent or guardian’s email address before collecting any personal information from the child. If you believe your child is participating in an activity that collects personal information and you or another parent/guardian have NOT received an email providing notice or seeking your consent, please feel free to contact DYNACRAFT at privacy@dynacraftwheels.com. DYNACRAFT will not use parent emails provided for parental consent purposes for marketing directed towards the parent, unless the parent has expressly opted in to email marketing or has separately participated in an activity that allows for such email contact.

B. The Information Collected From Children, How It is Used, and How and When DYNACRAFT Communicates with Parents:

Any time DYNACRAFT collects personal information, DYNACRAFT will retain such information only as long as reasonably necessary to fulfill a request, ensure the security of users and the Site, or as required by law. Should DYNACRAFT discover that it has collected personal information from a child inconsistent with the requirements of COPPA, DYNACRAFT will either delete such information or immediately seek parental consent for the collection of that information.

C. Persistent identifiers:

During interactions with children, certain information may be automatically collected for various business purposes. Examples include the child’s IP address, web browser, the frequency with which the child visits various parts of the Site, and the type of computer operating system. This information is collected using cookies, flash cookies, web beacons, and other unique identifiers. This information may also be collected by DYNACRAFT or a third party on behalf of DYNACRAFT. This data is principally used for internal purposes only, in order to:

• Customize content and improve the Site
• Conduct research and analysis to address the performance of the Site
• Generate anonymous reporting for use by DYNACRAFT

In the event DYNACRAFT collects (or allows others to collect) such information from children on the Site for other purposes, DYNACRAFT will notify parents and obtain consent prior to such collection.

D. Disclosure of Information to Third Parties:

DYNACRAFT may share or disclose personal information collected from children in a limited number of instances, including the following:

With service providers like software solutions, online security, and customer service. These companies are prohibited from using personal information for purposes other than those clearly defined by DYNACRAFT or required by law and DYNACRAFT has entered into written contracts to ensure this.

DYNACRAFT may disclose personal information if permitted or required by law, for example, in response to a court order or a subpoena. To the extent permitted by applicable law, DYNACRAFT may also disclose personal information collected from children (i) in response to a law enforcement or a public agency’s (including schools or children services) request; (ii) if DYNACRAFT believes disclosure may prevent the instigation of a crime, facilitate an investigation related to public safety or protect the safety of a child using the Site; (iii) to protect the security or integrity of the Site and other technology, as well as the technology of DYNACRAFT’s service providers; or (iv) enable DYNACRAFT to take precautions against liability.

Parents have the right to consent to the collection, use, and processing of their child’s personal information without also having to consent to the disclosure of that information to third parties as we do not share information with third parties other than as disclosed above.

HOW INFORMATION COLLECTED IS USED FOR CONSUMERS 13 OR OLDER

You do not have to share any personal information (like full name, e-mail address, home address, telephone number, etc.) to view the Site. The information collected by and through the Site is owned solely by DYNACRAFT. The information collected by and through the Site will be used solely by DYNACRAFT, its affiliated companies, or other entities that are involved in the operation of this Site for DYNACRAFT’s internal purposes and is not sold or transferred to third parties. DYNACRAFT may use the information collected and provided, individually or in an aggregate form, as follows:

to personalize the Site according to your preferences based on the aggregated information;

• to evaluate products and services DYNACRAFT may offer to you;
• to deliver a product or service you requested, or to confirm or fulfill an order or request you have made;
• to contact you about the Site;
• to monitor or improve the use of the Site;
• to customize the advertising and content you see;
• to monitor compliance with the Terms of Use for the Site;
• to provide special offers to you from DYNACRAFT and/or its affiliates and other third parties; and to send you promotional material on behalf of DYNACRAFT and/or its affiliates and other third parties.

We may also collect information from you offline, such as when you order a catalogue, participate in a sweepstakes or contest, or make a purchase at a store. We may obtain customer lists, demographic and other information about you from commercial sources.

DYNACRAFT also uses technology to collect certain information automatically, like your Internet Protocol (“IP”) address (which is the automatic number assigned to your computer by your Internet service provider when you surf the Web, or unique device identifier (“UDID”), international mobile equipment identity (“IMEI”), mobile equipment identifier (“MEID”) or media access control “MAC”) address; computer operating system (e.g., Microsoft Windows, Mac OS); your browser (e.g., Internet Explorer, Firefox); websites visited before or after you visit the Site; pages viewed and activities at the Site; and advertisements shown or clicked on.

A. What Personal Information Does DYNACRAFT Collect from Consumers 13 and Older?

DYNACRAFT does not collect any personal contact information from you when you visit the Sits unless it is voluntarily provided, for instance when signing a guest book, registering for contests, sweepstakes, community areas, downloads, or free demos, completing our online customer surveys or purchasing products. The personal information DYNACRAFT asks for is usually first and last name, mailing address, phone number and an e-mail address. DYNACRAFT may also ask you to help us understand your interests by providing demographic information, like age, gender, or ZIP code, or information on hobbies and interests.

WITH WHOM INFORMATION IS SHARED

At times, DYNACRAFT may share your personally identifiable information with others for various purposes. The following outlines the ways in which your information may be shared with others: Agents: DYNACRAFT may employ other businesses, certain services, and individuals to perform functions on DYNACRAFT’s behalf. A non-exhaustive list of examples includes fulfilling orders, sending e-mail, removing repetitive information from customer lists, Site analysis, analyzing data, providing marketing assistance, processing payments, and providing customer service. These agents may have access to personally identifiable information needed to perform their functions, but may not use it for other purposes. In an effort to protect you, these agents who have access to personally identifiable information either (a) must operate and use your personally identifiable information in a manner consistent with the current Privacy Policy, or (b) are subject to contractual obligations to maintain such information as confidential subject to certain exceptions. However, DYNACRAFT is not responsible for the privacy practices of these other companies.

Aggregate Information:

DYNACRAFT may share aggregate information such as demographics and Site usage statistics to other organizations. When this type of information is shared, the other parties do not have access to your personally identifiable information.

Opt-in and Opt-out Programs:

Throughout the Site you may be presented with opportunities to receive mailings from third parties or DYNACRAFT. An opt-in/opt-out message may ask you if you would like your information to be shared. If you do choose to have your information shared, please be aware that DYNACRAFT is not responsible for the privacy practices of these other companies, and you should review the privacy practices of such companies prior to providing your personally identifiable information. If you would not like your information to be shared with third parties, or if you would like to stop receiving mailings from third parties or DYNACRAFT, you may follow the instructions in the opt-out section below.

Third-Party Traffic Measurement Services:

The Site may use a third party to conduct traffic measurement services to analyze the traffic on the Site. Audience and traffic measurement services allow DYNACRAFT to collect anonymous traffic and behavior information from the Site by monitoring anonymous visitor activity. The traffic measurement services may themselves set and access their own cookies on your computer if you choose to have your cookies enabled in your browser. Other companies’ use of their cookies is subject to their own privacy policies, not this one.

DYNACRAFT Affiliates:

DYNACRAFT may share your information (including, without limitation, personally identifiable information) with affiliates of DYNACRAFT.

Business Transfers:

The Site, DYNACRAFT and/or an affiliate or division of DYNACRAFT may be sold along with its assets, or other transactions may occur in which your personally identifiable information is one of the business assets transferred. In such a case, your personally identifiable information, which DYNACRAFT has gathered, may be one of the business assets DYNACRAFT transfers.

Legal Process:

In the event DYNACRAFT is required to respond to subpoenas, court orders, or other legal process your personally identifiable information may be disclosed pursuant to such subpoena, court order, or legal process, which may be without notice to you.

Security and Encryption:

Technical and administrative measures are implemented to help protect personally identifiable information and other data on DYNACRAFT’s servers from unauthorized access, loss, or alteration. However, no server or transmission over the Internet can be guaranteed to be one hundred percent secure and whatever you transmit or disclose online can be collected and used by others or unlawfully intercepted by third parties. Therefore, any activity or communication is conducted at your own risk.

Third Party Links, Web Sites, and Cookies:

The Site contains external links to other websites. DYNACRAFT has no control over, and is not responsible for, the content of, or information gathered by, these other websites. Any personally identifiable information collected by such third parties is subject to such third parties’ privacy policy. DYNACRAFT does not endorse any of these websites or the products or services associated with such websites merely because they are linked to the Site.

Additionally, DYNACRAFT may use advertising companies to develop banner ads for the Site. These ads may contain cookies. These companies collect cookies sent to your browser through the banner ads and DYNACRAFT does not have control or access to this data.

Notification of Changes:

DYNACRAFT reserves the right, at any time and without notice, to add to, change, update, or modify the Privacy Policy, simply by posting such change, update, or modification on the Site. Any such change, update, or modification will be effective immediately upon posting on the Site. If at any point DYNACRAFT decides to use personally identifiable information in a manner different from that stated at the time it was collected, DYNACRAFT may notify you by way of an email or some other means. Your continued use of the Site shall constitute your acceptance of such revised Privacy Policy. Since this Privacy Policy may change from time to time, you should review it periodically and specifically before you provide any additional personally identifiable information.

Your Acceptance of these Terms:

By using the Site you signify your acceptance of the terms of the Privacy Policy. If you do not agree to the terms of the Privacy Policy, please do not use the Site, products, and/or services and exit the site immediately.

Data Handling Policy for Amazon Information:

"Amazon Information" means any information that is exposed by Amazon through the Marketplace APIs, Seller Central, or Amazon's public-facing websites. This data can be public or non-public, including Personally Identifiable Information about Amazon customers.

"Customer" means any person or entity who has purchased items or services from Amazon's public-facing websites.

"Seller" means any person or entity selling on Amazon's public-facing websites.

Dynacraft (referred to as “we” throughout this policy) are committed to protecting and respecting seller and customer privacy and keeping personal information secure.

This policy set out:

• Details of the personal information that we may collect from you/Amazon (on your behalf);
• Information about how we process, store, use, share, dispose your information (i.e. Data Protection and Privacy);

Please read this policy carefully to understand our views and practices regarding your personal data and how we treat it.

Who is this policy addressed to?

When we refer in this policy to ‘User’ we are referring to a user of our services through our portal/ website. 

Information we may collect from you

We may collect and process the following data about you:

1. On your behalf from E-commerce Channels:We collect information from E-commerce channels through API authorized by user on our portal/website. We only collect information required to process the data/information through our portal/website i.e. Order details, Invoice details, returns details, payment details, tax related details. We don’t collect personal information of customers i.e. Name, Mobile no., Address 1 & Address 2 etc. We strongly believe in data privacy of your customers.
2. User company details/user details using our system and billing details of your organization

How we store/share/dispose your information (Data Protection and Privacy):

1. Data Governance.Our privacy and data handling policy governs the appropriate conduct and technical controls applied in managing and protecting information assets. We keep inventory of software and physical assets (e.g. computers, mobile devices) with access to PII, and update regularly. A record of data processing activities such as specific data fields and how they are collected, processed, stored, used, shared, and disposed for all PII Information should be maintained to establish accountability and compliance with regulations. We, according to the privacy policy, can rectify, erase, or stop sharing/processing the customers’ information where applicable.
2. Encryption and Storage.All PII is encrypted at rest using industry best practice standards AES-256. The cryptographic materials (e.g., encryption/decryption keys) and cryptographic capabilities used for encryption of PII at rest is only accessible to the processes and services. PII is not stored in removable media (e.g., USB) or unsecured public cloud applications (e.g., public links made available through Google Drive). Any printed documents containing PII should be securely disposed.
3. Least Privilege Principle.We have implemented fine-grained access control mechanisms to allow granting rights to any party using the Application (e.g., access to a specific set of data at its custody) and the Application's operators (e.g., access to specific configuration and maintenance APIs such as kill switches) following the principle of least privilege. Application sections or features that vend PII must be protected under a unique access role, and access should be granted on a "need-to-know" basis.
4. Logging and Monitoring.We gather logs to detect security-related events (e.g., access and authorization, intrusion attempts, configuration changes) to the Application and systems. We implement this logging mechanism on all channels (e.g., service APIs, storage-layer APIs, administrative dashboards) providing access to Amazon Information. All logs must have access controls to prevent any unauthorized access and tampering throughout their lifecycle. Logs themselves should not contain PII and must be retained for at least 90 days for reference in the case of a Security Incident. We have mechanisms to monitor the logs and all system activities to trigger investigative alarms on suspicious actions (e.g., multiple unauthorized calls, unexpected request rate and data retrieval volume, and access to canary data records). We should perform investigation when monitoring alarms are triggered, and this should be documented in the Incident Response Plan.
5. Network Protection.We have implemented network protection controls to deny access to unauthorized IP addresses and public access must be restricted only to approved users.
6. Access Management.We assign a unique ID to each person with computer access to Amazon Information. Persons with access to data don’t create or use generic, shared, or default login credentials or user accounts. We review the list of people and services with access to Amazon Information on a regular basis (at least quarterly) and remove accounts that no longer require access. We restrict employees from storing Amazon data on personal devices. We maintain and enforce "account lockout" by detecting anomalous usage patterns and log-in attempts and disabling accounts with access to Amazon Information as needed.
7. Encryption in Transit.We encrypt all Amazon Information in transit (e.g., when the data traverses a network, or is otherwise sent between hosts). This is accomplished using HTTP over TLS 1.2 (HTTPS). We enforce this security control on all applicable external endpoints used by customers as well as internal communication channels (e.g., data propagation channels among storage layer nodes, connections to external dependencies) and operational tooling. We disable communication channels which do not provide encryption in transit even if unused (e.g., removing the related dead code, configuring dependencies only with encrypted channels, and restricting access credentials to use of encrypted channels). We use data message-level encryption where channel encryption (e.g., using TLS) terminates in untrusted multi-tenant hardware (e.g., untrusted proxies).
8. Incident Response Plan.We have and maintain a plan to detect and handle Security Incidents. Such plan identifies the incident response roles and responsibilities, defines incident types that may impact Amazon, defines incident response procedures for defined incident types, and defines an escalation path and procedures to escalate Security Incidents to Amazon. We review and verify the plan every six (6) months and after any major infrastructure or system change. We investigate each Security Incident, and document the incident description, remediation actions, and associated corrective process/system controls implemented to prevent future recurrence.

We will inform Amazon via email 3p.security@amazon.com within 24 hours of detecting any Security Incidents.

9. Request for Deletion or Return. We, within no more than 72 hours after Amazon's request, permanently and securely delete (in accordance with industry-standard sanitization processes, e.g., NIST 800-88) or return Amazon Information upon and in accordance with Amazon's notice requiring deletion and/or return. We also permanently and securely delete all live (online or network accessible) instances of Amazon Information within 30 days after Amazon's notice.

Local laws may also grant you additional rights. For example, California law may permit you to request that we:

Provide you the categories of personal information we have collected or disclosed about you in the last twelve months; the categories of sources of such information; the business or commercial purpose for collecting or selling your personal information; and the categories of third parties with whom we shared personal information.

• Provide access to and/or a copy of certain information we hold about you.
• Delete certain information we have about you.

You may also have the right to receive information about financial incentives that we may offer, if any. You have the right to not be discriminated against (per applicable law) for exercising certain of your rights. Certain information may be exempt from such requests under applicable law and we may need certain types of information to provide service or goods to you.

If would like to exercise any of these rights, please submit a request to service@dynacraftwheels.com.  You will be required to verify your identity before we fulfill your request.

California residents may opt out of the “sale” of their personal information. Dynacraft does not “sell” your personal information as we understand that term to be defined by the California Consumer Privacy Act and its implementing regulations, and we have not sold your personal information in the past twelve months.

 Corrections, Updates, and Opting-Out:

You have the option of reviewing, correcting, updating, modifying, and deleting your personally identifiable information at any time and as often as desired. This can be done by sending an opt-out message in an email to DYNACRAFT at cusomercare@dynacraftwheels.com.

Unfortunately, to the extent that such information is also stored in other databases, we cannot always ensure that such corrections or deletions will reach the other databases. We will use all reasonable efforts to ensure that your information is removed from or corrected in DYNACRAFT’s records.

If you have any questions about this Privacy Policy or the privacy practices of this Site, contact customercare@dynacraftwheels.com.

Contact

After reviewing this policy, if you have additional questions, want more information about our privacy practices, or would like to make a complaint, please contact us by e-mail at customercare@dynacraftwheels.com

Collecting Personal Information

When you visit the Site, we collect certain information about your device, your interaction with the Site, and information necessary to process your purchases. We may also collect additional information if you contact us for customer support. In this Privacy Policy, we refer to any information about an identifiable individual (including the information below) as “Personal Information”. See the list below for more information about what Personal Information we collect and why.

• Device information
• Purpose of collection: to load the Site accurately for you, and to perform analytics on Site usage to optimize our Site.
• Source of collection: Collected automatically when you access our Site using cookies and log files. Most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu.
• Disclosure for a business purpose: shared with our processor Shopify.
• Personal Information collected: version of web browser, IP address, time zone, cookie information, what sites or products you view, search terms, and how you interact with the Site.
• Order information
• Purpose of collection: to provide products or services to you to fulfill our contract, to process your payment information, arrange for shipping, and provide you with invoices and/or order confirmations, communicate with you, screen our orders for potential risk or fraud, and when in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
• Source of collection: collected from you.
• Disclosure for a business purpose: shared with our processor Shopify.
• Personal Information collected: name, billing address, shipping address, payment information (including credit card numbers ), email address, and phone number.
• Customer support information
• Purpose of collection:
• Source of collection:
• Disclosure for a business purpose:
• Personal Information collected:
• Purpose of collection: to provide customer support.
• Source of collection: collected from you
• Disclosure for a business purpose:
• Personal Information collected:

Minors

The Site is not intended for individuals under the age of 13. We do not intentionally collect Personal Information from children. If you are the parent or guardian and believe your child has provided us with Personal Information, please contact us at the address above to request deletion.

Sharing Personal Information

We share your Personal Information with service providers to help us provide our services and fulfill our contracts with you, as described above. For example:

• We use Shopify to power our online store. You can read more about how Shopify uses your Personal Information here: https://www.shopify.com/legal/privacy.
• We may share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.

Behavioral Advertising

As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For example:

• We use Google Analytics to help us understand how our customers use the Site. You can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
• We share information about your use of the Site, your purchases, and your interaction with our ads on other websites with our advertising partners. We collect and share some of this information directly with our advertising partners, and in some cases through the use of cookies or other similar technologies (which you may consent to, depending on your location).
• We use Shopify Audiences to help us show ads on other websites with our advertising partners to buyers who made purchases with other Shopify merchants and who may also be interested in what we have to offer. We also share information about your use of the Site, your purchases, and the email address associated with your purchases with Shopify Audiences, through which other Shopify merchants may make offers you may be interested in.

For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at https://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.

You can opt out of targeted advertising by:

FACEBOOK - https://www.facebook.com/settings/?tab=adsGOOGLE - https://www.google.com/settings/ads/anonymous

• BING - https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads]

Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: https://optout.aboutads.info/.

Using Personal Information

We use your personal Information to provide our services to you, which includes: offering products for sale, processing payments, shipping and fulfillment of your order, and keeping you up to date on new products, services, and offers.

Lawful basis

Pursuant to the General Data Protection Regulation (“GDPR”), if you are a resident of the European Economic Area (“EEA”), we process your personal information under the following lawful bases:

• Your consent;
• The performance of the contract between you and the Site;
• Compliance with our legal obligations;
• To protect your vital interests;
• To perform a task carried out in the public interest;
• For our legitimate interests, which do not override your fundamental rights and freedoms.

Retention

When you place an order through the Site, we will retain your Personal Information for our records unless and until you ask us to erase this information. For more information on your right of erasure, please see the ‘Your rights’ section below.

Automatic decision-making

If you are a resident of the EEA, you have the right to object to processing based solely on automated decision-making (which includes profiling), when that decision-making has a legal effect on you or otherwise significantly affects you.

Our processor Shopify uses limited automated decision-making to prevent fraud that does not have a legal or otherwise significant effect on you.

Services that include elements of automated decision-making include:

• Temporary blacklist of IP addresses associated with repeated failed transactions. This blacklist persists for a small number of hours.
• Temporary blacklist of credit cards associated with blacklisted IP addresses. This blacklist persists for a small number of days.

Selling Personal Information

Our Site sells Personal Information, as defined by the California Consumer Privacy Act of 2018 (“CCPA”).

• categories of information sold;
• IF USING SHOPIFY AUDIENCES: information about your use of the Site, your purchases, and the email address associated with your purchase
• instructions on how to opt-out of sale;
• whether your business sells information of minors (under 16) and whether you obtain affirmative authorization;
• if you provide a financial incentive to sell information, provide information about what that incentive is.]

GDPR

If you are a resident of the EEA, you have the right to access the Personal Information we hold about you, to port it to a new service, and to ask that your Personal Information be corrected, updated, or erased. If you would like to exercise these rights, please contact us through the contact information above.

Your Personal Information will be initially processed in Ireland and then will be transferred outside of Europe for storage and further processing, including to Canada and the United States. For more information on how data transfers comply with the GDPR, see Shopify’s GDPR Whitepaper: https://help.shopify.com/en/manual/your-account/privacy/GDPR.

CCPA

If you are a resident of California, you have the right to access the Personal Information we hold about you (also known as the ‘Right to Know’), to port it to a new service, and to ask that your Personal Information be corrected, updated, or erased. If you would like to exercise these rights, please contact us through the contact information above.

If you would like to designate an authorized agent to submit these requests on your behalf, please contact us at the address above.

Cookies

A cookie is a small amount of information that’s downloaded to your computer or device when you visit our Site. We use a number of different cookies, including functional, performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the site or browse from one page to another. Cookies also provide information on how people use the website, for instance whether it’s their first time visiting or if they are a frequent visitor.

We use the following cookies to optimize your experience on our Site and to provide our services.

Cookies Necessary for the Functioning of the Store

Reporting and Analytics

The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing and persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and will expire between 30 minutes and two years from the date they are downloaded to your device.

You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our website may no longer be fully accessible.

Most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu. For more information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser’s help file or through such sites as: www.allaboutcookies.org.

Additionally, please note that blocking cookies may not completely prevent how we share information with third parties such as our advertising partners. To exercise your rights or opt-out of certain uses of your information by these parties, please follow the instructions in the “Behavioural Advertising” section above.

Do Not Track

Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.

Changes

We may update this Privacy Policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal, or regulatory reasons.

Complaints

As noted above, if you would like to make a complaint, please contact us by e-mail or by mail using the details provided under “Contact” above.

Last updated: [07/25]