Effective as of Dec 12, 2020
Table of Contents
- Personal Information We Collect
- How We Collect Personal Information
- How We Protect Your Personal Information
- How We Use Your Personal Information
- How We Share Your Personal Information
- Your Choices
- Your European Privacy Rights
- Third Party Links and Websites
- Security Practices
- How to Contact Us
PERSONAL INFORMATION WE COLLECT
Neko Deco Craft Shop Inc. website is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall. We may also hire third-party companies to perform business functions on our behalf. We may collect, receive, and develop the following categories of personal information:
- Contact Information, such as your first and last name, email and mailing addresses, phone number, professional title, and company name.
- Account/Registration Information, such as your username and password, order history, and preferences when using products or services.
- Demographic Information, such as your age, gender, and income.
- Information About Others for whom you purchase an item or gift, such as name, delivery address, and phone number.
- Correspondence Information, such as information you provide when you contact us with questions, feedback, survey responses, or otherwise communicate with us.
- Payment Information, such as your credit card or debit card number, expiration date, card verification number, and billing address if you make a purchase.
- Internet and Network Activity Information, such as your IP address, device identifiers, websites you came from, websites you leave to, and website interaction information (e.g., search terms entered, and products or content viewed or clicked on).
HOW WE COLLECT PERSONAL INFORMATION
We collect and obtain personal information:
From you. We collect personal information when it is provided to us, such as when you send an email to us, register for an account, make a purchase, refer friends or others to contact us, or connect with us on social media or through one of our partners. For example, you may see a “Log in with…” button, which means we request personal information from a partner to streamline the login process. You will likely be presented with a “request for permission” screen by a third party asking to share additional information, such as a list of your friends or connections and your email address.
When you make a purchase on our website using a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
- From your device. We use tracking tools like cookies and similar technologies to automatically collect information about you (e.g., Internet and Network Activity Information). We collect this information when you interact with our website. We may have third parties collect personal information on our behalf in this way, too.
HOW WE PROTECT YOUR PERSONAL INFORMATION
We maintain appropriate administrative, technical and physical safeguards designed to protect the personal information you provide against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use.
HOW WE USE YOUR PERSONAL INFORMATION
We share these categories of personal information under the following circumstances:
- To administer our website and services and for internal operations. For this purpose, we typically use all categories of personal information for our internal operations, such as troubleshooting, insurance claims, data analysis, and testing.
- To process your transactions and fulfill your orders. For this purpose, we typically use Contact Information, Account/Registration Information, Payment Information, and Internet and Network Activity Information.
- To respond to your requests or questions. For this purpose, we typically use Contact Information to contact you in response to your feedback or other matters related to our relationship with you.
- To improve our products and services. For this purpose, we may use the information you provide about our products, as well as Account/Registration Information and Internet and Network Activity to make our website, services, and products better.
- For our Loyalty Program. Your contact information and order history data will be used to allow you to earn points and discounts on our website.
- To send you Neko Deco Craft Shop newsletters and for other marketing purposes. For this purpose, we typically use Contact Information, Account/Registration Information, Internet and Network Activity Information, and Demographic Information when you sign-up for to receive our newsletters, as well as special offers and promotions. We may also use this information to advertise and market our products to you.
- To comply with laws and regulations. For this purpose, we typically use your personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests, and legal processes, such as to respond to subpoenas or requests from government authorities.
- With your consent. In some cases we may specifically ask for your consent to collect, use, or share your personal information, such as when required by law.
HOW WE SHARE YOUR PERSONAL INFORMATION
We share your personal information as follows:
- Service providers. We may share each category of personal information with companies and individuals that provide services on our behalf or help us operate the our website or our business (such as order fulfillment, shipping, payment processing, customer support, hosting, analytics, email delivery, marketing, Loyalty Program, database management services, returns processing, and risk and fraud mitigation).
- Advertising and marketing partners. We might share the above categories of personal information with companies that help us with our marketing efforts, including third-party advertising partners and social media platforms.
- Law enforcement, government authorities, and private parties. We may share the above categories of personal information as we believe in good faith to be necessary or appropriate to comply with law or for the compliance, fraud prevention, and safety purposes described above.
We do not sell your personal information.
You have certain choices about how we use your personal information.
- Access or update your account information. If you have registered for an account with us, you may review and update certain personal information in your account profile by logging into the account or emailing us at firstname.lastname@example.org.
- Opt out of marketing communications. To stop receiving our newsletter or other promotional emails, use the unsubscribe link at the bottom of each email or email us at email@example.com. Even if you opt out of getting marketing messages, we will still send you transactional messages. These include responses to your questions.
- Cookies. You can control certain cookies and tracking tools. We use the following types of cookies:
Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website. This category of cookies cannot be disabled.
Analytical cookies. These cookies allow us to recognize and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily. Information collected by Google Analytics cookies will be transmitted to and stored by Google on servers in the United States of America in accordance with its privacy practices. To see an overview of privacy at Google and how this applies to Google Analytics, visit https://www.google.com/intl/en/policies/privacy/. You may opt out of tracking by Google Analytics by visiting https://tools.google.com/dlpage/gaoptout.
Advertising or targeting cookies. These cookies are used to make advertising more relevant to you and your interests. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed, and in some cases selecting advertisements that are based on your interests. Our third party advertising partners may use the cookies to build a profile of your interests and deliver relevant advertising on other websites. You can opt out of tracking on our website or others for online behavioral advertising by visiting the DAA’s Consumer Choice page at http://www.aboutads.info/choices/.
You may also disable cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to disable all cookies (including strictly necessary cookies) you may not be able to access all or parts of the website.
Disabling a cookie or category of cookie does not delete the cookie from your browser. You will need to do this separately within your browser. If you have disabled one or more analytical cookies, we may still use information collected from cookies prior to your disabled preference being set.
YOUR EUROPEAN PRIVACY RIGHTS
You have the following rights, where provided under applicable law, including the European Union’s General Data Protection Regulation (GDPR), regarding your information (each of which are subject to various exceptions and limitations):
- Information. You have the right to receive confirmation as to whether or not we are processing your personal information.
- Access. You have the right to access to your personal information.
- Correct. You are entitled to update or correct your information if it is inaccurate or incomplete.
- Delete. At your request, we will delete your personal information.
- Transfer. You have rights to obtain and reuse your personal information for your own purposes across different services and platforms.
- Restrict. You have the right to restrict our processing of personal information if you tell us that it is inaccurate, if you are entitled to request deletion but prefer restriction, if we would otherwise delete it but you need it for legal reasons, or if you are in the process of verifying our “legitimate interests” for processing your personal information (if those interests are the sole legal basis on which we are doing so).
- Object. You have the right to object to certain types of processing, in particular processing based on our legitimate interests. You also can object at any time to your information being used for direct marketing purposes.
You may correct your personal information and exercise your privacy preferences by writing us at:
Please include your name and email address when you contact us. We may take reasonable steps to verify your identity prior to responding to your requests. The verification steps will vary depending on the sensitivity of the personal information and whether you have an account with us. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or our response to your requests regarding your personal information, you may contact us or submit a complaint to the data protection regulator in your jurisdiction.
THIRD PARTY LINKS AND WEBSITES
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards. Please be aware that despite our best efforts, no data security measures can guarantee 100% security. While we strive to protect information transmitted on or through our website, we cannot and do not guarantee the security of any information you transmit on or through this website.
We do not knowingly collect personally identifiable information from children under 16 without permission from a parent or guardian. If you are a parent or legal guardian and you think your child under 16 has given us information, you can contact us at firstname.lastname@example.org.
HOW TO CONTACT US