Privacy policy
ARTICLE 1 – PERSONAL INFORMATION COLLECTED
When you make a purchase from our shop, as part of our buying and selling process, we collect the personal information you provide to us, such as your name, address and email address.
When you browse our shop, we also automatically receive your computer’s Internet Protocol (IP) address, which enables us to obtain further details about the browser and operating system you are using.
Email marketing (where applicable): With your permission, we may send you emails about our shop, new products and other updates.
ARTICLE 2 – CONSENT
How do you obtain my consent ?
When you provide us with your personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we assume that you consent to our collecting your information and using it for that purpose only.
If we ask you to provide your personal information for any other reason, such as for marketing purposes, we will ask for your explicit consent directly, or we will give you the option to decline.
How can I withdraw my consent?
If, after giving us your consent, you change your mind and no longer wish us to contact you, collect your information or disclose it, you can let us know by contacting us by clicking HERE.
ARTICLE 3 – DISCLOSURE
We may disclose your personal information if we are required to do so by law or if you breach our General Terms and Conditions of Sale and Use.
ARTICLE 4 – SHOPIFY
Our shop is hosted by Shopify Inc. They provide us with the online e-commerce platform that enables us to sell our services and products to you.
Your data is stored in Shopify’s data storage system and databases, and within the general Shopify application. Your data is stored on a secure server protected by a firewall.
Payment:
If you make your purchase via a direct payment gateway, Shopify will store your credit card details.
These details are encrypted in accordance with the Payment Card Industry Data Security Standard (PCI-DSS).
Information relating to your purchase transaction is retained for as long as necessary to complete your order.
Once your order has been finalised, the information relating to the purchase transaction is deleted.
All direct payment gateways comply with the PCI-DSS standard, managed by the PCI Security Standards Council, which is the result of a joint effort by companies such as Visa, MasterCard, American Express and Discover.
The requirements of the PCI-DSS standard ensure the secure processing of credit card data by our shop and its service providers.
For further information, please see Shopify’s Terms of Service here or the Privacy Policy here.
ARTICLE 5 – SERVICES PROVIDED BY THIRD PARTIES
Generally speaking, the third-party providers we use will only collect, use and disclose your information to the extent necessary to carry out the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies regarding the information we are required to provide to them for your purchase transactions.
With regard to these providers, we recommend that you read their privacy policies carefully so that you can understand how they will handle your personal information.
Please bear in mind that some providers may be based in, or have facilities located in, a jurisdiction other than yours or ours.
Therefore, if you decide to proceed with a transaction that requires the services of a third-party provider, your information may then be governed by the laws of the jurisdiction in which that provider is based or by those of the jurisdiction in which its facilities are located.
For example, if you are based in Canada and your transaction is processed by a payment gateway based in the United States, your personal information used to complete the transaction may be disclosed under US legislation, including the Patriot Act.
Once you leave our shop’s website or are redirected to a third-party website or app, you are no longer subject to this Privacy Policy or to the Terms and Conditions of Sale and Use of our website.
Links
You may be directed away from our website by clicking on certain links on our site. We accept no responsibility for the privacy practices of these other websites and recommend that you read their privacy policies carefully.
ARTICLE 6 – SECURITY
To protect your personal data, we take reasonable precautions and follow industry best practice to ensure that it is not lost, misappropriated, accessed, disclosed, altered or destroyed in an unauthorised manner.
If you provide us with your credit card details, they will be encrypted using the SSL security protocol and stored using AES-256 encryption. Although no method of transmission over the internet or electronic storage is 100% secure, we comply with all PCI-DSS requirements and implement additional standards generally recognised by the industry.
COOKIES
Here is a list of the cookies we use. We have listed them here so that you can choose whether or not to allow them.
- _session_id, a unique session identifier, enables Shopify to store information relating to your session (referrer, landing page, etc.).
- _shopify_visit, no data stored, persists for 30 minutes from the last visit. Used by our website provider’s internal statistics tracking system to record the number of visits.
- _shopify_uniq, no data stored, expires at midnight (depending on the visitor’s location) the following day. Calculates the number of visits to a shop per unique customer.
- cart, unique identifier, persists for 2 weeks, stores information relating to your shopping basket.
- _secure_session_id, unique session identifier
- storefront_digest, unique identifier, indefinite; if the shop has a password, this is used to determine whether the current visitor has access.
ARTICLE 7 – AGE OF CONSENT
By using this website, you declare that you are at least of legal age in your state or province of residence, and that you have given us your consent to allow any minors in your care to use this website.
ARTICLE 8 – CHANGES TO THIS PRIVACY POLICY
We reserve the right to amend this privacy policy at any time, so please check it regularly.
Changes and clarifications will take effect immediately upon publication on the website. If we make changes to the content of this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances we disclose it, if applicable.
If our shop is acquired by or merges with another company, your information may be transferred to the new owners so that we can continue to sell products to you.
ENQUIRIES AND CONTACT DETAILS
If you wish to: access, correct, amend or delete any personal information we hold about you, lodge a complaint, or if you simply wish to find out more, please contact our Data Protection Officer by clicking HERE or by emailing contact@kossmetica.com