STORAGE OF ACCESS DATA IN SERVER LOG FILES
You can visit the Site without giving any personal information. We only store access data in ‘server log files’, such as the name of the file requested, date and time of retrieval, amount of data transferred and the requesting provider, for example. This data is evaluated solely to ensure trouble-free operation of the site and to improve our service and does not enable any conclusions of a personal nature to be drawn.
PERSONAL INFORMATION WE COLLECT
We collect personal data if you provide us with this as part of your order, or when you voluntarily contact us (by contact form or email, for example) or open an account. The data collected can be seen from the respective input forms includes, but is not limited to names, first and last names, delivery address and possibly credit card information. Data you provide is necessary for the performance of pre-contractual measures. Without these data points we may not be able to provide you with services or products. When you visit our Site, we automatically receive your computer’s IP address, in order to determine which browser and operating system you are using. We use the data provided by you for managing purchases and processing your requests.
To make the visit to our Site attractive and to enable the use of certain functions, we use ‘cookies’ on various pages. These are small text files that are stored on your Device. Some cookies we use (called ‘session cookies’) are deleted after the end of the browser session, i.e. after closing your browser. Other cookies remain on your Device and allow us to recognize your browser on your next visit (‘persistent’ cookies). You can set your browser so that you are notified about cookie settings and individually decide on their acceptance or block the acceptance of cookies for specific cases, or in general. Not accepting cookies may limit the functionality of our website.
To make the visit to our Site attractive and to enable the use of certain functions, we use ‘cookies’ on various pages. These are small text files that are stored on your device. As such, when you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information.”
We collect Device Information using the following technologies:
- “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier.
- For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
- “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
- “Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Site.
You can set your browser so that you are notified about cookie settings and individually decide on their acceptance or block the acceptance of cookies for specific cases, or in general. Not accepting cookies may limit the functionality of our Site.
Additionally, when you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, shipping address, and payment information (including credit card numbers, debit card numbers, email address, and phone number). We refer to this information as “Order Information.”
When you make a purchase in the store, we collect certain information from you, including your name, payment information (including credit card numbers, debit card numbers, email address, and phone number). We also refer to this information as “Order Information.”
HOW DO WE USE YOUR PERSONAL INFORMATION?
We use the Order Information that we collect generally to fulfill any orders placed through the Site (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations). Additionally, we use this Order Information to:
- Communicate with you;
- Screen our orders for potential risk or fraud; and
- When in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).
SHARING YOUR PERSONAL INFORMATION
Third party providers such as Shopify only collect and process the data necessary to perform their services. Some of these third parties have their own privacy policies with respect to the information we provide them for transaction processing purposes. We encourage you to read these privacy policies in order to understand how these third-party providers process your information. In particular, please note that certain third-party providers do not have a registered office or server in the United States, or in your jurisdiction. As such, if you choose to use a third-party payment method, your data and the processing thereof may be governed by the law of that third-party provider.
We share your Personal Information with third parties to help us use your Personal Information, as described above. We use Shopify to power our online store--you can read more about how Shopify uses your Personal Information below and here: https://www.shopify.com/legal/privacy.
Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect and enforce our rights.
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
You can opt out of targeted advertising at any of the links below:
Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.
Lastly, to the extent you receive any direct mail from us you can opt out of this by visiting the Direct Marketing Association at: https://dmachoice.thedma.org/.
DO NOT TRACK
Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser. You can learn more about Do Not Track at https://allaboutdnt.com.
We do not collect any special categories of personal information about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
Our services are generally not directed to children under 16. We do not knowingly collect Personal Information from anyone under 16 without parental consent. If you become aware that we have collected Personal Information from a child under the age of 16 without parental consent, please let us know so we can take appropriate action.
HOW WE PROTECT PERSONAL INFORMATION
In proportion to the sensitivity of the information, we maintain reasonable administrative, technical, and/or physical safeguards and appropriate security measures to protect Personal Information from loss, misuse or unauthorized access, disclosure, alteration, or destruction of the information you provide. However, we cannot guarantee the security of your Personal Information, as no electronic data transmission or storage of information is completely secure. If an incident is reported affecting your information, we will investigate and comply with all required reporting obligations.
OUR ONLINE STORE
Our online store is hosted by Shopify Inc., 150 Elgin Street, Suite 800, Ottawa ON K2P 1L4, Canada. Shopify provides us with the e-commerce platform that enables us to provide our products to you. Your data is stored on Shopify's data storage, databases and Shopify applications. Shopify stores your data on secure, firewall-protected servers.
If you pay by credit card, Shopify stores your credit card information. This is encrypted using the Payment Card Industry Data Security Standard (PCI-DSS). Your transaction data will only be stored as long as is required to complete your payment transaction. After that, it will be deleted. The credit card payment function follows the standards set by the PCI-DSS, managed by the PCI Security Standards Council, a joint venture between companies such as Visa, Mastercard, American Express and Discover. The PCI-DSS standards help ensure the secure handling of credit card information in the context of our web shop.
PERSONAL INFORMATION SUBJECT TO THE GDPR
This section applies to you only if your Personal Information is subject to the General Data Protection Regulation.
We collect your Personal Information in the manner described in the “Personal Information We Collect” section above.
We use your Personal Information for the purposes described in the “How We Use Your Personal Information” section above. However, use of your Personal Information will be limited (i) to entering into or fulfilling contracts with you, (ii) to the legitimate purposes described in the “How We Use Your Personal Information” that are not overridden by your rights, and (iii) to comply with our legal obligations.
If you do not disclose your Personal Information, it may prevent our ability to enter into a contract with you.
You may have certain rights regarding your Personal Information, subject to local law. These include the following rights to:
- access your Personal Information;
- correct the information we hold about you;
- erase your Personal Information;
- restrict our use of your Personal Information;
- object to our use of your Personal Information;
- withdraw your consent for us to use your Personal Information, if applicable;
- receive your Personal Information in a usable electronic format and transmit it to a third party (right to data portability); and
- lodge a complaint with your local data protection authority (if applicable).
We are a United States based company. Your Personal Information will be transferred outside of Europe, including to the United States and Canada.
Your Personal Information will only be retained for as long as necessary to achieve the purposes for which it was collected.
USE OF GOOGLE ANALYTICS FOR WEB ANALYTICS
This Site uses Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (www.google.com). Google Analytics uses methods enabling analysis of your use of the Site, such as "cookies", text files stored on your computer. Hereby, data regarding geographic location, language settings, internet browser, internet service provider, operating systems, screen resolution, device type, gender, age, personal interest, online behavior on the Site, are collected by Google LLC and used by Undercover Colors, in the form of statistics for the purpose of improving our products, marketing activities, website and its functioning. The information used by Undercover Colors in this context, does not permit any conclusion in respect of the identity of a concerned individual person.
The information generated about your use of this Site is usually transmitted to a Google server in the United States and stored there. By activating the IP anonymization on this Site, the IP address used will be abbreviated prior to transmission within European Union member states or other states contracting to the Agreement on the European Economic Area. The anonymized IP address provided by Google Analytics within the Google Analytics framework will not be amalgamated with other Google data.
You can prevent Google’s collection of data generated by the cookie and related to your use of the Site (including your IP address), as well as Google’s processing of this data, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
The relation to Google LLC is based on the European Commission’s implementing Decision (EU) 2016/1250 of 12 July 2016 pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequacy of the protection provided by the EU-U.S. Privacy Shield (see https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
The relation to Google Analytics is based on the European Commission’s implementing Decision (EU) 2016/1250 of 12 July 2016 pursuant to the Directive 95/46/EC of the European Parliament and of the Council on the adequacy of the protection provided by the EU-U.S. Privacy Shield (see https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
The data processing is based on the legal provisions in Art. 6 (1) (f) GDPR (legitimate interest).
USE OF FACEBOOK PIXEL FOR WEB ANALYSIS
Our Site contains web beacons (also known as "pixel tags"). A web beacon is an electronic image, often invisible, placed on a Site or in an email, usually no larger than 1 x 1 pixel, which observes the online behavior of visitors on the Site or while sending emails. Web beacons are provided by third parties, the provider on this Site being Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”) to obtain information about the activity of the visitors on our Site. This makes it possible to determine from which computer, when, and from which location a specific website is accessed. We also use “Custom Audience Pixel” analysis software to optimize our advertising campaigns. This software enables online behavior to be observed in terms of time, geographic location, purchase behavior and use of this Site. This information is collected via web beacons and/or cookies. The information received from the web beacons and/or cookies is anonymous and will not be linked to personal data. This information will not be shared with third parties for their own use. Further information can be found at: https://en-gb.facebook.com/business/learn/facebook-ads-pixel.
The data processing is based on the legal provisions in provisions in Art. 6 (1) (f) GDPR (legitimate interest).
USE OF FACEBOOK PLUGINS
Our Site uses social plugins of the Facebook social network, operated by Facebook.The plugins are identified by a Facebook logo or the addition of “Facebook Social Plugin”.
If you visit a page on our Site that contains this plugin, your browser connects directly to the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser and integrated into the page. Through this integration, Facebook receives the information that your browser has accessed on the corresponding page of our Site, even if you do not have a Facebook profile or are not currently logged in to Facebook. This information (including your IP address) will be transmitted from your browser directly to a Facebook server in the United States and stored there.
If you are logged in to Facebook, Facebook can immediately attribute your visit to our Site to your Facebook profile. If you interact with the plugins by clicking the "Like" button or by leaving a comment, for example, the corresponding information is also transmitted directly to a Facebook server, and stored there. The information will also be posted on your Facebook profile and displayed to your Facebook friends.
If you do not wish Facebook to directly assign the data collected via our Site to your Facebook profile, you must log out of Facebook before visiting our Site. You can also completely prevent the loading of Facebook plugins with add-ons for your browser, such as a "Facebook Blocker" or script blocker, for example.
USE OF instagram PIXeL
RIGHTS REGARDING YOUR PERSONAL DATA AND CONTACT OPTIONS
You have the right to information and data portability, free of charge, on the personal data stored by us, as well as a right to have this data corrected, deleted or if necessary, restrict their use. For questions on the collection, processing or use of your personal data, the exercise of the above mentioned rights as well as withdrawal of consent granted or objection to a particular use of data, please contact us directly via email at firstname.lastname@example.org. In case you believe that the usage of your data infringes your data protection rights, you can complaint at the responsible data protection authority.
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at email@example.com or by mail using the details provided below:
Undercover Colors, Inc.
Attn: Privacy Manager
P.O. Box 12002
Research Triangle Park, North Carolina 27709