Privacy Policy

Privacy Policy

Privacy and the protection of Personal Information are of paramount concern to Undercover Colors, Inc., our customers in the United States and anyone who reads our content around the world. This Privacy Policy describes how your Personal Information is collected, used, and shared when you visit or make a purchase from undercovercolors.com (the “Site”).

STORAGE OF ACCESS DATA IN SERVER LOG FILES

You can visit the Site without giving any personal information. We only store access data in ‘server log files’, such as the name of the file requested, date and time of retrieval, amount of data transferred and the requesting provider, for example. This data is evaluated solely to ensure trouble-free operation of the site and to improve our service and does not enable any conclusions of a personal nature to be drawn.

PERSONAL INFORMATION WE COLLECT

We collect personal data if you provide us with this as part of your order, or when you voluntarily contact us (by contact form or email, for example) or open an account. The data collected can be seen from the respective input forms includes, but is not limited to names, first and last names, delivery address and possibly credit card information. Data you provide is necessary for the performance of pre-contractual measures. Without these data points we may not be able to provide you with services or products. When you visit our Site, we automatically receive your computer’s IP address, in order to determine which browser and operating system you are using. We use the data provided by you for managing purchases and processing your requests.

To make the visit to our Site attractive and to enable the use of certain functions, we use ‘cookies’ on various pages. These are small text files that are stored on your Device. Some cookies we use (called ‘session cookies’) are deleted after the end of the browser session, i.e. after closing your browser. Other cookies remain on your Device and allow us to recognize your browser on your next visit (‘persistent’ cookies). You can set your browser so that you are notified about cookie settings and individually decide on their acceptance or block the acceptance of cookies for specific cases, or in general. Not accepting cookies may limit the functionality of our website.

To make the visit to our Site attractive and to enable the use of certain functions, we use ‘cookies’ on various pages. These are small text files that are stored on your device. As such, when you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information.”

We collect Device Information using the following technologies:

  • “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier.
  • For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
  • “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
  • “Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Site.

You can set your browser so that you are notified about cookie settings and individually decide on their acceptance or block the acceptance of cookies for specific cases, or in general. Not accepting cookies may limit the functionality of our Site.

Additionally, when you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, shipping address, and payment information (including credit card numbers, debit card numbers, email address, and phone number). We refer to this information as “Order Information.”

When you make a purchase in the store, we collect certain information from you, including your name, payment information (including credit card numbers, debit card numbers, email address, and phone number). We also refer to this information as “Order Information.”

When we talk about “Personal Information” in this Privacy Policy, we are talking both about Device Information and Order Information. We will maintain your Order Information for our records unless and until you ask us to delete this information.

HOW DO WE USE YOUR PERSONAL INFORMATION?

We use the Order Information that we collect generally to fulfill any orders placed through the Site (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations). Additionally, we use this Order Information to:

  • Communicate with you;
  • Screen our orders for potential risk or fraud; and
  • When in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.

We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).

SHARING YOUR PERSONAL INFORMATION

Third party providers such as Shopify only collect and process the data necessary to perform their services. Some of these third parties have their own privacy policies with respect to the information we provide them for transaction processing purposes. We encourage you to read these privacy policies in order to understand how these third-party providers process your information. In particular, please note that certain third-party providers do not have a registered office or server in the United States, or in your jurisdiction. As such, if you choose to use a third-party payment method, your data and the processing thereof may be governed by the law of that third-party provider.

If you leave this website or are redirected to a third-party website, your use of the internet will no longer be subject to our Privacy Policy and Terms of Service.

We share your Personal Information with third parties to help us use your Personal Information, as described above. We use Shopify to power our online store--you can read more about how Shopify uses your Personal Information below and here: https://www.shopify.com/legal/privacy.

Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect and enforce our rights.

As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.

You can opt out of targeted advertising at any of the links below:

Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.

Lastly, to the extent you receive any direct mail from us you can opt out of this by visiting the Direct Marketing Association at: https://dmachoice.thedma.org/.

DO NOT TRACK

Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser. You can learn more about Do Not Track at https://allaboutdnt.com.

SENSITIVE DATA

We do not collect any special categories of personal information about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

CHILDREN

Our services are generally not directed to children under 16. We do not knowingly collect Personal Information from anyone under 16 without parental consent. If you become aware that we have collected Personal Information from a child under the age of 16 without parental consent, please let us know so we can take appropriate action.

CALIFORNIA RESIDENTS

If you are a California resident and have provided us with your Personal Information, you may ask us to refrain from sharing your Personal Information with third parties, including our affiliates if they are separate legal entities, for direct marketing purposes. Please tell us your preference by contacting us via the contact information in the “Contact Us” section of this Privacy Policy.

HOW WE PROTECT PERSONAL INFORMATION

In proportion to the sensitivity of the information, we maintain reasonable administrative, technical, and/or physical safeguards and appropriate security measures to protect Personal Information from loss, misuse or unauthorized access, disclosure, alteration, or destruction of the information you provide. However, we cannot guarantee the security of your Personal Information, as no electronic data transmission or storage of information is completely secure. If an incident is reported affecting your information, we will investigate and comply with all required reporting obligations.

OUR ONLINE STORE

Our online store is hosted by Shopify Inc., 150 Elgin Street, Suite 800, Ottawa ON K2P 1L4, Canada. Shopify provides us with the e-commerce platform that enables us to provide our products to you. Your data is stored on Shopify's data storage, databases and Shopify applications. Shopify stores your data on secure, firewall-protected servers.

If you pay by credit card, Shopify stores your credit card information. This is encrypted using the Payment Card Industry Data Security Standard (PCI-DSS). Your transaction data will only be stored as long as is required to complete your payment transaction. After that, it will be deleted. The credit card payment function follows the standards set by the PCI-DSS, managed by the PCI Security Standards Council, a joint venture between companies such as Visa, Mastercard, American Express and Discover. The PCI-DSS standards help ensure the secure handling of credit card information in the context of our web shop.

For more information, please visit Shopify's Terms of Use and Privacy Policy at: https://www.shopify.com/legal/terms and https://www.shopify.com/legal/privacy as well as https://www.shopify.com/legal/dpa.

CHANGES

We may update this privacy policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal, or regulatory reasons.

PERSONAL INFORMATION SUBJECT TO THE GDPR

This section applies to you only if your Personal Information is subject to the General Data Protection Regulation.

We collect your Personal Information in the manner described in the “Personal Information We Collect” section above.

We use your Personal Information for the purposes described in the “How We Use Your Personal Information” section above. However, use of your Personal Information will be limited (i) to entering into or fulfilling contracts with you, (ii) to the legitimate purposes described in the “How We Use Your Personal Information” that are not overridden by your rights, and (iii) to comply with our legal obligations.

If you do not disclose your Personal Information, it may prevent our ability to enter into a contract with you.

We share your Personal Information in order to carry out your requests, to make various features, services and materials available to you through the services, to respond to your inquiries, and for other purposes described in the “How We Use Your Information” section of this Privacy Policy. We may share your Personal Information or usage information with third parties that perform functions on our behalf (or on behalf of our partners), such as companies or individuals that: host or operate our Site; analyze data; provide customer service; mail products or manage payments; or other third parties that assist with risk management, compliance, legal and audit functions. These service providers are not authorized by us to use or disclose the information except as necessary to perform services on our behalf or comply with legal requirements.

We may present you with the opportunity to opt in to receive information or marketing offers from third parties or to otherwise consent to the sharing of your information with third parties. If you agree to have your Personal Information shared, your Personal Information will be disclosed to the third-party subject to the privacy notice and business practices of that third party. If, at any time thereafter, you wish to withdraw your consent to our sharing, please contact us via the contact information provided in the “Contact Us” section of this Privacy Policy.

You may have certain rights regarding your Personal Information, subject to local law. These include the following rights to:

  • access your Personal Information;
  • correct the information we hold about you;
  • erase your Personal Information;
  • restrict our use of your Personal Information;
  • object to our use of your Personal Information;
  • withdraw your consent for us to use your Personal Information, if applicable;
  • receive your Personal Information in a usable electronic format and transmit it to a third party (right to data portability); and
  • lodge a complaint with your local data protection authority (if applicable).

We encourage you to contact us to update or correct your information if it changes or if the Personal Information we hold about you is inaccurate. Please note that we will likely require additional information from you in order to verify your identity and respond to your requests. If you would like to discuss or exercise your applicable rights, subject to limitations established under local law, please contact us via the contact information provided in the “Contact Us” section of this Privacy Policy. We will respond to you within a reasonable time and within the time limits established by applicable law.

We are a United States based company. Your Personal Information will be transferred outside of Europe, including to the United States and Canada.

Your Personal Information will only be retained for as long as necessary to achieve the purposes for which it was collected.

USE OF GOOGLE ANALYTICS FOR WEB ANALYTICS

This Site uses Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (www.google.com). Google Analytics uses methods enabling analysis of your use of the Site, such as "cookies", text files stored on your computer. Hereby, data regarding geographic location, language settings, internet browser, internet service provider, operating systems, screen resolution, device type, gender, age, personal interest, online behavior on the Site, are collected by Google LLC and used by Undercover Colors, in the form of statistics for the purpose of improving our products, marketing activities, website and its functioning.  The information used by Undercover Colors in this context, does not permit any conclusion in respect of the identity of a concerned individual person.

Further details on the collection of data, their processing and use by Google LLC as well as your rights and setting options in context with your privacy are provided in the respective Privacy Policy available at https://policies.google.com/privacy.

The information generated about your use of this Site is usually transmitted to a Google server in the United States and stored there. By activating the IP anonymization on this Site, the IP address used will be abbreviated prior to transmission within European Union member states or other states contracting to the Agreement on the European Economic Area. The anonymized IP address provided by Google Analytics within the Google Analytics framework will not be amalgamated with other Google data.

You can prevent Google’s collection of data generated by the cookie and related to your use of the Site (including your IP address), as well as Google’s processing of this data, by downloading and installing the browser plugin available at the following link:  https://tools.google.com/dlpage/gaoptout?hl=en.

The relation to Google LLC is based on the European Commission’s implementing Decision (EU) 2016/1250 of 12 July 2016 pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequacy of the protection provided by the EU-U.S. Privacy Shield (see https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

The relation to Google Analytics is based on the European Commission’s implementing Decision (EU) 2016/1250 of 12 July 2016 pursuant to the Directive 95/46/EC of the European Parliament and of the Council on the adequacy of the protection provided by the EU-U.S. Privacy Shield (see https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

The data processing is based on the legal provisions in Art. 6 (1) (f) GDPR (legitimate interest).

USE OF FACEBOOK PIXEL FOR WEB ANALYSIS

Our Site contains web beacons (also known as "pixel tags"). A web beacon is an electronic image, often invisible, placed on a Site or in an email, usually no larger than 1 x 1 pixel, which observes the online behavior of visitors on the Site or while sending emails. Web beacons are provided by third parties, the provider on this Site being Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”) to obtain information about the activity of the visitors on our Site. This makes it possible to determine from which computer, when, and from which location a specific website is accessed. We also use “Custom Audience Pixel” analysis software to optimize our advertising campaigns. This software enables online behavior to be observed in terms of time, geographic location, purchase behavior and use of this Site. This information is collected via web beacons and/or cookies. The information received from the web beacons and/or cookies is anonymous and will not be linked to personal data. This information will not be shared with third parties for their own use. Further information can be found at: https://en-gb.facebook.com/business/learn/facebook-ads-pixel.

The data processing is based on the legal provisions in provisions in Art. 6 (1) (f) GDPR (legitimate interest).

USE OF FACEBOOK PLUGINS

Our Site uses social plugins of the Facebook social network, operated by Facebook.The plugins are identified by a Facebook logo or the addition of “Facebook Social Plugin”.

If you visit a page on our Site that contains this plugin, your browser connects directly to the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser and integrated into the page. Through this integration, Facebook receives the information that your browser has accessed on the corresponding page of our Site, even if you do not have a Facebook profile or are not currently logged in to Facebook. This information (including your IP address) will be transmitted from your browser directly to a Facebook server in the United States and stored there.

If you are logged in to Facebook, Facebook can immediately attribute your visit to our Site to your Facebook profile. If you interact with the plugins by clicking the "Like" button or by leaving a comment, for example, the corresponding information is also transmitted directly to a Facebook server, and stored there. The information will also be posted on your Facebook profile and displayed to your Facebook friends.

The purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as your rights and setting options for the protection of your privacy can be found in the Facebook privacy policy, at http://www.facebook.com/policy.php.

If you do not wish Facebook to directly assign the data collected via our Site to your Facebook profile, you must log out of Facebook before visiting our Site. You can also completely prevent the loading of Facebook plugins with add-ons for your browser, such as a "Facebook Blocker" or script blocker, for example.

USE OF instagram PIXeL

As mentioned above, our Site uses so-called social plugins operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”). The plugins are marked with an Instagram logo, for example in the form of an “Instagram camera”. When you visit a page of our website that contains such a plugin, your browser connects directly to Instagram’s servers. The content of the plugin is transmitted by Instagram directly to your browser and integrated into the page. Through this integration, Instagram receives the information that your browser has accessed the corresponding page of our website, even if you do not have an Instagram profile or are currently not logged in to Instagram. This information (including your IP address) is sent from your browser directly to an Instagram server in the US and stored there. If you’re logged in to Instagram, Instagram can instantly associate your visit to our website with your Instagram account. If you interact with the plugins, for example, press the “Instagram” button, this information is also transmitted directly to an Instagram server and stored there. The information will also be posted on your Instagram account and displayed there to your contacts. If you do not want Instagram to directly map the data collected through our website to your Instagram account, you’ll need to logout of Instagram before visiting our website. Further information can be found in the privacy policy of Instagram: (https://help.instagram.com/155833707900388).

RIGHTS REGARDING YOUR PERSONAL DATA AND CONTACT OPTIONS

You have the right to information and data portability, free of charge, on the personal data stored by us, as well as a right to have this data corrected, deleted or if necessary, restrict their use. For questions on the collection, processing or use of your personal data, the exercise of the above mentioned rights as well as withdrawal of consent granted or objection to a particular use of data, please contact us directly via email at privacy@undercovercolors.com. In case you believe that the usage of your data infringes your data protection rights, you can complaint at the responsible data protection authority.

CONTACT US

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at  privacy@undercovercolors.com or by mail using the details provided below:

Undercover Colors, Inc.
Attn: Privacy Manager
P.O. Box 12002
Research Triangle Park, North Carolina  27709
United States