SECTION 1 – WHAT DO WE DO WITH YOUR INFORMATION?
When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address.
When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
Email marketing (if applicable): With your permission, we may send you emails about our store, new products, and other updates.
Why Do You Receive Marketing Communications?
If you received one or more marketing or promotional e-mails, such as a newsletter (“commercial e-mails”) from us, it means that (a) your email address is on our list of customers, trial users, or prospective customers; or (b) you have provided us your email address so that we could contact you. If you believe you received an email from us in error, please contact us immediately at [email protected]
How Can You Stop Receiving Marketing Communications?
Each commercial email paintwoola sends contains an unsubscribe link through which you may easily opt-out of receiving future commercial emails from us. If you do not wish to receive additional commercial emails from paintwoola, simply click the unsubscribe link and follow the instructions to unsubscribe your e-mail address or to change your preferences about the types of e-mail we send you.
Similarly, each commercial e-mail sent by one of our customers through paintwoola’s service contains an unsubscribe link. Simply click on that link and follow the instructions to unsubscribe your e-mail address.
If you have unsubscribed but continue to receive e-mail from us or from one of our customers, or if you receive any other types of marketing communications and want to unsubscribe please contact [email protected] Please note that unsubscribe requests may take up to 7-10 days to process.
SECTION 2 – CONSENT
How do you get my consent?
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent or provide you with an opportunity to say no.
How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time, by contacting us at [email protected]
SECTION 3 – DISCLOSURE
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
SECTION 4 – SHOPIFY
Our store is hosted on Shopify Inc. They provide us with an online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases, and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
SECTION 5 – THIRD-PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
When visitors come to our site, third parties (such as AdRoll) may place cookies on their browsers for targeted advertising purposes.
We collect the following categories of information for the purposes explained below.
- Activity on Advertisers’ Digital Properties: This is data about your browsing activity on the Advertiser’s website or app. For example, which pages you visited and when, what items were clicked on a page, how much time was spent on a page, whether you downloaded a white paper on a business to the business website, what items you placed into your online shopping cart, what products were purchased and how much was paid.
- Device and browser information: This is technical information about the device or browser you use to access the Advertiser’s website. For example, your device’s IP address, cookie string data, operating system, and (in the case of mobile devices) your device type and mobile device’s unique identifier such as the Apple IDFA or Android Advertising ID.
- Ad data: This is data about the online ads we have served (or attempted to serve) to you. It includes things like how many times an ad has been served to you, what page the ad appeared on, and whether you clicked on or otherwise interacted with the ad.
- Data from Advertising Partners: This is data that we lawfully receive from other digital advertising companies that we work with (“Advertising Partners”) to help us deliver ads to you and recognize you across browsers and devices. This may include pseudonymous advertiser identifiers (meaning identifiers that help identify your browser or device, but do not directly identify you as a person) which some Advertisers or other third party Advertising Platforms choose to share with us – for example, your “Customer ID” with an Advertiser, an identifier (such as a cookie) associated with a hashed version of your email address, or demographic data such as age range. We may work with our Advertisers and Advertising Partners to synchronize their unique, anonymous identifiers to our own to enable us to more accurately recognize a particular unique browser or device and the advertising interests associated with it.
- Email from Advertisers: Some Advertisers choose to share actual email addresses from their customers with us, so that (with the help of Advertising Partners) we can help the Advertiser serve targeted ads to customers. For example, if you have given ACME Soccer Ball Co. your email address, through our service, ACME Soccer Ball Co. may send you a promotional email for a soccer ball you looked at but did not purchase. Similarly, if you provided your email to a software website when you downloaded a white paper, through our services the software company may send you a follow-up email providing you with more information about the software company’s products or services. We use clear emails supplied by Advertisers only for the purpose of assisting that particular Advertiser with their own advertising efforts and, in some cases, so we can report performance data back to the Advertiser’s CRM / reporting system. – we do not share email addresses with other third parties for their advertising purposes.
- Hashed email addresses: If an Advertiser allows, we may collect hashed versions of the emails that are entered on that Advertiser’s site. Hashing is a “one-way function” that effectively pseudonymizes email addresses. For instance, when [email protected] is run through a typical hashing function, it becomes the following string of code: 0F0B7B1A1A7E8BDBBC6AA545F8CCD6F83671B32479271BFCB6CC8498912058D5.
We recognize how important your online privacy is to you, so we offer the following options for controlling the targeted ads you receive and how we use your data for advertising
- You can opt-out of receiving personalized ads served by us or on our behalf by clicking on the blue icon that typically appears in the corner of the ads we serve and following the instructions provided or by clicking here. Please note that this “opt-out” function is browser-specific and relies on an “opt-out cookie”: thus, if you delete your cookies or upgrade your browser after having opted out, you will need to opt-out again.
- In some cases, we may link multiple browsers or devices to you. If you opt-out of on a browser or device and we have more linked to you, we will extend your opt-out decision to the other linked browsers and devices. Since we only link users across browsers on devices in some conditions, there could be cases where you are still being tracked in a different browser or device we have not linked, and where we are treating you as a different user.
- AdRoll Group is also a member of the Network Advertising Initiative (NAI) and adheres to the NAI Code of Conduct. You may use the NAI opt-out tool here, which will allow you to opt-out of seeing personalized ads from us and from other NAI approved member companies.
- We also comply with the Self-Regulatory Principles for Online Behavioral Advertising as managed by the Digital Advertising Alliance (DAA). You may opt-out of receiving personalized ads from other companies that perform ad targeting services, including some that we may work with as Advertising Partners via the DAA website here.
- We also comply with the Canadian Self-regulatory Principles for Online Behavioral Advertising as managed by the Digital Advertising Alliance of Canada (DAAC). You may opt-out of receiving personalized ads from other companies that perform ad targeting services, including some that we may work with as Advertising Partners via the DAAC website here.
- We also adhere to the European Interactive Advertising Digital Alliance (EDAA) guidelines for online advertising and you may opt-out via their Your Online Choices website.
- Please note that when using the ad industry opt-out tools described above:
- If you opt-out your browser may still send us data, for example, your IP address. However, we isolate this data and do not use it other than for accounting and, in some cases, for fraud prevention. If you have opted-out on that browser, we do not use this data to personalize ads or to track you.
- If you use multiple browsers or devices we will additionally opt out those we have linked to you. Since we may not have all your browsers or devices connected back to your user, you may need to execute this opt-out on each browser or device.
- Other ad companies’ opt-outs may function differently than our opt-out.
- To opt-out of receiving targeted ads that are based on your behavior across different mobile applications follow the below instructions, for iOS and Android devices:
- iOS 7 or Higher: Go to your Settings > Select Privacy > Select Advertising > Enable the “Limit Ad Tracking” setting
- For Android devices with OS 2.2 or higher and Google Play Services version 4.0 or higher: Open your Google Settings app > Ads > Enable “Opt-out of interest-based advertising”
Opting out will not prevent you from seeing ads, but those ads will likely be less relevant because they won’t be tailored to your interests. The ads might, for instance, be randomly generated or based on the web page you are visiting.
Some internet browsers allow users to send a “Do Not Track” signal to websites they visit. We do not respond to this signal at the present time.
In addition, if you are located in a European Territory you will also have additional data protection rights. These are described under the heading “Additional data protection rights for European Territory residents” below.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies with respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers. In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
Our store uses Google Analytics to help us learn about who visits our site and what pages are being looked at
SECTION 6 – SECURITY
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
SECTION 7 – COOKIES
Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
PREF, persistent for a very short period, Set by Google and tracks who visits the store and from where
SECTION 8 – AGE OF CONSENT
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at [email protected] or by mail at
[Re: Privacy Compliance Officer]
21/F Bank of America Tower