Privacy and Cookies

ARTICLE 1 - PERSONAL INFORMATION COLLECTED

When you make a purchase from our shop, as part of our buying and selling process, we collect the personal information you provide us, such as your name, address and e-mail address.

When you browse our shop, we also automatically receive the Internet Protocol (IP) address of your computer, which allows us to obtain more details about the browser and operating system you are using.

E-mail marketing (if applicable): With your permission, we may send you e-mails about our shop, new products and other updates.


ARTICLE 2 - CONSENT

How do you obtain my consent?

When you provide us with your personal information to complete a transaction, check your credit card, place an order, schedule a delivery or return a purchase, we assume that you consent to the collection and use of your information for this purpose only.

If we ask you to provide us with your personal information for any other reason, such as for marketing purposes, we will ask you directly for your express consent, or we will give you the opportunity to decline.


How do I withdraw my consent?

If, after you have given us your consent, you change your mind and no longer consent to us contacting you, collecting your information or disclosing it, you may notify us by contacting us at contact@over-allz.com.

ARTICLE 3 - DISCLOSURE

We may disclose your personal information if we are required to do so by law or if you breach our Terms and Conditions of Sale and Use.


ARTICLE 4 - WEBSITE HOST

Our shop is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our services and products to you.

Your data is stored in Shopify's data storage system and databases, and in the general application of Shopify. Your data is stored on a secure server protected by a firewall.

Payment:

If you make your purchase through a direct payment gateway, in this case Shopify will store your credit card information. This information is encrypted in accordance with the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction information is retained for as long as necessary to complete your order. Once your order is finalized, the purchase transaction information is deleted.

All direct payment gateways are PCI-DSS compliant, managed by the PCI Security Standards Council, a joint effort of companies such as Visa, MasterCard, American Express and Discover.

The PCI-DSS requirements ensure the secure processing of credit card data by our shop and its service providers.

For more information, please see the Shopify Terms of Use here or the Privacy Policy here.


ARTICLE 5 - SERVICES PROVIDED BY THIRD PARTIES


In general, the third party providers we use will only collect, use and disclose your information to the extent necessary to perform the services they provide to us.

However, certain third party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies regarding the information we are required to provide them with for your purchase transactions.

With respect to these providers, we recommend that you read their privacy policies carefully so that you can understand how they will treat your personal information.

You should keep in mind that some suppliers may be located or have facilities in a different jurisdiction than you or us. Therefore, if you decide to proceed with a transaction that requires the services of a third party supplier, your information may be governed by the laws of the jurisdiction in which that supplier is located or the jurisdiction in which its facilities are located.

For example, if you are located in Canada and your transaction is processed through a payment gateway located in the United States, your information used to complete the transaction may be disclosed under the laws of the United States, including the Patriot Act.

Once you leave our shop site or are redirected to a third party website or application, you are no longer governed by this Privacy Policy or the Terms and Conditions of Sale and Use of our website.

Links

You may be asked to leave our website by clicking on certain links on our site. We assume no responsibility for the privacy practices of these other sites and recommend that you read their privacy policies carefully.

ARTICLE 6 - SECURITY

To protect your personal information, we take reasonable precautions and follow industry best practices to ensure that it is not lost, misappropriated, accessed, disclosed, altered or inappropriately destroyed.

If you provide us with your credit card information, it will be encrypted through the use of the SSL security protocol and stored with AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all the requirements of the PCI-DSS standard and implement additional standards that are generally accepted by the industry.


ARTICLE 7 - TYPES OF DATA COLLECTED

PERSONAL DATA

When using our service, we may ask you to provide us with certain personally identifiable information that may be used to contact or identify you ("Personal Data"). Personally Identifiable Information may include, but is not limited to:

* Email address
* Address
* First name and surname
* Cookies and usage data


We may use your personal data to contact you with newsletters, marketing or promotional material and other information that may be of interest to you. You can choose not to receive any or all of these communications by following the unsubscribe link or instructions provided in the emails we send.


USAGE DATA
We may also collect information about how our services are accessed and used ("usage data"). This Usage Data may include information such as your computer's IP address (IP address), browser type, browser version, the pages of our service that you visit, the time and date of your visit, the time spent on these pages, device identifier and other diagnostic data.

TRACKING COOKIE DATA
We use cookies and similar tracking technologies to track activity and store certain information.
Cookies are files with a small amount of data that may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are tags, beacons and scripts to collect and track information and to improve and analyse our service.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use the full functionality of our service.

Examples of cookies we use:
* Session cookies. We use session cookies to operate our service.
* Preferably cookies. We use preference cookies to store your preferences and various settings.
* Security cookies. We use security cookies for security purposes.


USE OF DATA
We use the data collected for various purposes:
* To provide and maintain our service
* To notify you of changes to our service
* To provide customer support
* To gather valuable analysis or information so that we can improve our service
* To monitor the use of our service
* To detect, prevent and solve technical problems
* To provide you with news, special offers and general information about other goods, services and events that we offer that are similar to those that you have already purchased or requested, unless you have opted out of receiving this information.
ARTICLE 8 - DATA SECURITY
The security of your data is important to us, but please remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. Although we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.


ARTICLE 9 - LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA UNDER THE GENERAL DATA PROTECTION REGULATIONS (RGPD)

If you are a member of the European Economic Area (EEA), our legal basis for collecting and using the personal information described in this Privacy Policy depends on the personal data we collect and the specific context in which we collect it.

WE CAN PROCESS YOUR PERSONAL DATA BECAUSE:

* We need to make a contract with you or ship products purchased from you.

* You have given us permission to do so.

* The processing is in our legitimate interests and does not exceed your rights.

* For payment processing

* To comply with the law

DATA CONSERVATION

* We will retain your personal data only for as long as is necessary for the purposes described in this privacy policy.

* We will retain and use your personal data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), to resolve disputes and to enforce our legal agreements and policies.


ARTICLE 10 - YOUR DATA PROTECTION RIGHTS UNDER THE GENERAL DATA PROTECTION REGULATIONS (GPDR)

If you live in the European Economic Area (EEA), you have certain data protection rights. We aim to take reasonable steps to enable you to correct, amend, delete or limit the use of your personal data.

If you wish to be informed of what personal data we hold about you and if you wish to delete it from our systems, please contact us.


IN CERTAIN CIRCUMSTANCES, YOU HAVE THE FOLLOWING DATA PROTECTION RIGHTS:


* The right to access, update or delete the information we hold about you. Whenever possible, you can access, update or request the deletion of your personal data directly in the settings section of your account. If you are unable to perform these actions yourself, please contact us for assistance.
* The right of rectification. You have the right to have your information corrected if it is inaccurate or incomplete.
* The right to object. You have the right to object to the processing of your personal data.
* The right of restriction. You have the right to request that we restrict the processing of your personal information.
* The right to data portability. You have the right to receive a copy of the information we hold about you in a structured, machine-readable and commonly used format.

* The right to withdraw consent. You also have the right to withdraw your consent at any time where we have relied on your consent to process your personal information.


Please note that we may ask you to verify your identity before responding to such requests.

You have the right to complain to a data protection authority about our collection and use of your personal data. For more information, please contact your local data protection authority in the European Economic Area (EEA).

ARTICLE 11 - AGE OF CONSENT

By using this site, you represent that you are at least the age of majority in your state or province of residence, and that you have given us your consent to allow any minor in your care to use this website.


ARTICLE 12 - CHANGES TO THIS PRIVACY POLICY

We reserve the right to change this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon posting on the website. If we make changes to the content of this policy, we will notify you here that it has been updated, so that you will know what information we collect, how we use it, and under what circumstances we disclose it, if any.

If our shop is acquired by or merged with another company, your information may be transferred to the new owners so that we can continue to sell products to you.

QUESTIONS AND CONTACT INFORMATION

If you wish to: access, correct, modify or delete any personal information we have about you, file a complaint, or if you simply want more information, contact our Privacy Officer at contact@over-allz.com.