Updated: May 2018
Your privacy is very important to us and we are committed to respecting the privacy of the visitors to all of our sites. We are very careful with what we do with your information.
SECTION 1 – HOW WE COLLECT AND WHAT WE DO WITH YOUR INFORMATION
When you access or purchase something from our store:
When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address, email address or telephone number.
Email marketing (if applicable): With your permission, we may send you emails about our store, new products and other updates.
When you visit one of our websites:
We may collect and store personal or other information that you voluntarily supply to us online while you are visiting one of our websites and you “opt in” to receive our newsletters, blogs, emails and promotional communications.
We only contact individuals who specifically request that we do so or who have signed up to receive our messaging, purchased one of our products or programs, attended one of our programs or events or who have responded to a promotional campaign. The information we use is provided to us by you.
We use the information we collect from you while you are using our sites in a variety of ways, including using the information to customize features; advertising that appear on the sites; and making other offers available to you via email, direct mail or otherwise.
Information we may collect from social networking sites:
If you choose to log into our services through Facebook Connect, we will request your permission to collect the following information about you: your e-mail address, name, profile picture, cover photo, friends, gender, networks (e.g., school), age range, language, country, and other information that you have chosen to make public. We may append this information to other information that we collect about you. If you “like” us on Facebook, we also may collect your email address. We may also post to your Facebook wall.
We may also provide your information to third parties, such as service providers.
SECTION 2 – THIRD-PARTY SERVICES
We do not sell your personal information to third parties.
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions. For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
When you click on links on our store or websites, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
SECTION 3 – CONSENT
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
Please keep in mind that whenever you voluntarily make your personal information available for viewing by third parties online – for example, on message boards, web logs, through email, or in chat areas, that information can be seen, collected and used by others besides us. We cannot be responsible for any unauthorized third-party use of such information.
How do I withdraw my consent?
Your information related to visiting our sites is stored at the list server that delivers our content and messaging. Your information can only be accessed by those who help manage those lists in order to deliver email to those who would like to receive it.
All of the messaging or emails that we send to you include an unsubscribe link in them. You can remove yourself at any time from our mailing list by clicking on the unsubscribe link.
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time, by contacting us at email@example.com or mailing us at:
The OCO Company\ 111 Center Street \ Saint Simons Island, GA 31522
SECTION 4 – DISCLOSURE
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
Please also note that as our business grows, we may buy or sell various assets. In the unlikely event that we sell some or all of our assets; or one or more of our websites is acquired by another company, information about our users may be among the transferred assets.
SECTION 5 – OUR STORE
Our store is hosted on Ecwid. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Ecwid’s data storage, databases and the general Ecwid application. They store your data on a secure server behind a firewall.
Payment/Purchase Transaction Information:
If you choose a direct payment gateway to complete your purchase, then Ecwid stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
SECTION 6 – OUR STORE’S SECURITY
To protect your personal information, our Ecwid store takes reasonable precautions and follows industry best practices to make sure your information is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with an AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
Here is a list of cookies that we use in our store. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Ecwid to store information about your session (referrer, landing page, etc.).
_ecwid_visit, no data held, Persistent for thirty (30) minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_ecwid_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for two (2) weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
SECTION 8 – AGE OF CONSENT
This site is not directed to children under the age of 18 and we do NOT knowingly collect personally identifiable information from children under the age of 18 as part of any of our sites. If we become aware that we have inadvertently received personally identifiable information from a user under the age of 18, we will delete such information from our records. It is not our intention of offer any of our products, programs or services to minors.
SECTION 10 - General Data Privacy Regulation (GDPR)
The GDPR takes effect on May 25, 2018, and is intended to protect the data of European Union citizens.
As a company that markets its site. Content, products and/or services on line we do not specifically target our marketing to the EU or conduct business in or to the EU in any meaningful way. If the data that you provide to us in the course of your use of our site or services or products is governed by GDPR, we will abide by the relevant portions of the regulation.If you are a resident of the European Economic Area (EEA), or are accessing this site from within the EEA, you may have the right to request: access to, correction of, deletion of; portability of; and restriction or objection to processing, of your personal data, from us. This includes the “right to be forgotten.”
To make any of these requests, please contact our GDPR contact at firstname.lastname@example.org.
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at email@example.com or by mail at
The OCO Company\ [Re: Privacy Compliance Officer]\ 111 Center Street - Saint Simons Island, GA 31522