Privacy and Cookies Policy
Last updated 4th February 2016
1.1 We are committed to safeguarding the privacy of our website visitors; in this policy we explain how we will treat your personal information. By using our site you are consenting to the practices described in this policy.
2 Information we may collect from you
2.1 We may collect, store and use the following kinds of personal information:
(a) information relating to any purchases you make of our goods as part of the buying and selling process including your name, delivery address, payment address, email address and card details;
(b) information that you provide to us when registering with our website, or that you provide to us for the purpose of subscribing to our email notifications and/or newsletters;
(c) when you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser, operating system, referral source, lenth of visit, page views and website navigation paths;
(d) information that you post to our website for publication on the internet or that you provide to a research company acting on our behalf for publication on the internet (including your user name, profile pictures and reviews);
(e) information contained in or relating to any communication that you send to us by phone, email or otherwise (including the communication content and metadata associated with the communication); and
(f) any other personal information that you choose to send to us.
2.2 Before you disclose to us the personal information of another person, you must obtain that person's consent to both the disclosure and the processing of that personal information in accordance with this policy.
3 Using personal information
3.1 Personal information submitted to us through our website will be used for the purposes specified in this policy or on the relevant pages of the website.
3.2 We may use your personal information to:
(a) send you goods purchased through our website;
(b) enable your use of the services available on our website;
(c) personalise our website for you;
(d) send statements, invoices and payment reminders to you, and collect payments from you;
(e) send you non-marketing commercial communications;
(f) send you email notifications that you have specifically requested;
(g) with your permission, we may send you emails about our store, new products and other updates;
(h) administer our website and business;
(i) request your feedback on what you thought of our service;
(j) provide third parties with statistical information about our users (but those third parties will not be able to identify any individual user from that information);
(k) deal with enquiries and complaints made by or about you relating to our website;
(l) keep our website secure and prevent fraud; and
(m) verify compliance with the terms and conditions governing the use of our website.
3.3 If you submit personal information for publication on our website, we will publish and otherwise use that information in accordance with the licence you grant to us.
3.4 We will not, without your express consent, supply your personal information to any third party for the purpose of their or any other third party’s direct marketing.
3.5 You may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information at any time by emailing us at firstname.lastname@example.org or by writing to us at Kippson Limited, 49 Station Road, Polegate, East Sussex, UK, BN26 6EA
4 Disclosing personal information
4.1 We may disclose your personal information
(a) to any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes set out in this policy; and
(b) to outside research companies whom we may ask to contact you directly for your opinions on our service, in which case we will provide them with only the information they need to perform their function.
4.2 We may disclose your personal information:
(a) to the extent that we are required to do so by law or if you violate our Terms of Service;
(b) in connection with any ongoing or prospective legal proceedings;
(c) in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk);
(d) to any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information;
(e) to the purchaser (or prospective purchaser) of any business or asset that we are (or are contemplating) selling.
4.3 Except as provided in this policy, we will not provide your personal information to third parties.
5 International Data Transfers
5.1 Information that we collect may be stored and processed in and transferred between any of the countries in which we operate in order to enable us to use the information in accordance with this policy.
5.2 Information that we collect may be transferred to countries outside the European Economic Area, including the United States of America, which do not have data protection laws equivalent to those in force in the European Economic Area.
5.2 Personal information that you publish on our website or submit for publication on our website may be available, via the internet, around the world. We cannot prevent the use or misuse of such information by others.
5.3 You expressly agree to the transfers of personal information described in this section 5.
6.1 Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall. You may also want to read Shopify’s Terms of Service which are available at https://www.shopify.com/legal/terms and their Privacy Statement is available at https://www.shopify.com/legal/privacy.
6.2 If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
7 Third-party services
7.1 In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
7.2 Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy and Cookies Policy or our website’s Terms and conditions of Service.
7.3 When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
8.1 To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
8.2 If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
8.3 You acknowledge that the transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
9 About cookies
9.1 A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
9.2 Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
9.3 Cookies can be used by web servers to identify and track users as they navigate different pages on a website and identify users returning to a website.
10 Cookies we use
10.1 Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not:
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
11 Analytics cookies
11.1 We use Google Analytics to analyse the use of our website.
11.2 Our analytics service provider generates statistical and other information about website use by means of cookies.
11.3 The analytics cookies used by our website have the following names: _ga, _gat, __utma, __utmt, __utmb, __utmc, __utmz and __utmv.
11.4 The information generated relating to our website is used to create reports about the use of our website.
12 Blocking cookies
12.1 Most browsers allow you to refuse to accept cookies; for example:
(a) in Internet Explorer (version 11) you can block cookies using the cookie handling override settings available by clicking "Tools", "Internet Options", "Privacy" and then "Advanced";
(b) in Firefox (version 39) you can block all cookies by clicking "Tools", "Options", "Privacy", selecting "Use custom settings for history" from the drop-down menu, and unticking "Accept cookies from sites"; and
(c) in Chrome (version 44), you can block all cookies by accessing the "Customise and control" menu, and clicking "Settings", "Show advanced settings" and "Content settings", and then selecting "Block sites from setting any data" under the "Cookies" heading.
12.2 Blocking all cookies will have a negative impact upon the usability of many websites.
12.3 If you block cookies, you will not be able to use all the features on our website.
13 Deleting cookies
13.1 You can delete cookies already stored on your computer; for example:
(a) in Internet Explorer (version 11), you must manually delete cookie files (you can find instructions for doing so at http://windows.microsoft.com/en-gb/internet-explorer/delete-manage-cookies#ie=ie-11);
(b) in Firefox (version 39), you can delete cookies by clicking "Tools", "Options" and "Privacy", then selecting "Use custom settings for history" from the drop-down menu, clicking "Show Cookies", and then clicking "Remove All Cookies"; and
(c) in Chrome (version 44), you can delete all cookies by accessing the "Customise and control" menu, and clicking "Settings", "Show advanced settings" and "Clear browsing data", and then selecting "Cookies and other site and plug-in data" before clicking "Clear browsing data".
13.2 Deleting cookies will have a negative impact on the usability of many websites.
14 Age of consent
14.1 By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
15 Changes to this Privacy and Cookies Policy
15.1 We reserve the right to modify this privacy and cookies policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.
15.2 If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
16 Questions and contact information
16.1 If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at email@example.com or by writing to us at Kippson Limited, 49 Station Road, Polegate, East Sussex, UK, GB BN26 6EA.