- SECTION 1 – HOW WE COLLECT INFORMATION ABOUT YOU
- SECTION 2 – INFORMATION WE COLLECT
- SECTION 3 – HOW WE USE YOUR INFORMATION
- SECTION 4 – CONSENT
- SECTION 5 – AGE OF CONSENT
- SECTION 6 – THIRD-PARTY SERVICES
- SECTION 7 – DISCLOSURE
- SECTION 8 – CURRENCY CONVERSION
- SECTION 9 – SHOPIFY
- SECTION 10 – HOW LONG WE RETAIN YOUR INFORMATION
- SECTION 11 – SECURITY
- SECTION 12 – COOKIES
- SECTION 13 – WEB BEACONS
- SECTION 14 – TRANSFERS OF YOUR INFORMATION OUTSIDE OF THE EUROPEAN ECONOMIC AREA
- SECTION 15 – YOUR RIGHTS IN RELATION TO YOUR INFORMATION
- SECTION 16 – DO NOT TRACK
- SECTION 17 – SENSTITIVE PERSONAL INFORMATION
SECTION 1 – HOW WE COLLECT INFORMATION ABOUT YOU
We collect information about you in one of the following ways: (1) when you visit our website (2) when you sign up for our newsletter (3) when you create an account (4) when you make a purchase (5) when you contact us via email (6) when you contact us via postal mail (7) from cookies and similar technologies and (8) occasionally from third parties.
SECTION 2 – INFORMATION WE COLLECT
The information that we collect about you includes the following: (1) your name (2) your email address (3) your phone number (4) your billing address (5) your shipping address (6) your payment details e.g. your credit or debit card (7) your IP address (8) the device you were using to access our website e.g. desktop, mobile or tablet (9) your browser type (10) the pages of our website that you visited, the time you visited them, how long you were on those pages and what you clicked on those pages (11) your geographical location from which you visited our website based on the IP address you used and (12) the type of internet connection you were on.
SECTION 3 – HOW WE USE YOUR INFORMATION
Your information is only used for business purposes including: (1) processing orders that you have placed on our website to purchase our products (2) contacting you regarding any order issues (3) emailing you with our newsletter if you have subscribed or opted in to receive it (4) advertising our products to you and (5) analyzing your use of our website.
SECTION 4 – CONSENT
We obtain your consent when you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase. We imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
If after you’ve opted-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at email@example.com or mailing us at:
PO Box 1583
Lansdale, Pennsylvania USA 19446
If you are on our mailing list and wish to opt-out of our newsletter emails please refer to the “Unsubscribe” button at the bottom of all of our emails. You will be immediately unsubscribed and will no longer receive newsletter emails from us.
SECTION 5 – AGE OF CONSENT
We comply with the Children’s Online Privacy Protection Act of 1998 (COPPA). By using our website, you represent that you are at least the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use our website. We do not knowingly contact, solicit or collect information from persons under the age of 18. If we become aware that we have obtained any such information from third parties through their use of fraud or misrepresentation we will delete the information from our servers. If you would like to notify us of our receipt of information about persons under the age of 18, please do so by sending an email to firstname.lastname@example.org.
SECTION 6 – THIRD-PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either yours or ours. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
When you click on links on our website, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
SECTION 7 – DISCLOSURE
Disclosure of your information falls into three categories: (1) Disclosure to Service Providers (2) Disclosure to Other Third Parties and (3) Disclosure for Legal Reasons.
This list is not exhaustive. We use other service providers but do not publicly display their names for security and competitive reasons. If you would like further details and have a legitimate reason for requesting this information as outlined in Article 6(1)(f) of the General Data Protection Regulation it will be provided upon request. Please email us at email@example.com.
Other Third Parties:
Google collects information through our use of Google Analytics on our website. To learn more about what information Google collects and uses and how to control the information sent to Google, please see the following page https://www.google.com/analytics/terms/us.html. You can opt out of Google Analytics by installing the following browser plugin here: https://tools.google.com/dlpage/gaoptout.
For additional information on third parties please refer to SECTION 6 – THIRD-PARTY SERVICES.
In the event we suspect criminal conduct such as fraud, distribution of malicious code, denial of service attacks, unusual or suspicious activity or other cyber crime or if we receive threats or malicious communications your information can be disclosed to the appropriate authorities, such as the police. In addition, if you do not pay us amounts owed as per your contractual obligation with us we can share information with debt collection agencies. Your information can also be disclosed for legal reasons if we receive a court order or subpoena to do so.
We never sell any of your information to third parties.
Lastly, we may disclose your personal information if you violate our Terms of Service.
SECTION 8 – CURRENCY CONVERSION
By using our website, you (the visitor) agree to allow third parties to process your IP address, in order to determine your location for the purpose of currency conversion. You also agree to have that currency stored in a session cookie in your browser (a temporary cookie which gets automatically removed when you close your browser). We do this in order for the selected currency to remain selected and consistent when browsing our website so that the prices can convert to your (the visitor) local currency.
For more information on third parties please refer to SECTION 6 – THIRD-PARTY SERVICES.
For more information on cookies, please visit our cookies policy here: https://behemotor.com/pages/cookie-policy
SECTION 9 – SHOPIFY
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
SECTION 10 – HOW LONG WE RETAIN YOUR INFORMATION
Retention of your information varies based on its type. Order information is retained indefinitely as it is required for our tax reporting purposes. Correspondence and inquires by email or through our contact form are retained indefinitely unless you request it to be deleted AND the deletion does not interfere with any applicable laws. Email newsletter sign up credentials are retained for as long as you remain subscribed and are deleted if you decide to unsubscribe or we decide to cancel our email newsletter service. In any other circumstances, we will retain your information for no longer than necessary to perform our contractual obligations with you or as required by law.
SECTION 11 – SECURITY
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all Payment Card Industry Data Security Standard (PCI-DSS) requirements and implement additional generally accepted industry standards.
SECTION 12 – COOKIES
Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
For more information, please visit our cookies policy here: https://behemotor.com/pages/cookies-policy
SECTION 13 – WEB BEACONS
We use technologies such as web beacons, which are small graphic files in emails we send to allow us to assess the level of engagement our emails receive by measuring data such as delivery rates, open rates and click through rates. Web beacons are only used in your emails if you have consented to us doing so.
For more information, please visit our cookies policy here: https://behemotor.com/pages/cookie-policy
SECTION 14 – TRANSFERS OF YOUR INFORMATION OUTSIDE OF THE EUROPEAN ECONOMIC AREA
We are a company based in the United States of America. In certain circumstances we transfer your information outside of the European Economic Area, including the United States of America and Canada. Where we do so, we will ensure that appropriate safeguards are in place, including the third parties we use who transfer your information outside the European Economic Area have self-certified themselves as compliant with the EU-U.S. Privacy Shield.
You can access our third party email provider and mailing list provider, AWeber Systems, Inc.’s, privacy policies here: www.aweber.com/privacy.htm.
All three have self-certified compliance with the EU-U.S. Privacy Shield. The EU-U.S. Privacy Shield is an approved certification mechanism under Article 42 of the General Data Protection Regulation, which is permitted under Article 46(2)(f) of the General Data Protection Regulation. You can access the European Commission decision on the adequacy of the EU-U.S. Privacy Shield here: https://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm
SECTION 15 – YOUR RIGHTS IN RELATION TO YOUR INFORMATION
Your rights in relation to your information include: (1) access to your information and to receive information about its use (2) having your information corrected and/or completed (3) having your information deleted (4) restricting the use of your information (5) receiving your information in a portable format (6) objecting to the use of your information (7) withdrawing your consent to use your information and (8) complaining to a supervisory authority.
For further information please refer to the underlying legislation contained in Articles 12 to 22 and 34 of the General Data Protection Regulation, which is available here: http://ec.europa.eu/justice/data-protection/reform/files/regulation_oj_en.pdf.
Additional resources can viewed here:
SECTION 16 – DO NOT TRACK
“Do Not Track” is a privacy preference that users can set in their web browsers. When a user turns on a Do Not Track signal in their browser, the browser sends a message to websites requesting that they do not track the user. For more information please visit www.allaboutdnt.org
SECTION 17 – SENSTITIVE PERSONAL INFORMATION
Sensitive personal information is information about an individual that reveals their racial or ethnic origin, political affiliation or opinions, religious or philosophical beliefs, trade union memberships, genetics, biometrics, health or sexual orientation.
We do not collect any sensitive personal information from individuals and request that you never provide us with any such information.
If, however, you intentionally or unintentionally transit such information it will be considered explicitly consented to us under Article 9(2)(a) of the General Data Protection Regulation. If this data is received by us it will be deleted.
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at firstname.lastname@example.org or by mail at
[Re: Privacy Compliance Officer]