1. Core Principles
When you use the Services, we collect the following information, and use it only as described below:
2.1. Account Information. This may include your name, address, email address and phone number. We use this information in the ways you would expect, such as to process your order or contact you.
2.2. Payment Information. When you initially provide or update your payment information, we transmit it via an encrypted connection to our Payment Processor. We don’t store your payment information, other than your zip code and country, which we require for billing and to comply with tax and other government regulations.
2.3. Communications With Us. When you send us emails or other communications, such as customer support inquiries, we maintain those communications and their contents so that we can resolve your inquiries or otherwise assist you.
While no service is completely secure, we have leveraged the security team of Shopify, dedicated to keeping your information safe. They employ security measures such as using firewalls to protect against intruders, building redundancies throughout our network (so that if one server goes down, another can cover for it) and testing for and protecting against network vulnerabilities. Payment information is transmitted using HTTPS encryption, and they maintain a PCI DSS certification on our behalf.
We'll retain your personal information for as long as we need it to provide you with the Services. You can ask for your personal information to be deleted at any time by contacting us. Please note that there may be latency in deleting your personal information from our servers and backup storage, and we may retain your personal information in order to comply with the law, protect our rights, resolve disputes or enforce our agreements.
We may retain certain information as required by law or for necessary business purposes. On request, we'll provide you with a copy of your personal information that we maintain. This request may be subject to a fee not exceeding the prescribed fee permitted by law.
We may periodically email you service-related announcements. We'll also send you emails related to your transactions. We may also send you marketing or promotional communications, but you can opt out of receiving subsequent marketing or promotional communications by clicking the link marked unsubscribe (or a similar phrasing) that’s included in those communications.
7. Privacy Shield
8.1. Compliance. Shopify complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal information transferred from the European Union to the United States (“EU Personal Data”). We’ve certified to the Department of Commerce that we adhere to the Privacy Shield Principles and, assuming our certification is approved, you’ll be able to find it here. You can learn more about Privacy Shield by visiting https://www.privacyshield.gov/.
8.3. Inquiries And Disputes. If you have questions you believe to be within the scope of our Privacy Shield certification, please contact us. For any complaints that we can’t resolve directly, JAMS is the independent organization responsible for reviewing and resolving complaints about our Privacy Shield compliance, and you can contact JAMS at https://www.jamsadr.com/eu-us-privacy-shield. In the event your concern still isn't addressed by JAMS, you may be entitled to a binding arbitration under the Privacy Shield Principles. For purposes of enforcing compliance with the Privacy Shield, Shopify is subject to the investigatory and enforcement authority of the U.S. Federal Trade Commission.