What do we do with personal information?
When a User orders a product or service from our online store, as part of the process, we collect personal information such as, but not limited to, name, address, phone number and e-mail address. When a User browses our store, we also automatically receive the User’s computer’s internet protocol (IP) address, in order to provide us with information about the browser and operating system being used.
Marketing: with User’s permission, we may send e-mails, mails or other type of communication about our stores, new products and other updates.
When a User provides personal information to complete a transaction, verifies a credit or debit card, places an order, arranges for a delivery or return of an order, we imply that the User consents to our data collecting and use of such data for that specific reason. If we ask for the User’s personal information for a secondary reason, such marketing, we will either ask the User directly for an expressed consent, or provide an opportunity for refusal.
We may disclose personal information, if we are required by law to do so or, if there is violation of our “Terms and Conditions”.
Shopify and Stripe
Our online store is hosted with Shopify. They provide us with the online e-commerce platform that allows us to sell our products and services. A User’s data is stored through Shopify data storage, databases and the general Shopify application. They store the data on a secure server behind a firewall.
Payment: if a User chooses a direct payment gateway to complete an order, then Stripe inc. (Shopify partner) stores the credit or debit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). The order transaction data is stored only as long as necessary to complete an order transaction. After completing a transaction, the order transaction information is deleted. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands such as Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit and debit card information by our store and its service providers. For more insight, please read Shopify. and Stripe Inc. Terms of Service or Privacy Statement.
Shopify - www.shopify.com/about/privacy
Stripe Inc. - www.stripe.com/en-pt/privacy
In general, third-party providers used by IMAGO will only collect, use and disclose User’s information to the extent necessary to allow them to perform the services they provide us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide them for the order-related transactions.
For these providers, we recommend a reading of their privacy policies so to understand the manner in which personal information will be handled by these providers. In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either the User or IMAGO. If a User elects to proceed with a transaction, which involves the services of a third-party service provider, then information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
To protect personal information, we take reasonable precautions and follow industry best practices to assure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
To access, correct, amend or delete any personal information we have, register a complaint, or simply want more information, contact our company by e-mail to firstname.lastname@example.org