PRIVACY & COOKIES POLICY
For the purpose of the The General Data Protection Regulation (GDPR) (EU) 2016/679 , the data controller for any personal information we hold about you is Kaaita d.o.o, Prikrnica 14, 1251 Moravče, Slovenia.
INFORMATION WE MAY COLLECT FROM YOU
When you register for a service provided by us (subscribing to our Newsletter), make an order from us, complete a transaction, verify your credit/debt card details, arrange for a delivery or if you email us or report a problem about our Website to us we will ask for and, if provided, collect and process information about you. We may collect the following information from you:
- your name, e-mail address, billing address, shipping address, mobile number, home and/or work phone;
- if you contact us, we may keep a record of that correspondence;
- details of transactions you carry out through our Website (not including your credit/debit card details);
- details of your visits to our Website and the resources that you access.
When you make an order from us, complete a transaction, verify your credit/debt card details, arrange for a delivery or if you email us or report a problem about our Website, it is implied that by providing us with personal data at that time, you are consenting to our collecting of your personal data.
Where we ask for your personal data for subscribing you to our Newsletter, we will ask you directly for your expressed consent.
In the event that, after you have opted-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time, by contacting us at firstname.lastname@example.org or writing to us at:
IP ADDRESSES AND COOKIES
We may also collect information about your computer including, where available, your IP address, operating system and browser type, this is for system administration and to report aggregate information to any advertisers we may have now or in the future. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.
- estimate our audience size and usage pattern.
- store information about your preferences, and so allow us to customise our Website according to your individual interests.
- speed up your searches.
- recognise you when you return to our Website.
USES MADE OF THE INFORMATION
We use information held about you in the following ways:
- to fulfil the orders you place with us and arrange for the delivery of products to you;
- to recognise you as a registered customer and manage your account;
- to keep a record of the purchases you have made from us so that we may assess what offers might be relevant to you;
- to ensure that content from our Website is presented in the most effective manner for you and for your computer;
- to provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes;
- to carry out our obligations arising from any contracts entered into between you and us;
- to allow you to participate in interactive features of our service, when you choose to do so.
- to notify you about changes to our service.
If you do not want us to use your data in this way please email us at email@example.com notifying us that you do not wish us to hold the personal data we have collected about you.
WHERE WE STORE YOUR PERSONAL DATA
Whilst Shopify store your personal data and other data, we reserve all rights to your personal data and other data and Shopify will never contact you directly, or use your personal data for their own business advantage. We may, from time to time, download the personal data and other data stored by Shopify on our behalf. We will take reasonable care to maintain appropriate safeguards to ensure the security, integrity and privacy of your personal data, as defined in the GDPR, in accordance with the GDPR.
When you pay for a product on our Website the transaction is carried out using Shopify’s secure payment gateway. Shopify encrypt the card information through the Payment Card Industry Data Security Standard and your purchase transaction data is stored by Shopify only as long as is necessary to complete your transaction. After the transaction is complete the purchase transaction information is deleted.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will take reasonable care to protect your personal data, we cannot guarantee the security of the personal data you provide to us; any transmission is at your own risk.
DISCLOSURE OF YOUR PERSONAL DATA
We may disclose your personal data to third parties, as follows:
in order that we may deliver any ordered products to you we must disclose your name, delivery address and telephone number to the delivery company or companies we use;
Payment for all products ordered on our Website is made through Shopify. This means that Shopify handle the transaction on our behalf and we do not at any time gain access to your credit/debit card details, except your address which is necessary in order for us to fulfil your order. Shopify receive your credit/debit card details and encrypt every transaction using 128-bit SSL certificates. Once on their system, Sage Pay secure all sensitive data using 256-bit encryption standards.
Shopify and Mail Chimp may use third party providers to carry out the services they provide to us and may disclose personal data to the extent necessary to allow them to perform their services. For more information on how these three parties handle personal data, we recommend that you read their privacy policies:
In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
If our business or substantially all of its assets are acquired by a third party, in which case personal data held by us about our customers will be one of the transferred assets.
If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms and conditions of supply and other agreements; or to protect the rights, property, or safety of our business, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction. We will take reasonable steps to ensure that all third party partners to whom we transfer and personal data will provide sufficient protection of that personal data.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your information) if we intend to use your personal data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your personal data. You can also exercise the right at any time by contacting us at Kaaita, Beethovnova 9, 1000, Ljubljana, Slovenia OR at: firstname.lastname@example.org.
Our Website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
ACCESS TO PERSONAL DATA
The GDPR gives you the right to access information held about you. Your right of access can be exercised in accordance with the GDPR.
Last updated on: 24 May 2018