Effective Date: May 25, 2018
SECTION 1 - DATA WE COLLECT AND PROCESS
SECTION 2 - WHAT DO WE DO WITH YOUR DATA?
The Data we collect from customers is used to fulfill orders placed through our Website, which includes the processing of payment information, preparing orders for shipment, and providing order confirmations and other order-related communication. In addition, we’ll use Data from your visit to our Website to improve and optimize the customer experience, to screen for potential risk and fraud, to provide the most relevant advertisements and email communications to you, and to assess the success of our current marketing and advertising campaigns. In accordance with the General Data Protection Regulations (GDPR), we are considered a “controller” of Data and we may engage third party “processors” of Data.
SECTION 3 - YOUR CONSENT & RIGHTS
By accessing our Website and providing data to complete a transaction or to receive communication from us, you have provided your consent for our use and collection of your Data. However, in the event you change your mind, and no longer wish that we utilize your Data, you may withdraw your consent by contacting us at email@example.com with the subject line Privacy Compliance or by mailing us at: Ursa Major, Privacy Compliance, 1 Stowe Street, 2nd Floor, Waterbury, Vermont US 05676.If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us at firstname.lastname@example.org with the subject line Privacy Compliance or mail us at: Ursa Major, Privacy Compliance, 1 Stowe Street, 2nd Floor, Waterbury, Vermont US 05676.In addition, European residents who believe any concerns regarding their Data have not been adequately addressed by us may lodge a complaint with the supervisory authority of their particular Member State, as defined under GDPR Chapter 6.
SECTION 4 - DATA RETENTION
SECTION 5 - COOKIES
A cookie is a small text file that is stored in your web browser that allows us to recognize you and your preferences. Cookies may be used for the following reasons: (1) to enable certain site functions and features, (2) to provide data analytics, (3) to store your preferences, and/or (4) to enable ad delivery and marketing. You can set your cookie preferences in your browser settings. You may also opt out of targeted advertising through the following services directly:
Facebook - https://www.facebook.com/settings/?tab=ads
Google - https://www.google.com/settings/ads/anonymous
Bing - https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads
Digital Advertising Alliance - http://optout.aboutads.info/?c=2#!/
National Advertising Initiative - http://optout.networkadvertising.org/?c=1#!/
SECTION 6 - SHOPIFY
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your Data is stored through Shopify’s data storage, databases and the general Shopify application. They store your Data on a secure server behind a firewall. If you choose a direct payment through our Shopify store to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers. For more insight, you may also want to read Shopify’s Terms of Service here or Privacy Statement here.
SECTION 7 - OTHER THIRD-PARTY SERVICES
SECTION 8 - DISCLOSURE OF YOUR INFORMATION
SECTION 9 - DATA SECURITY
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. We follow all PCI-DSS requirements and implement additional generally accepted industry standards.Unfortunately, no data transmission over the Internet or any wireless network can be guaranteed to be 100% secure. As a result, while we strive to protect your Data, you acknowledge that: (a) there are security and privacy limitations of the Internet that are beyond our control; (b) the security, integrity, and privacy of any and all information and Data exchanged between you and us through our Website cannot be guaranteed and we shall have no liability to you or any third party for loss, misuse, disclosure or alteration of such information; and (c) any such information and Data may be viewed or tampered with in transit by a third party.In the unlikely event that we believe the security of your Data in our control may have been compromised, we will try to notify you. To the extent you have provided us with your email address, we may notify you by email and you agree to our use of email as a means of such notification. If you prefer for us to use another method to notify you in this situation, please contact us at email@example.com with the alternative contact information you wish to be used.
SECTION 10 – DO NOT TRACK DISCLOSURES
Some websites have “do not track” features that allow users to instruct a website not to track them. These features are not all uniform. Ursa Major does not currently respond to those signals; however, our marketing partners may be members of the Network Advertising Initiative or the Digital Advertising Alliance, which have agreed to honor consumers’ opt-out preferences submitted through those organizations’ websites. To learn more about your choices regarding this type of data collection or to opt out of interest-based advertising by members of the NAI or the DAA, please visit the choices websites of the NAI and DAA at https://www.aboutads.info. You also may locate Google Analytics’ currently available opt-outs for the web here: https://tools.google.com/dlpage/gaoptout/.
SECTION 11 - AGE OF CONSENT
We are not a site targeted at children or those under the age of 16. By using our Website, you represent that you are at least the age of majority in your country, state or province of residence, or that you are the age of majority in your country, state or province of residence and you have given us your consent to allow any of your minor dependents to use our Website.
SECTION 13 - CONTACT INFORMATION
If you would like to access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information email us at:firstname.lastname@example.org or by mail at: Ursa Major, Privacy Compliance1 Stowe Street, 2nd FloorWaterbury, Vermont 05676US