Yewoly is committed to protecting and respecting any personal information you share with us. This statement describes what types of information we collect from you, how it is used by us, how we share it with others, how you can manage the information we hold and how you can contact us.
What information do we collect?
We only collect information that is necessary, relevant and adequate for the purpose you are providing it for.
Personal data you share with us
We may ask for personal data when you order from us; this includes when you order from the Website or over the phone or when you sign up to our mailing list.
The information we collect includes but is not limited to:
Name (including title);
Payment card details;
Date of birth;
Personal data we receive from other sources
We sometimes obtain information about you or your purchases from other third parties, including our Concession partners on the purchases you make with them in our stores. These companies have their own privacy policies explaining how they use and share your personal data. You should carefully review these privacy policies prior to engaging with the third party, to make sure that you are happy with them.
Personal data we collect about you
We will collect your information when you use our website or visit our stores. Some of this data does not identify you personally but provides us with information about how you use our services and engage with us in order to improve our services and make them more useful to you.
The information we collect includes but is not limited to:
The date and time you used our services;
The pages you visited on our website and how long you visited us for;
The products you viewed or added to your basket;
Your IP address;
Your location (where you have permitted access to this);
The internet browser and devices you are using;
Voice recordings of calls you make to our customer service center;
Our “Live chat” record;
Any information within correspondence you send to us;
Where you engage with us in a business context, we may collect your job title, company contact details (including email addresses), and company details (some of which we may obtain from an online or public business directory).
How do we use this information?
We will only process information that is necessary for the purpose for which it has been collected. You will always have the option not to receive marketing communications from us (and you can withdraw your consent or object at any time). We will never send you unsolicited ‘junk’ email or communications, or share your personal information with anyone else who might.
There are various ways in which we may use or process your personal information. We list these below:
Where you have provided your consent, we may use and process your information to contact you from time to time through electronic channels such as email about promotions, events, products, services or information which we think may be of interest to you.
You can withdraw your consent at any time by emailing firstname.lastname@example.org or, in relation to any marketing messages you receive, by selecting the unsubscribe option included in those messages.
We may use and process your personal information where this is necessary to perform a contract such as to fulfill and complete your orders and purchases.
We may process your personal information to comply with any legal and/or regulatory requirements.
We may need to process your personal information to contact you if there is an urgent safety or product recall notice and we need to tell you about it.
We may use and process your personal information as set out below where it is necessary for us to carry out activities for which it is in our legitimate interests as a business to do so.
Processing necessary for us to support customers with sales and other inquiries
In order to support sales and/or queries, we may use your information:
To respond to correspondence you send to us and fulfill the requests you make to us (for example: helping with sizing information.)
Processing necessary for us to respond to understanding customers’ needs
To develop and improve our relationship with you, we may use your information:
To analyze, evaluate and improve our products and services, including the use of our website, applications, customer service center, and stores, in order to improve your customer experience (where possible we will use data amalgamated from many people so that it doesn’t identify you personally);
How do we share this information?
We do not sell your information to third parties. However, we may from time to time disclose your information to the following categories of companies or organizations to which we pass the responsibility to handle services on our behalf:
Service providers who help us to operate our Website and App, fulfill your orders and deliver our products to you, including:
Credit reference agencies;
Direct marketing communications agencies and consultants;
Market research and market analytics service providers;
Legal and other professional advisors.
Certain regulatory bodies, government, and enforcement agencies, where required.
We take steps to ensure that any third party partners who handle your information comply with data protection legislation and protect your information just as we do. We only disclose personal information that is necessary for them to provide the service that they are undertaking on our behalf. We will aim to anonymize your information or use aggregated none specific data sets where ever possible.
Due to the international nature of our business, there may be some instances where your information is processed or stored outside of the EU. In those instances, we will ensure that appropriate safeguards are in place for that transfer and storage as required by applicable law.
How long do we keep your information for?
We will not hold your personal information in an identifiable format for any longer than is necessary. If you are a customer or otherwise have a relationship with us we will hold personal information about you for a longer period than if we have obtained your details in connection with a prospective relationship.
How can you manage the information we hold about you?
You have the right as an individual to access any personal information we hold about you and make corrections if necessary. You also have the right to withdraw any consent you have previously given us and, in certain circumstances, ask us to erase information we hold about you. You can also object to us using your personal information (where we rely on our business interests to process and use your personal information).
You have a number of rights in relation to your personal information under data protection law. In relation to most rights, we will ask you for information to confirm your identity and, where applicable, to help us search for your personal information. We will respond to you within a month after we have received any request (including any identification documents requested).
You have the right to:
Ask for a copy of the information that we hold about you;
Correct and update your information;
Withdraw your consent (where we rely on it);
Object to our use of your information (where we rely on our legitimate interests to use your personal information) provided we do not have any lawful reason to continue to use and process the information. When we do rely on our legitimate interests to use your personal information for direct marketing, we will always comply with your right to object;
Erase your information (or restrict the use of it), provided we do not have any lawful reason to continue to use and process that information;
Provide you your information in a structured data file, where we rely on your consent to use and process your personal information or need to process it in connection with your purchase.
SECTION 1 - WHAT DO WE DO WITH YOUR INFORMATION?
When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address.
When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
Email marketing (if applicable): With your permission, we may send you emails about our store, new products and other updates.
SECTION 2 - CONSENT
How do you get my consent?
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at email@example.com or mailing us at:
SECTION 3 - DISCLOSURE
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
SECTION 4 - SHOPIFY
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
SECTION 5 - THIRD-PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
Our store uses Google Analytics to help us learn about store visits and the pages being viewed.
SECTION 6 - SECURITY
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
SECTION 7 - COOKIES
Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
PREF, persistent for a very short period, Set by Google and tracks who visits the store and from where
SECTION 8 - AGE OF CONSENT
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at firstname.lastname@example.org