SECTION 1: TYPES OF INFORMATION COLLECTED
A. Types of Information We Collect
In order to better provide you with information regarding the Services offered by ALD, we collect two types of information about our users: Personally Identifiable Information (“PII”) and Aggregate Information.
Personally Identifiable Information: This refers to information that lets us know the specifics of who you are. When you engage in certain activities on this Site, such as registering for an account, downloading or purchasing a product or service, submitting comments and/or posting comments, or sending us feedback, we may ask you to provide certain information about yourself.
Examples of PII may include your first and last name, email address, mailing address (including zip code), employer, job title and department, telephone and facsimile numbers, and other identifying information. When ordering products or services on the Site, you may also be asked to provide a credit card number.
Aggregate Information: This refers to information that does not by itself identify a specific individual. ALD gathers certain information about you based upon where you visit on our Site and what other sites may have directed you to us. This information, which is collected in a variety of different ways, is compiled and analyzed on both a personal and an aggregated basis. This information may include the Website’s Uniform Resource Locator (“URL”) that points to the site you just came from, which URL you go to after visiting our Site, what browser you are using, and your Internet Protocol (“IP”) address.
B. How We Collect and Use Information
We do not collect any PII about you unless you voluntarily provide it to us. However, you may be required to provide certain PII to us when you elect to use the Services available on the Site. These may include: (a) registering for an account on our Site; (b) entering a sweepstakes or contest sponsored by us or one of our partners; (c) signing up for special offers from selected third parties; (d) sending us an email message; (e) submitting a form or transmitting other information by telephone or letter; or (e) submitting your credit card or other payment information when ordering and purchasing Services on our Site. When processing certain information, such as payment information with affiliated banking institutions or payment processors, we encrypt the transaction in order to prevent your PII from being stolen or intercepted.
We may also collect certain Aggregate Information. For example, we may use your IP address to diagnose problems with our servers, software, to administer our Site and to gather demographic information.
C. E-mail Marketing
With your permission, we may send you emails about our store, new products and other updates.
SECTION 2: CONSENT
How do you get my consent?
When you provide us with PII to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, you consent to our collecting your PII and using it for that specific reason only.
If we ask for your PII for a secondary reason, including but not limited to marketing purposes, we will either ask you directly for your expressed consent or provide you with an opportunity to say no.
How do I withdraw my consent?
SECTION 3: REQUIRED DISCLOSURE
Occasionally ALD may be required by law enforcement or judicial authorities to provide PII to the appropriate governmental authorities. In such cases, we will disclose PII upon receipt of a court order, subpoena, or in cooperation with a law enforcement investigation. ALD fully cooperates with law enforcement agencies in identifying those who use our services for illegal activities. We reserve the right to report to law enforcement agencies any activities that we believe in good faith to be unlawful.
SECTION 4: SHOPIFY
Our Site is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell the Services to you. Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After your transaction is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS, as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service.
SECTION 5: THIRD-PARTY SERVICES
In general, the third-party providers used by ALD will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us. However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
When you click on links on ALD’s Site, they may direct you away from our Site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
SECTION 6: SECURITY
To protect your personal information, ALD takes reasonable precautions and follows industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, ALD follows all PCI-DSS requirements and implement additional generally accepted industry standards. While we strive to protect your PII, you acknowledge that there are security and privacy limitations inherent to the Internet which are beyond the control of ALD, and the security, integrity and privacy of any and all information and data exchanged between you and ALD through this Site cannot be guaranteed.
Depending upon how you use ALD’s Site, we store cookies on your computer in order to collect certain aggregate data about our users and to customize certain aspects of your specific user experience. A cookie is a small data text file which is stored on your computer that uniquely identifies your browser. The following is a listing of the cookies that are used by ALD. We’ve listed them here so you can choose if you want to opt-out of cookies or not.
- session_id, unique token, sessional - Allows Shopify to store information about your session (referrer, landing page, etc).
- secure_session_id, unique token, sessional – Allows Shopify to store information about your session
- shopify_visit, no data held, Persistent for 30 minutes from the last visit - Used by our website provider’s internal stats tracker to record the number of visits.
- shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day - Counts the number of visits to a store by a single customer.
- cart, unique token, persistent for 2 weeks - Stores information about the contents of your cart.
- storefront_digest, unique token, indefinite - If the Site has a password, this is used to determine if the current visitor has access.
SECTION 7: AGE OF CONSENT
at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
If ALD is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
Questions and Contact Information
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at email@example.com or via first class U.S. Mail at: American Leather Direct, 268 Orange Cemetery Road, Morgantown, KY, 42261, United States.