Privacy Policy
ARTICLE 1 – PERSONAL DATA COLLECTED
When you make a purchase in our store, we collect the personal data you provide to us as part of the purchase and sale process, such as your name, address, and email address.
When you browse our store, we also automatically receive the Internet Protocol (IP) address of your computer, which allows us to obtain more information about the browser and operating system you are using.
Email Marketing (if applicable): With your permission, we may send you emails about our store, new products, and other updates.
ARTICLE 2 – CONSENT
How do you give your consent?
When you provide us with your personal data to complete a transaction, verify your credit card, place an order, arrange for a delivery, or return a purchase, we assume that you consent to our collecting and using it for that specific purpose only.
If we ask for your personal data for a secondary reason, such as marketing, we will either ask you directly for your explicit consent or provide you with the opportunity to decline.
How can I withdraw my consent?
If, after giving your consent, you change your mind and no longer want us to contact you, collect, or share your data, you can notify us at: contact@oreliae.com.
ARTICLE 3 – DISCLOSURE
We may disclose your personal data if we are required to do so by law or if you violate our Terms of Service.
ARTICLE 4 – SHOPIFY
Our store is hosted by Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases, and the general Shopify application. Your data is stored on a secure server protected by a firewall.
Payment:
If you complete your purchase through a direct payment gateway, Shopify stores your credit card information. This information is encrypted according to the Payment Card Industry Data Security Standard (PCI-DSS). Transaction data related to your purchase is retained only as long as necessary to complete your order. Once the order is finalized, the transaction data is deleted.
All direct payment gateways adhere to PCI-DSS standards, which are managed by the PCI Security Standards Council — a joint initiative by companies such as Visa, MasterCard, American Express, and Discover.
The PCI-DSS requirements ensure that your credit card information is securely processed by our store and its service providers.
For more information, see Shopify’s Terms of Service here or Shopify’s Privacy Policy here.
ARTICLE 5 – THIRD-PARTY SERVICES
In general, the third-party providers we use will only collect, use, and share your personal data to the extent necessary to perform the services they provide to us.
Certain third-party providers, such as payment gateways and other payment processors, however, have their own privacy policies related to the data we must provide to them for your purchase transactions.
We recommend that you read these providers’ privacy policies carefully so that you understand how your personal data is handled by them.
Please note that some providers may be located or have facilities in a different jurisdiction than you or us. Therefore, if you choose to proceed with a transaction involving the services of a third-party provider, your data may be subject to the laws of the jurisdiction in which that provider or its facilities are located.
For example, if you are located in Canada and your transaction is processed by a payment gateway in the United States, your personal data required for the transaction may be disclosed under U.S. law, including the Patriot Act.
Once you leave our store’s website or are redirected to a third-party website or application, this Privacy Policy and our Terms of Service no longer apply.
Links
When you click on certain links on our website, you may be redirected to other websites. We are not responsible for the privacy practices of those other websites and encourage you to read their privacy policies carefully.
ARTICLE 6 – SECURITY
To protect your personal data, we take reasonable precautions and follow industry best practices to ensure it is not inappropriately lost, misused, accessed, disclosed, altered, or destroyed.
When you provide us with your credit card information, it is encrypted using SSL protocol and stored with AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we comply with all PCI-DSS requirements and implement additional generally accepted industry standards.
COOKIES
Here is a list of cookies we use. We list them here so you can decide whether you want to allow them or not.
- session_id, unique session ID, allows Shopify to store information about your session (referrer, landing page, etc.).
- _shopify_visit, no data stored, persists for 30 minutes from the last visit. Used by our website provider’s internal statistics tracker to count the number of visits.
- _shopify_uniq, no data stored, expires at midnight (based on the visitor’s location) the next day. Counts the number of visits to a store by a single customer.
- cart, unique identifier, persists for 2 weeks, stores information about your cart.
- _secure_session_id, unique session ID.
- storefront_digest, unique identifier, indefinite if the store is password-protected. Used to determine whether the current visitor has access.
ARTICLE 7 – AGE OF CONSENT
By using this website, you represent that you are at least the age of majority in your state or province of residence, and that you have given us your consent to allow any minors in your care to use this website.
ARTICLE 8 – CHANGES TO THIS PRIVACY POLICY
We reserve the right to modify this Privacy Policy at any time. Please read it frequently. Changes and clarifications take effect immediately upon posting on the website. If we make significant changes to this policy, we will notify you here so that you are aware of what data we collect, how we use it, and under what circumstances, if any, we share it.
If our store is acquired by or merged with another company, your data may be transferred to the new owners so that we can continue to sell products to you.
Questions and Contact
If you would like to access, correct, amend, or delete any personal data we have about you, file a complaint, or simply request more information, please contact our Privacy Officer at: contact@oreliae.com.