Updated August 2016
“Personal Information” is information about a person that is personally identifiable to such person like the person’s name, address, email address, or phone number, as well as other non-public information.
“Anonymous Information” or “Aggregated Information” means information that is not associated with or linked to Personally Identifiable Information. Anonymous or Aggregated Information does not permit the identification of individual persons.
The Information that We Collect. From time to time, we may ask for certain personal information from you so that you may enjoy our Services. Generally, we collect information in the following ways: when you submit information to us through your Account or when you purchase goods; when we receive information through our Services and third party providers; and when we receive information from you submitted by you either by email, phone, or Submissions.
We will collect your Personal Information such as name, email address, physical address, and phone number when you purchase our products. This information and other information you provide to us will be collected, used, and disclosed as outlined herein. Unless otherwise indicated, information provided will not be associated with your Personal Information and if disclosed or used by us, such information shall be in anonymous or aggregate form.
Why We Collect this Information. We collect information for a variety of reasons, including administration of our Site and Services, our effort to inform you of changes in our products, Services, discounts, newsletters, and other products and services that may interest you. When you submit Personal Information to us, you understand and agree that UC may access, store, and use your Account and Personal Information. You consent to the transfer of your information to and within the United States or other countries for processing and storage.
Our Security Procedures and Your Privacy. UC takes great care in maintaining the security of your Personal Information, and preventing unauthorized access to it.
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
SHOPIFY: Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
Notice of Sharing. We may share your Personal Information or other information under the following circumstances: (a) within UC, with employees, contractors and agents for delivery of our Services; (b) with third parties with your consent; (c) if we believe in good faith that it is required by law, legal process or court order; (d) as may be required to respond to an inquiry, request or complaint that you have made; (e) with persons or companies that we may engage to carry out or provide support for the operations of our business (which may include customer support services, hosting, and email service providers); or (f) if we believe in good faith that it is necessary to protect the personal safety, property, or interests of you, our users, the public, our licensors, the Services, or ourselves. We may share aggregate information and/or Anonymous Information about our users and visitors with advertisers, business partners, sponsors, and other third parties.
Payment: If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service here or Privacy Statement here.
Here is a list of cookies that we use. We’ve listed them here so you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessionalstorefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
GIF Files. We may use pixels, or transparent GIF files, to help manage online advertising. These GIF files may be provided by our ad management partner and enable it to recognize a unique Cookie on your web browser, which in turn enables us to learn which advertisements bring users to our Site. The Cookie was placed by us, or by another advertiser who works with our ad management partner. With both Cookies and spotlight technology, the information that we collect and share is Anonymous Information, which may be shared in aggregate form, and it is not Personal Information and therefore does not contain your name, address, telephone number, or email address.
Monitoring Scripts. UC may use certain third party web analytics software in order to monitor the use of our Sites. However, the third party web analytics software provider should not use any of this data other than to administer our Site and Services.
You may choose to opt out of receiving cookies through your browser settings. If you have concerns about cookies or GIF Files, or need assistance on how to enable the cookies on your system, please contact us firstname.lastname@example.org.
CAN-SPAM Compliance. If you have registered with or purchased a product from Unofficial Cardboard, you consent to allow us to contact you to provide you with information concerning your Account, and your use of our Services. Email contact, for example, may include newsletters. If you have indicated that you would like to be contacted regarding other services and promotions, we may also contact you with commercial information about products, services, promotions, or other activities or offerings that may be of interest to you. Additionally, with each commercial communication you receive from us, you will be given the opportunity to indicate that you wish to “Unsubscribe” from receiving such future communications.
Information Provided to Customer Service. Whenever you communicate with customer service, you understand: (i) that a customer service representative may view and make changes to your Personal Information in order to provide the assistance that you need; and (ii) that a customer service representative may reply to you via email or phone.
Legal Disclosures. We may disclose information we have collected from and about you (including Personal Information) if we believe in good faith that such disclosure is necessary to (a) comply with relevant laws or to respond to subpoenas or warrants served on us; or (b) to protect and defend the rights or property of us, the users of our Services, or third parties.
Reviewing and Changing Your Personal Information. If you want to make changes, amendments and/or deletions to your Personal Information with us you may do so by emailing us or through your Account. Please note that we may be prohibited from deleting certain Personal Information due to an applicable court order, statute, law or regulation. We may store your Personal Information that we have collected from or about you, and this information may remain in our archives.
How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at email@example.com or mailing us at: Unofficial Cardboard, 4275 Executive Square, Suite 200, La Jolla, CA 92037
Age and Minors and COPPA. Our Site is directed at those who are over the age of 18. If someone is under the age of 18, they should only use the Site under the supervision of a parent or legal guardian. We do not knowingly collect or maintain Personal Information from individuals who are under 13 years of age, and no part of our Site or Services are designed to attract people under the age of 13. Protecting the privacy of children is very important to us. If we obtain knowledge that a user is under the age of 13, we will take steps to remove that user’s Personal Information from our databases. By using this site, you represent that you are at least the age of majority in your state or province of residence, and you have given us your consent to allow any of your minor dependents to use this site.
Notice to California Residents – Your California Privacy Rights (As Provided by California Civil Code section 1798.83). A California resident who has provided Personal Information to a business with whom he/she has established a business relationship for personal, family, or household purposes (a “California Customer”) may request information about whether the business has disclosed Personal Information to any third parties for the third parties’ direct marketing purposes. In general, if the business has made such a disclosure of Personal Information, upon receipt of a request by a California Customer, the business is required to provide a list of all third parties to whom Personal Information was disclosed in the preceding calendar year, as well as a list of the categories of Personal Information that were disclosed. California Customers may request further information about our compliance with this law by e-mailing firstname.lastname@example.org. Please note that we are required to respond to one request per California Customer each year, and we are not required to respond to requests made by means other than through this email address.