Do not sell my personal information
Your rights under the California Consumer Privacy Act
The California Consumer Privacy Act (CCPA) provides you with rights regarding how your data or personal information is treated. Under the legislation, California residents can choose to opt out of the “sale” of their personal information to third parties. Based on the CCPA definition, “sale” refers to data collection for the purpose of creating advertising and other communications. Learn more about CCPA and your privacy rights.
How to opt out
"By using our website, you (the visitor) agree to allow third parties to process your IP address, in order to determine your location for the purpose of currency conversion. You also agree to have that currency stored in a session cookie in your browser (a temporary cookie which gets automatically removed when you close your browser). We do this in order for the selected currency to remain selected and consistent when browsing our website so that the prices can convert to your (the visitor) local currency."
We collect personal information when you provide it to us directly through your use of the Site. For example:
When you purchase something from our store, as part of the buying and selling process, we will collect your name, email address and details of the transaction (including associated billing or delivery information).
If you create an account on the Site, we will collect your name, contact details and login information (username and password).
We will collect your email address if you sign-up to receive offers or discount codes on the Site.
If, having purchased one of the XACASE products, you write a review for the Site,
If you contact us to request information about XACASE products and/or contact our customer service team (e.g. via our enquiry form or by email) we may keep a record of your interaction with us to ensure we provide a good customer service.
If you engage with us on social media or use the social media integrations on our Sites then we will collect information about this engagement.
We will also collect information about how you use and interact with our Site, such as:
When you browse our store, we automatically receive information about your use of the Site, such as your computer's internet protocol (IP) address, browser type and device information. We collect this information in order to improve the operation of the Site.
We will collect information automatically using cookies and other similar technologies (e.g. which pages you viewed and which content you interacted with).
If you create an account or make a purchase, we do require to provide us with accurate personal information. If you do not want to provide us with your personal information, you should not create an account or make a purchase, or otherwise provide us with your personal information.
SECTION 2 – HOW DO WE USE YOUR INFORMATION?
Depending on how you use the Site or our services, and the permissions you give us, the purposes for which we use your personal information include:
To process and fulfil any orders for XACASE products you have made via the Site;
To provide the products, services and information you may have requested via the Sites;
To manage and respond to customer service queries, feedback, or any other messages submitted to us;
To improve and maintain the Site and to monitor its usage;
For market research, e.g. we may use your feedback to develop and improve the XACASE products;
To provide our social media pages and integrations;
With your consent, we may send you emails about our online store, new products and any offers or discounts (“email marketing”);
For security purposes, to investigate fraud and where necessary to protect ourselves and third parties.
To comply with our legal and regulatory obligations.
We may also use your personal information for purposes disclosed at the time we collect it from you, or as permitted by law.
For the purposes of UK and European data protection law, we rely on the following legal bases to use your personal information for the above purposes:
The processing is necessary to perform a contract with you, or to take steps prior to entering into a contract with you: for example, where you have ordered a XACASE product from our Site we will use your personal information to process and fulfil your order.
Your consent: for example, we rely on your consent where you add optional information to your account, or if you consent to receive email marketing from us.
Where it is in our legitimate interests to maintain and promote our services and products: for example, we will rely on legitimate interests where we use the information collected from the Sites to improve and develop the XACASE products.
Compliance with a legal obligation: there may be certain situations in which we are required to process your personal information in order to comply with a legal obligation we are subject to.
How do I withdraw my consent?
If after you consent to receive email marketing, you change your mind, you may withdraw your consent by clicking on the ‘unsubscribe’ link in any of the emails we send. If you unsubscribe from email marketing, please note we may still contact you with service messages from time to time, e.g. if you have placed an order or if there is a service issue affecting your account. Alternatively you can withdraw your consent by contact us at email@example.com
Please also note that where you unsubscribe or opt out from a marketing communication, we need to keep a record of your email address to ensure we do not send you marketing emails in the future.
SECTION 3 - HOW LONG DO WE STORE YOUR INFORMATION?
Annex Products is based in Australia and we use service providers located around the world. Your personal information may, therefore, be processed in countries outside the jurisdiction in which you access or use our Site. If you are based in the United Kingdom and Europe, this means that your information may be transferred to countries where you may have fewer legal rights in respect of your personal information than you do under local law. If we transfer personal information outside the UK or European Economic Area we will, as required by applicable law, take appropriate steps to ensure that your privacy rights are adequately protected. [Please contact us if you would like more information about these safeguards.]
We will keep your personal information for as long as we need it for our legitimate business purposes (as set out above under Section 2, ‘How do we use your information?’) including as required under applicable laws, and so this period will vary depending on your interactions with us. For example, we may keep a record of our correspondence with you (for example if you have made a complaint about a product or order) for as long as is necessary to protect us from a legal claim.
SECTION 4 - WHO DO WE SHARE YOUR INFORMATION WITH?
We may share personal information with third parties in the following circumstances:
Where we are using a third party service provider to provide services that involve data processing (for example, we use Shopify to host the Site and process payments, as explained in Sections 5 and 6 below);
If you violate our Terms of Service;
Where we work with online advertisers, social media platforms and advertising networks to deliver, tailor and measure advertising to you and others both on our Site and elsewhere on the internet;
We may share personal information with other companies in our group of companies;
here we are under a legal or regulatory obligation to disclose your personal information, or to protect the rights, property or safety of our company, or customers or others;
If we are required to seek legal advice to defend our rights, property or interests then we may share information with our legal and other external advisers;
If our company, or substantially all of our company's assets, are merged or acquired by a third party, your personal information may form part of the transferred or merged assets; and
As required or permitted by law.
SECTION 5 - SHOPIFY
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify's data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your credit card data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your credit card data is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify's Terms of Service or Privacy Statement.
We do not store or have access to your credit card details. Annex Products owned XACASE websites are powered by Shopify who are certified Level 1 PCI DSS compliant. More information can be found here.
SECTION 6 - THIRD-PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located. As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
We want to be as open and transparent with our users as possible, so at Section 12 below is a list of third party platforms we use with a short explanation of why we use them and their associated Privacy Policies.
SECTION 7 - SECURITY
To protect your personal information, we take reasonable precautions and follow industry practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
If you have an account with us, we encourage you to regularly update your password.
SECTION 8 - COOKIES
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider's internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
SECTION 9 - AGE OF CONSENT
The Site is not intended for anyone under the age of 13. By using this Site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this Site.
SECTION 10 - YOUR RIGHTS
Depending on the country in which you are based, you may have certain rights in respect of your personal information, including the right to access, correct, and request the erasure of your information. You may also have the right to object to your personal information being used for certain purposes, including to send you email marketing. We will comply with any requests to exercise your rights in accordance with applicable law. Please be aware, however, that there are a number of limitations to these rights, and there may be circumstances where we are not able to comply with your request.
To make any requests regarding your personal information, or if you have any questions or concerns, you should contact us using the details below. Depending on the country in which you are based, you may also be entitled to contact your local supervisory or regulatory authority for privacy and/or data protection.
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
QUESTIONS AND CONTACT INFORMATION
If you would like to exercise your data protection or privacy rights, register a complaint, or simply want more information, contact our Privacy Compliance Officer at firstname.lastname@example.org
If you are not satisfied with our response, you may make a complaint to your local supervisory or regulatory authority for privacy and/or data protection.
SECTION 12 – THIRD PARTY PLATFORMS
As described in section 6 above, the third party platforms that we use are as follows. While we will update this list periodically, changes may occur from time to time in between such updates.