1. WHAT INFORMATION DO WE COLLECT?
When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, billing/shipping address(es), email address and phone number (if provided). We use those details only to bill you, invoice you and ship your purchased items to your chosen destination. We do not store your payment information in any form.
When you browse our store, we also automatically receive your computer’s internet protocol (IP) address to provide us with information that helps us learn about your location, browser and operating system. We use those details to automatically adapt our website and its interface to best fit your own viewing terminals (e.g. computer monitor, phone screen, etc.).
With your permission, which is removable at any time and at your sole discretion, we may also send you emails about our website, new products, promotions and new blog posts.
2. YOUR RIGHTS AS A USER
If you reside in certain territories, including the EU, you have a number of rights in relation to your personal information. While some of these rights apply generally, certain rights apply only in certain limited cases.
We describe these rights below:
• Access. You may have the right to access and receive a copy of the personal information we hold about you by contacting us using the contact information below.
• Change, restrict, delete. You may also have rights to change, restrict our use of, or delete your personal information. Absent exceptional circumstances (like where we are required to store data for legal reasons) we will generally delete your personal information upon request.
• Object. You can object to our processing of some of your information based on our legitimate interests and receiving marketing messages from us after providing your express consent to receive them. In such cases, we will delete your personal information unless I have compelling and legitimate grounds to continue using that information or if it is needed for legal reasons.
• Complain. If you reside in the EU and wish to raise a concern about our use of your information (and without prejudice to any other rights you may have), you have the right to do so with your local data protection authority.
3. CONSENT AND WITHDRAWAL OF CONSENT
When you provide us with personal information to complete a transaction, verify your credit card or place an order, we imply that you consent to our collecting it and using it for that specific reason only.
If after you opt-in, you change your mind, you may withdraw your consent for us to:
• contact you
• for the continued collection, use or disclosure of your information(this does not apply to instances in which the Law requires us to disclose the information we have on you or your transactions)
We share your personal information for very limited reasons and in limited circumstances, as follows:
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
• Business transfers.If we sell or merge our business, we may disclose your information as part of that transaction, only to the extent permitted by law.
• Compliance with laws. We may collect, use, retain, and share your information if we have a good faith belief that it is reasonably necessary to: (a) respond to legal process or to government requests; (b) enforce our agreements, terms and policies; (c) prevent, investigate, and address fraud and other illegal activity, security, or technical issues; or (d) protect the rights, property, and safety of our customers, or others.
5. THIRD-PARTY SERVICES
The third-party services we are using on the website are:
These companies are responsible for their own handling of your data and their collection of your details within their own databases, servers and records.
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
6. DATA RETENTION
7. TRANSFER OF YOUR PERSONAL INFORMATION OUTSIDE OF THE E.U. (if applicable)
We may store and process your information through third-party hosting services in the US and other jurisdictions. As a result, we may transfer your personal information to a jurisdiction with different data protection and government surveillance laws than your jurisdiction.
If we are deemed to transfer information about you outside of the EU, Civitas Regis Ltd. relies on Privacy Shield Framework or higher as the legal basis for the transfer, as:
• Zendesk Live Chat is Privacy Shield certified. Click here to read more about Zendesk's commitment to Privacy.
• Stripe is Privacy Shield certified. Click here to read more about Stripe's commitment to Privacy.
• Mailchimp is Privacy Shield certified. Click here to read more about Mailchimp's commitment to Privacy.
• A2Hosting is Privacy Shield certified. Click here to read more about A2Hosting's commitment to Privacy.
• Google is Privacy Shield certified. Click here to read more about Zendesk's commitment to Privacy.
• PayPal has its own set of regulations in place as a financial entity and it is also mentioned on the Privacy Shield website. Click here to read more about Stripe's commitment to Privacy.
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
You agree to indemnify, defend and hold harmless Civitas Regis Ltd. and our parent, subsidiaries, affiliates, partners, officers, directors, agents, contractors, licensors, service providers, subcontractors, suppliers, interns and employees from any breach of security and data-spill originated by events outside the sphere of acting of Civitas Regis Ltd., such as but not limited to: hacking, data-theft, cybercrime, hijacking.
9. AGE OF CONSENT
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
If our company is acquired or merged with another company, your information may be transferred to the new owners as part of the business transaction.
11. CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at:
Civitas Regis Ltd.
27 Halcyon Wharf, 5 Wapping High Street
E1W 1LH London