Privacy policy
Last Updated: November 29, 2024
At Prehistoreic, we value your trust and are committed to protecting your personal data. This Privacy Policy outlines how we collect, use, share, and protect your personal information when you engage with our services. It also details your rights under applicable laws, such as the GDPR, CCPA, and others.
Cookies and Tracking Technologies
Cookies and similar technologies are essential for providing an optimal browsing experience and ensuring that our website functions smoothly. Below is a more detailed breakdown of how we use cookies and what they track.
| Type | Purpose | Examples |
|---|---|---|
| Essential Cookies | Required for basic functionalities like adding items to your cart and processing payments. | Shopify Cart, Checkout Authentication. |
| Analytics Cookies | Track user behavior to improve website performance and user experience. | Google Analytics, Hotjar. |
| Advertising Cookies | Used to deliver personalized ads based on your browsing history and preferences. | Facebook Pixel, Google Ads Conversion. |
| Preference Cookies | Remember your choices, such as language settings or region, to simplify your browsing. | Language Selector, Currency Settings. |
Managing Cookies
- Browser Settings: You can block or delete cookies via your browser preferences.
- Cookie Consent Banner: Our website provides a cookie banner to let you opt in or out of non-essential cookies.
For more details on cookies used by Shopify, visit Shopify’s Cookie Policy.
How We Share Your Information
We share your data only when necessary to operate our services effectively or to comply with legal requirements. Here's an expanded breakdown of who we share your information with and why:
| Recipient | Purpose | Examples |
|---|---|---|
| Payment Processors | To securely process your payments and prevent fraud. | PayPal, Stripe, Shopify Payments. |
| Logistics Partners | To ensure timely delivery of your orders. | DHL, FedEx, USPS, local couriers. |
| Marketing Platforms | To display personalized ads based on your browsing behavior. | Google Ads, Facebook Ads Manager. |
| Analytics Providers | To analyze user behavior and improve website performance. | Google Analytics, Hotjar. |
| IT and Cloud Providers | To securely store and manage your data. | Shopify, AWS, Google Cloud. |
| Legal and Regulatory Bodies | To comply with legal obligations, such as tax audits or responding to court orders. | Local tax authorities, courts. |
| Social Media Platforms | To enable features like social sharing and login integration. | Facebook, Instagram, Pinterest. |
Note: We do not sell your personal information for monetary gain. Any sharing of data is done in accordance with this Privacy Policy and applicable laws.
Retention Periods for Data
We retain your personal information for different periods, depending on the purpose of collection. Below is a detailed breakdown:
| Data Type | Retention Period | Reason for Retention |
|---|---|---|
| Order Data | 7 years | Required for tax and accounting purposes. |
| Customer Support Data | 3 years after resolution of your issue. | Ensures follow-up support if needed. |
| Marketing Data | Until you opt out or withdraw consent. | Allows us to send promotional offers. |
| Browsing Data | 12 months | Used for analytics and improving the user experience. |
| Account Data | Until you delete your account. | Maintains account continuity and preferences. |
| Legal and Regulatory Data | As required by law (e.g., 10 years for specific tax records). | Complies with statutory obligations. |
Your Rights Under Privacy Laws
We are committed to ensuring that you can exercise your privacy rights, wherever you are. Below are expanded details based on key jurisdictions:
-
European Union/EEA (GDPR)
Residents of the European Union or EEA have the following rights under the General Data Protection Regulation (GDPR):- Access: Request a copy of your personal data.
- Rectification: Correct inaccuracies in your data.
- Erasure (Right to Be Forgotten): Request deletion of your data in certain circumstances.
- Data Portability: Receive your data in a machine-readable format.
- Object to Processing: Refuse processing of your data for marketing or other purposes.
- Restriction: Limit how we use your data in certain cases.
-
California (CCPA)
California residents are entitled to the following rights under the California Consumer Privacy Act (CCPA):- Know: Request details about the personal data we collect and how we use it.
- Delete: Ask us to delete personal data we have collected.
- Opt-Out: Refuse the sale of your personal data (if applicable).
-
Canada (PIPEDA)
Under Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), you have the right to:- Access your data.
- Withdraw consent for marketing communications.
- File complaints about privacy violations.
-
Brazil (LGPD)
Brazilian residents are protected under the Lei Geral de Proteção de Dados (LGPD), which provides rights similar to GDPR, including the right to access, correct, and delete data.
Data Security and Breach Notification
We take security seriously and implement industry-standard measures to protect your data:
- Encryption: Sensitive data, like payment information, is encrypted using SSL/TLS.
- Access Control: Only authorized personnel can access your data.
- Regular Audits: We regularly audit our systems to identify vulnerabilities.
In the event of a data breach:
- We will notify affected users within 72 hours, as required by GDPR.
- We will report the breach to the appropriate regulatory authorities.
Children’s Privacy
We do not knowingly collect personal data from children under 13 (or under 16 in certain jurisdictions). If a child has provided us with personal information, their parent or guardian may contact us at info@prehistoreic.shop to request its deletion.
Third-Party Links and Integrations
Our website may contain links to third-party websites or services, such as:
- Social Media Platforms: Links to our Facebook, Instagram, or Pinterest profiles.
- Affiliate Links: Links to partner sites where you can purchase related products.
We are not responsible for the privacy practices or content of third-party websites. We encourage you to review their privacy policies before sharing personal data.
International Data Transfers
We process and store your personal information on servers located outside of your home country, including in the European Union and the United States. To ensure your data is adequately protected:
- We use Standard Contractual Clauses (SCCs) for international data transfers.
- We comply with GDPR, CCPA, and other applicable laws.
Contact Us
If you have any questions, concerns, or requests regarding your personal information or this Privacy Policy, please contact us:
Email: info@prehistoreic.shop