Who we are
Our website address is https://oozox.com.
What personal data we collect and why we collect it.
When you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, shipping address, email address, payment information (including credit card numbers), email address, account information like username and password and eventually phone number. We refer to this information as “Order Information.”
We use the Order Information that we collect generally to fulfill any orders placed through the Site (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations).
If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.
We will also store comments or reviews if you choose to leave them.
While you visit our site, we will also track:
- Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
- Location, IP address, and browser type: we’ll use this for purposes like estimating taxes and shipping
- Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!
- Products you’ve added to the wishlist: we’ll use this to show you and other users your favorite products and to create targeted email campaigns.
- Wishlists you’ve created: we’ll keep track of the wishlists you create, and make them visible to the store’s staff
Additionally, we use this Order Information to:
- Communicate with you (for example to send you information about your account and orders, respond to your requests, including refunds and complaints, send you marketing messages, if you choose to receive them)
- Process payments and prevent fraud
- Set up your account for our store
- Comply with any legal obligations we have, such as calculating taxes
- Improve our store offerings
- Screen our orders for potential risk or fraud; and
- When in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
You agree that you do not object to us contacting you for any of the above purposes whether by telephone, e-mail or in writing and you confirm that you do not and will not consider any of the above as being a breach of any of your rights.
Security logs: the IP address of visitors, user ID of logged in users, and username of login attempts are conditionally logged to check for malicious activity and to protect the site from specific kinds of attacks. Examples of conditions when logging occurs include login attempts, log out requests, requests for suspicious URLs, changes to site content, and password updates. This information is retained for 14 days.
Who in our team has access to these data
Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:
- Order information like what was purchased, when it was purchased and where it should be sent, and
- Customer information like your name, email address, and billing and shipping information.
- Wishlist details, such as products added, date of addition, name and privacy settings of your wishlists.
Our team members have access to this information to help fulfill orders, process refunds, support you and offer you better deals for the products you love.
Your address and postal/zip code may be used to obtain estimates with our shipping partners; this information is not stored and is transmitted securely when obtaining a new estimate.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the websites.
You may provide additional data for your account, like a short biography, your location, or your birthday, on the profile settings page for your account. That data becomes available to others who can access the forum. You don’t have to provide this additional information, and you can erase it at any time.
Subscriptions/ Mailing List
To initiate and process subscriptions, the following information is used: subscriber’s email address and the ID of the post or comment (depending on the specific subscription being processed). In the event of a new subscription being initiated, we also collect some basic server data, including all of the subscribing user’s HTTP request headers, the IP address from which the subscribing user is viewing the page, and the URI which was given in order to access the page (REQUEST_URI and DOCUMENT_URI). This server data used for the exclusive purpose of monitoring and preventing abuse and spam.
If you sign up for our newsletter, we only ask for your email address so you can receive the newsletter, optionally you may update your profile with your name, but it is not required or necessary.
Functionality cookies are set for a duration of 347 days to remember a visitor’s blog and post subscription choices if, in fact, they have an active subscription.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
You may also consider the following from an application we use which is called Akismet: “We collect information about visitors who comment on Sites that use our Akismet anti-spam service. The information we collect depends on how the User sets up Akismet for the Site, but typically includes the commenter’s IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself).”
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
To deliver this functionality and record activities around site management, the following information is captured: user email address, user role, user login, user display name, WordPress.com and local user IDs, the activity to be recorded, the WordPress.com-connected site ID of the site on which the activity takes place, the site’s Jetpack version, and the timestamp of the activity. Some activities may also include the actor’s IP address (login attempts, for example) and user agent.
Login attempts/actions, post and page update and publish actions, comment/pingback submission and management actions, plugin and theme management actions, widget updates, user management actions, and the modification of other various site settings and options. Retention duration of activity data depends on the site’s plan and activity type.
You should note that if you do disable cookies, you may not be able to access all the services on this site.
If you leave a comment on our site you may opt-in to save your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you perform a like action from some additional information is used to track the activity: IP address, user agent, the timestamp of the event, blog ID, browser language, country code, and device info.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Youtube Videos are embedded with “privacy-enhanced mode” enabled. Description via YouTube: When you turn on privacy-enhanced mode, YouTube won’t store information about visitors on your website unless they play the video.
This feature will send a hash of the user’s email address (if logged in to the site or WordPress.com — or if they submitted a comment on the site using their email address that is attached to an active Gravatar profile) to the Gravatar service (owned by Automattic) in order to retrieve their profile image.
How long we retain your data
We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for several years for tax and accounting purposes. This includes your name, email address, and billing and shipping addresses.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information. You may unsubscribe your email from our newsletter at any time using the link at the bottom of the newsletter or subscription email.
What rights you have over your data
If you have an account on this site or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
This site is part of a network of sites that protect against distributed brute force attacks. To enable this protection, the IP address of visitors attempting to log into the site is shared with a service provided by Akismet.com and Jetpack.com.
In addition to our third-party partners, the data processors we use for our business operations who process your data include:
Who provide website hosting.
Facebook Like (Facebook Recommend, Facebook Share official buttons)
Twitter (Tweet official button)
GooglePlus (GooglePlus Share official buttons)
Linkedin (Share official button)
Pinterest (Save official button)
We collect your public profile data only from your consent that you grant before initiating Social Login, from the social network used to log into our website. This data includes your first name, last name, email address, link to your social media profile, unique identifier, social profile avatar. This data is used to create your user profile at our website. You can revoke this consent at any time by sending us an email.
Facebook Comments Moderation
We collect the data related to the Facebook Comment you post, only from your consent that you grant before posting Facebook Comment on our website. This data includes your Facebook account name, a unique Facebook account identifier, unique identifier associated to the posted Facebook comment, unique open graph object identifier of the webpage at which you posted the comment, unique identifier associated to the parent comment if you reply to an existing comment. This data is used to show recent Facebook Comments made all over our website and/or to show the old comments made at non-SSL web pages before we moved our website to SSL. You can revoke this consent at any time by sending us an email.
Visitor comments may be checked through an automated spam detection service.
How to keep your personal information up-to-date
It’s important for both you and us that your personal information is correct. If you believe this not to be the case and you are registered on this website then please log-in and update your details in the “my account” section.
How you can find out about the information we hold about you
You have the right to request a copy of the information that we hold about you. If you would like a copy of some or all of your personal information, please email or write to us using the contact details in this policy.
We will get in contact to verify your identity and If we do hold information about you we will:
- give you a description of it
- tell you why we are holding it
- tell you who it could be shared with
- let you have a concise and clear copy of the information
Our legal basis for processing your personal information
Much of our processing will be under the basis of “contractual obligation” in other words we need and use your personal information for providing the product(s)/item(s) you have ordered with us.
However, when we are communicating with you regarding products you may be interested in receiving from our partners or us in the future our basis for processing is our legitimate interest. Of course, you will always have the opportunity to object as detailed below.
Asking us to suppress or remove your personal information
Should you wish to not receive information from us in future then you can quickly action this by clicking the unsubscribe link you will find on our marketing e-mails or by sending your details to us and we will quickly suppress your data. Should you further wish for us to remove your information entirely (and assuming we have no other obligation to keep it) then please let us know and we will do this – but we would encourage you to let us use it for suppression purposes only. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
When visitors leave support request via the Support Button or contact page on the site we collect the data shown. It can be then handled by a 3rd party support platform.
Links to other websites
We link our website directly to other sites. This privacy notice does not cover the links within our site linking to other websites and organizations. We encourage you to read the privacy statements on the other websites you visit.
Sale of business
In the event that this business is sold or integrated with another business, your details may be disclosed to our advisers and any prospective purchasers’ advisers and will be passed on to the new owners of the business. It is therefore intended that any consents given above or on the relevant pages will benefit any purchaser of our business.
Payment & personal information security
When you choose a direct payment gateway to complete your purchase on the website, through the Payment Card Industry Data Security Standard (PCI-DSS) encrypted your stored credit card data. Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address. When you browse our store, we also automatically receive your computer’s Internet Protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
For payments with PayPal, Stripe or Amazon Pay: purchase total, currency, billing information. For checkout rates: destination address, purchased product IDs, dimensions, weight, and quantities.
We will treat all your Personal Information as confidential (although we reserve the right to disclose this information in the circumstances set out below). To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. We will keep it on a secure server and we will fully comply with all applicable Data Protection and consumer legislation from time to time in place. If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with an AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
We use your information only for the following purposes:
- Processing your orders;
- For statistical or survey purposes to improve this website and its services to you;
- To serve website content and advertisements to you;
- To administer this website;
If you consent, to notify you of products or special offers that may be of interest to you.
In order to check login activity and potentially block fraudulent attempts, the following information is used: attempting user’s IP address, attempting user’s email address/username (i.e. according to the value they were attempting to use during the login process), and all IP-related HTTP headers attached to the attempting user.
Failed login attempts (these include IP address and user agent). We also set a cookie (jpp_math_pass) for 1 day to remember if/when a user has successfully completed a math captcha to prove that they’re a real human.
Failed login attempts, which contain the user’s IP address, attempted username or email address, and user agent information.
We may disclose your personal information only if you violate our Terms of Service or if we are required by law to do so. You should be aware that if we are requested by the police or any other regulatory or government authority investigating suspected illegal activities to provide your Personal Information and/or User Information, we are entitled to do so.
Limitation of liability
We make no warranty that the website will meet your requirements or will be uninterrupted, timely or error-free, that defects will be corrected, or that the site or the server that makes it available are free of viruses or bugs or represents the full functionality, accuracy, and reliability of the website. We will not be responsible or liable to you for any loss of content or material uploaded or transmitted through the website.
The Website is provided on an “as is” and “as available” basis without any representation or endorsement made and we make no warranties of any kind, whether express or implied, in relation to the website, or any transaction that may be conducted on or through the website including but not limited to, implied warranties of non-infringement, compatibility, security, accuracy, conditions of completeness, or any implied warranty arising from course of dealing or usage or trade.
We will not be liable, in contract, tort (including, without limitation, negligence), pre-contract or other representations (other than fraudulent or negligent misrepresentations) or otherwise out of or in connection with the conditions for:
- Any economic losses (including without limitation, loss of revenues, profits, contracts, business or anticipated savings); or
- Any loss of goodwill or reputation; or
- Any special or indirect losses suffered or incurred by that party arising out of or in connection with the provisions of any matter under the Conditions.
Nothing in the Conditions shall exclude or limit our liability for death or personal injury resulting from our negligence or that of our servants, agents or employees.
You agree that from time to time we may remove or cancel any product and/or service for indefinite periods of time without notice to you.
You expressly agree that your use of, or inability to use the website is at your sole risk. All products and services delivered to you through the website are (except as expressly stated by us) provided ‘as is’ and ‘as available’ for your use, without any representation, warranties or conditions of any kind, either express or implied, including all implied warranties or conditions of merchantability, merchantable quality, fitness for a particular purpose, durability, title, and non-infringement.
The Oozox.com team.-