PRIVACY AND COOKIES
Shhift Supply Co the brand is owned by Nothing Design Studio, a company committed to respecting and safeguarding all customer and web visitor data collected when browsing or making purchases through our website, www.shhiftsupply.co
In compliance with GDPR – the General Data Protection Regulation (EU) 2016/679 2018), the data controller is Nothing Design Studio of 41 Ranchero Drive, Brampton, Ontario L7A3C6. Our Director, Rahul Bhogal is the nominated representative, for the purposes of GDPR related matters. Rahul can be contacted at email@example.com.
All information gathered by Shhift Supply Co in the process of fulfilling our orders and communicating with those interested in our products and services will be collected lawfully and in accordance with the General Data Protection Regulation (GDPR) effective from 25th May 2018.
We collect information about you for a few specific reasons:
- To process your inquiry and look after your order to ensure you receive the highest possible levels of service.
- To complete an order, which means processing payment, undertaken through a secure, third-party payment system, (provided by Shopify Inc.), and post/ship the order to your address.
- Process a return or refund, as per our Refunds Policy.
- To deliver to you timely and current updates on promotions and events that you have expressed an interest in.
- Those responsible for collecting the data are the business owners and authorized staff employed by Compilation Ltd, the trading company and owner of the Shhift Supply Co brand. Those responsible for collecting such data work in customer service, accounts, compliance and marketing.
- You can be assured that your information will not be shared with 3rd parties.
- We will not email you unless you have provided your consent. We do not send random marketing emails to personal email addresses (We really don’t like Spam).
What personal information do we collect?
When you subscribe to our updates the type of personal information we will collect about you includes:
- Phone number
- Email address
- Geographic location (i.e. Region/State/Province)
When browsing, creating an account or making a purchase, we may collect and process the following personal data:
- Postal address
- Email address
- Telephone number
- Payment details
- Internet protocol (IP) address
- Operating system and platform (e.g. Apple iOS, Android, Windows, etc)
When we are handling an order on your behalf we will need to know a little more about you to ensure that we are able to deliver the service to the correct location and be able to contact you via phone, e-mail and possibly social channels.
Your order details will be retained for a maximum of seven years on a secure encrypted server and after this period securely deleted. Your contact information will be retained for as long as you subscribe to Shhift Supply Co services.
We will not collect sensitive information about you as there is no need to do so in the process of managing orders or maintaining our relationship with you.
Shhift Supply Co fully subscribe to the Payment Card Industry (PCI) Data Security Standard as card not present merchants. What this means in reality is that we have PCI DSS Level 1 Compliance which is the highest level of data & payment protection available with all information on the website protected by 2048 bit SSL encryption.
Age – In order to shop with us online, you must be over the age of 16 and we will not collect personal data knowingly from anyone under 16.
If you wish Shhift Supply Co to provide you with a copy of the data we hold we can provide you with this information without charge if it is a reasonable request. If the request is excessive or repeated we reserve the right to charge a fee to cover the administrative costs. You can check any information that we me hold by emailing a request to firstname.lastname@example.org.
If you wish this data to be removed from our records or simply deleted you have the right to make such a request and we will comply with any and all such communications.
If you are unhappy about the handling of your personal information and wish to raise a complaint you can do so by contacting us via email@example.com setting out the reasons for your concern in your message. Alternatively, you can raise the matter with the UK’s data protection regular the Information Commissioner’s Office (ICO) https://ico.org.uk
What is a Personal Data Breach?
- Unauthorised access by a third party;
- Error, inaction or accident by a data controller or processor;
- Sending personal data to an incorrect recipient;
- A device containing personal data being lost or stolen;
- Deliberate alteration of personal data without permission;
- Any loss of access to personal data.
How we will Respond in the Event of a Personal Data Breach
- We take the management of our customer and contact information very seriously indeed. To protect your data, we have ensured that we can detect malicious attacks and have in place a process to assess the likely risk to individuals as a result of such a breach.
- If a breach has occurred we will, in accord with GDPR regulation, notify the Information Commissioner’s Office (ICO) within 72 hours of becoming aware of it.
- We will provide the ICO with full details of the breach at this time and continue to update whilst the matter is investigated.
- In the unlikely event a breach impacting individuals or organisations associated with our business occurs, we will notify those affected at the earliest possible opportunity.
- As all the personal data within our systems and third-party platforms we utilise is encrypted we are confident that any such breach will have negligible impact on our customers and contacts however if necessary we will provide the appropriate advice to those affected to help protect them from its effects.
- As a matter of procedure and best practice with cyber security we document all breaches, even if they don’t all need to be reported.
Cookies are small text files held on your computer, which allow us to give you the best browsing experience possible.
You are free to disable these cookies, but these may stop our website from functioning properly.
Our Website Will:
- Remember the items stored in your shopping basket
- Remember what stage of the order process you are at
- Check whether you are logged in or purchasing as a guest
Our Website Will:
- Track the pages you visit via Google Analytics
Our Website Will:
- Allow you to share pages with social media such as Facebook and Twitter
This website will not
- Share any personal information with third parties.
It is likely that the default setting for your browser is set to automatically accept cookies. You can however choose not to accept cookies through your browser controls, by going to the “Tools” or “Preferences” menu. If you would like to learn a little more about changing your browser settings and specifically what cookies are and how they are used look at your browser’s help section, FAQ’s or click on the following link: www.allaboutcookies.org.
If you would prefer not to receive customised adverts online you can opt out by clicking this link > Ads Preference Manager