Privacy Policy
What do we do with personal information?
When a user orders a product from our online store, as part of the process, we collect personal information such as, but not limited to, name, address, phone number and e-mail address. When a user browses our store, we also automatically receive the user’s computer’s internet protocol (IP) address, in order to provide us with information about the browser and operating system being used.
Marketing: with user’s permission, we may send e-mails, mails or other type of communication about our new products and other updates.
Consent
When a user provides personal information to complete a transaction, verifies a credit or debit card, places an order, arranges for a delivery or return of an order, we imply that the user consents to our data collecting and use of such data for that specific reason. If we ask for the user’s personal information for a secondary reason, such marketing, we will either ask the user directly for an expressed consent, or provide an opportunity for refusal.
Disclosure
We may disclose personal information, if we are required by law to do so or, if there is violation of our “Terms and Conditions”.
Squarespace and Stripe
Our online store is hosted with Squarespace. They provide us with the online e-commerce platform that allows us to sell our products and services. A user’s data is stored through Squarespace data storage, databases and the general Squarespace application. They store the data on a secure server behind a firewall.
Payment: if a user chooses a direct payment gateway to complete an order, then Stripe inc. (Squarespace partner) stores the credit or debit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). The order transaction data is stored only as long as necessary to complete an order transaction. After completing a transaction, the order transaction information is deleted. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands such as Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit and debit card information by our store and its service providers. For more insight, please read Squarespace and Stripe Inc. Terms of Service or Privacy Statement.
Squarespace - www.squarespace.com/privacy
Stripe Inc. - www. stripe.com/en-pt/privacy
Third-Party Services
In general, third-party providers used by ON THE ROCKS STUDIO will only collect, use and disclose user’s information to the extent necessary to allow them to perform the services they provide us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide them for the order-related transactions.
For these providers, we recommend a reading of their privacy policies so to understand the manner in which personal information will be handled by these providers. In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either the user or ON THE ROCKS STUDIO. If a user elects to proceed with a transaction, which involves the services of a third-party service provider, then information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if a user is located in Portugal and the transaction is processed by a payment gateway located in the United States, then personal information filled in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act. Once the User leaves our store’s website or is redirected to a third-party website or application, the User is no longer governed by this Privacy Policy or our website’s Terms and Conditions. When a user clicks on links on our store or website, they may direct away from our website. We are not responsible for the privacy practices of other websites and we encourage a reading of their privacy statements.
Security
To protect personal information, we take reasonable precautions and follow industry best practices to assure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
Changes to this Privacy Policy
We reserve the right to modify this Privacy Policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their publishing on our website. If we make material changes to this policy, we will notify here that it has been updated, so that Users are aware of what information we collect, how we use it, and under what circumstances, if any, we use or disclose it. If our store is acquired or merged with another company, users’ information may be transferred to the new owners.
Contact information
To access, correct, amend or delete any personal information we have, register a complaint, or simply want more information, contact our company by e-mail to hello@ontherockstudio.com