SECTION 1 - WHAT DO WE DO WITH YOUR DATA?

When you buy something from our store, as part of the buying and selling process, we collect the personal information you give us, such as your name, address, and email address.

When you browse our store, we also automatically receive your computer's Internet Protocol (IP) address, which provides us with information about your browser and operating system.

Email Marketing (if applicable): With your consent, we may send you emails about our store, new products and other updates.

SECTION 2 - CONSENT

How do you obtain my consent?

When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for delivery, or return a purchase, we assume that you consent to us collecting that information and using it only for that specific purpose.

We will ask you for your personal information for a secondary reason, such as marketing. We will ask you directly for your explicit consent or give you the opportunity to opt out.

How can I withdraw my consent?

If you change your mind after giving your consent, you may withdraw your consent to the continued collection, use or disclosure of your information at any time by contacting us at service@onetwoyear.com.

SECTION 3 - DISCLOSURE

We may disclose your personal information if we are required to do so by law or if you violate our Terms of Service.

SECTION 4 - shopline

Our store is hosted by shopline Inc. They provide us with an online e-commerce platform that allows us to sell our products and services to you.

Your data is stored in shopline's data stores, databases and in the general shopline application. They store your data on a secure server behind a firewall.

Payment:

If you choose a direct payment gateway to complete your purchase, shopline stores your credit card information. They are encrypted by the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is only stored for as long as it is necessary to complete your purchase transaction. After that, your transaction data is deleted.

All direct payment gateways adhere to the standards set by the PCI-DSS, which are managed by the PCI Security Standards Council, a joint initiative of brands such as Visa, Mastercard, American Express, and Discover.

The PCI-DSS requirements help ensure the secure handling of credit card data by our store and its service providers.

SECTION 5 - THIRD PARTY SERVICES.

In general, the third party service providers we use will only collect, use and share your information to the extent necessary for them to perform the services they provide to us.

However, certain third party vendors, such as payment gateways and other payment processors, have their own privacy policies regarding the information we must provide to them for your purchase-related transactions.

We encourage you to read the privacy policies of these providers so that you understand how your personal information is handled by them.

In particular, keep in mind that some vendors are located in a different country or have facilities that are located in a different country than you or us. So, if you choose to conduct a transaction that uses the services of a third-party provider, your information may be subject to the laws of the country in which that provider or its facilities are located.

For example, if you are a resident of Canada and your transaction is processed through a payment gateway in the United States, your personal information used in processing that transaction may be disclosed under United States law, including the Patriot Act.

Once you leave our store's website or are redirected to a third party website or application, you are no longer subject to this Privacy Policy or our website's Terms of Use.

Links

When you click on links in our store, they may take you away from our website. We are not responsible for the privacy practices of other websites and encourage you to read their privacy statements.

SECTION 6 - SECURITY

To protect your personal information, we take reasonable precautions and follow industry best practices to ensure that it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.

When you provide us with your credit card information, it is encrypted using Secure Socket Layer (SSL) technology and stored using AES-256 encryption.  Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement other generally accepted industry standards.

SECTION 7 - COOKIES

 Here is a list of cookies that we use. We have listed them here so you can choose whether or not to reject cookies.

 _session_id, unique token, sessional, Allows shopline to store information about your session (referrer, landing page, etc.).

 _shopline_visit, no data, persists for 30 minutes after last visit, used by our website provider's internal statistics system to record the number of visits

 _shopline_uniq, no data, expires at midnight (related to the visitor) of the next day, counts the number of visits of a single customer to a store.

cart, unique token, persistent for 2 weeks, stores information about the contents of your shopping cart.

 _secure_session_id, unique token, sessional

 storefront_digest, unique token, indefinite If the store has a password, it will be used to determine if the current visitor has access.

SECTION 8 - CHANGES TO THIS PRIVACY POLICY

We reserve the right to change this Privacy Policy at any time, so you should review it periodically. Changes and clarifications will be effective immediately upon posting on the Site. If we make material changes to this policy, we will notify you of the update here so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.

If our business is acquired by or merged with another company, your information may be transferred to the new owner so that we can continue to sell you products.

QUESTIONS AND CONTACT INFORMATION

To access, correct, amend or delete your personal information, to make a complaint, or simply for more information, contact our Privacy Officer at service@onetwoyear.com,