WHAT PERSONAL INFORMATION DO WE COLLECT FROM YOU AND HOW?
WHAT ABOUT COOKIES? WHAT ARE COOKIES?
HOW THIS INFORMATION MAY BE USED
Whenever you give us your personal information we will use it in accordance with applicable privacy laws and for the purposes set out in this policy, on the data entry forms you complete, in any relevant terms and conditions and on pages or emails which link to the data entry forms.
When you use our services: If you use any of our services, register for or attend one of our events, set up, look at or change your account details or contact your personal shopper or a member of our Customer Care team, we will record your personal details. Your information will be used in the first place to provide the products, services or information you have asked for and to provide you with a personalized shopping experience. We keep the information you provide and may use it for several purposes, including: (i) accounting, billing, reporting and audit; (ii) credit checking or screening; (iii) authentication and identity checks; (iv) credit, debit or other payment card verification and screening; (v) debt collection; (vi) safety, security, health, training, administrative and legal purposes; (vii) data matching and dedupe, statistical and market analysis, and marketing information; (viii) advertising and marketing for us, WM and third parties; (ix) developing, testing and maintaining systems; (x) studies, research and development; (xi) customer surveys; (xii) customer care and to help us in any future dealings with you, for example by identifying your requirements and preferences; (xiii) where required by law or in connection with legal proceeding or disputes; and (iv) any other uses set out in the terms and conditions for use of our services. For these purposes we may disclose your information to one or more of the other organizations listed in the section called “who we will share your personal information with”.
Saved payment card details will only be shared with our payment partner and not with any other third parties and will only be used to process your order, using our payment partner's systems.
We may also use your personal information to send you marketing updates, as detailed in the next section.
Testimonials: If you give us feedback, we may use it to improve our services and we may publish it online or offline to promote our business and our services. We will not ask for your permission before we publish it, but will respect any requests to remove this content if so inquired at: firstname.lastname@example.org
Comments and reviews submitted to our online services: If you wish to submit a comment or feedback on a blog or article featured on our services, we may (but are not obliged to) publish your comment online or offline to promote our business and our services. We will collect your name or username which will be displayed next to your comment and e-mail address, which will not be published, but which we may use to contact you in relation to your comment.
Mobile services: When you request our mobile services, we may keep your mobile phone number, the make and model of your phone, the operating system used by your phone and details of your network operator, and we will link a unique identifier to your mobile phone number. We’ll store your device language, app language, country, We need this information in order to provide the features and services enabled through our mobile services and to administer our mobile service. Our WM mobile services use your location to show your closest WM store. We may also use it for SMS or voice marketing and market research.
Direct marketing: For information on how we may market to you, please read the section called “marketing opt-in and opt-out provisions”.
WHO WE WILL SHARE YOUR PERSONAL INFORMATION WITH
From time to time, we may engage third party business partners to provide information about you or to collect personal information on our behalf. We may also share or match your data with third party business partners to provide you with the products, services or information you ask for or for interest-based advertising. We may pass your information onto one or more of the following organizations: (i) data processing companies, mailing houses and other third party suppliers working on our Group’s behalf; (ii) ad-serving agencies and other advertising intermediaries; (iii) credit reference or fraud prevention agencies, which may keep a record of that information; (iv) research students, universities and other research and development organizations; (v) regulatory bodies, government and enforcement agencies, such as the police.
Every now and again, we receive requests for information from government departments, the police and other enforcement agencies. If this happens, and there is a proper legal basis for providing your personal information, we will provide it to the organization asking for it.
We collate information about site traffic, sales, wish lists, and other commercial information which we may pass onto third parties, but this information does not include any details which can identify you personally.
WHERE WE PROCESS YOUR PERSONAL INFORMATION
When we use your information as described in this policy, this may involve sending your information outside the United States of America, or the European Economic Area (EEA). When we do this, we make sure that appropriate steps are taken to protect your personal information and your rights. By providing us with your personal information, you agree that we may transfer, store and process your information outside the USA or the EEA. Governments in certain countries such as the USA have broad powers to access data for security, crime prevention and detection and law enforcement purposes.
MARKETING OPT-IN AND OPT-OUT PROVISION
We offer you the chance to receive news and fashion updates which, depending on your preferences, we will discuss with you by phone or live chat or send to you via email, SMS and/or direct mail. These include alerts for new products, features, enhancements, special offers, upgrade opportunities, contests, events of interest, and one-off marketing promotions. You can opt-out of receiving these updates, if you wish.
We, or our third-party business partners, may also ask you if you want to receive marketing if you enter a promotion or attend an event thrown or sponsored by us. Other companies in our network may also pass your personal information to us for marketing use.
Marketing communications you subscribe to will only be sent by WM and our direct affiliates.
You have the right to ask us not to use your personal information for marketing. At all times, we will offer you the opportunity to unsubscribe from any service or update to which you have subscribed, if you change your mind. Whenever you receive direct marketing from us, we will tell you how to unsubscribe. Alternatively, you can change your marketing preferences by logging into My Account. To opt out of direct mail, please contact our Customer Care team:
If you tell us that you do not want to receive direct marketing, we will still contact you, in order to provide you with products and services you request and for administration purposes.
THE COOKIES USED ON OUR ONLINE SERVICES
The cookies we and our business partners use on our online services can be grouped into the following categories:
Essential cookies: Some of the cookies on our online services are essential for us to be able to provide you with a service you have requested. An example of this would be a cookie that enables you to log into your account on the website, or one which allows communication between your browser and the website. Our cookie-preference cookie, described in the section ‘How to reject or opt out of receiving cookies’, is also an essential cookie. You may not be able to use our website without these cookies.
Website functionality cookies: These cookies enable you to browse our online services and use features such as shopping baskets and wish lists.
Website analytics cookies: We use these cookies to measure and analyze how our customers use our online services. An example is counting the number of different people visiting our website or using a feature, rather than the total number of times the site or feature is used. This allows us to continuously improve our online services and your shopping experience.
Customer preference cookies: When browsing or shopping online, our online services will remember preferences you make (for example your user name, language or location). This improves your experience and makes your browsing simpler, easier and more personal to you.
Social sharing cookies: When browsing or shopping online, our online services will remember preferences you make (for example your user name, language or location). This improves your experience and makes your browsing simpler, easier and more personal to you.
ADVERTISING COOKIES USED ON OUR BUSINESS PARTNERS’ WEBSITES
HOW TO REJECT OR OPT OUT OF RECEIVING COOKIES
If you want to delete any cookies that are already on your computer, please refer to the help and support section on your internet browser for instructions on how to locate the file or directory that stores cookies.
Please note that our online services cannot always control third-party cookies stored on your machine from our online services and that setting your cookie preferences with us will not stop those third-party cookies from being stored on your machine. Therefore, you must manage these cookies directly with the relevant third party. Please see our ‘Third party cookies’ section below for more information.
Information on deleting or controlling cookies is available at www.AboutCookies.org. Please note that by deleting our cookies or disabling future cookies you may not be able to access certain areas or features of our site.
SAFEGUARDING YOUR PERSONAL INFORMATION
We will take reasonable care to maintain appropriate safeguards to ensure the security, integrity and privacy of the information you have provided to us. We have put in place technology and security policies which are designed to protect the personal information we hold about you. We also follow the security procedures that applicable privacy laws require. This covers storing, using and releasing any information you have provided and, as well as measures designed to prevent unauthorized access or use. When you place an order or access your account information, we use a Secure Socket Layer (SSL) encryption which encrypts your information before it is sent to us to protect it from unauthorized use.
HOW DO WE PROTECT YOUR INFORMATION ACROSS BORDERS?
While Wild Mantle is a US company, we provide services to individuals and our technology processes data from users around the world. Accordingly, Wild Mantle, or Shopify may transmit your personal information outside of the country, state, or province in which you are located.
Shopify (specifically Shopify’s affiliates Shopify Data Processing (USA) Inc., Shopify Payments (USA) Inc., and Shopify (USA) Inc.) complies with the EU-U.S. Privacy Shield Framework, regarding the collection, use, and retention of personal information from data subjects in the European Economic Area (“EEA”), and with the Swiss-U.S. Privacy Shield Framework regarding the collection, use and retention of personal information from data subjects in Switzerland. In this regard, we have certified that we adhere to the Privacy Shield Principles of notice, choice, accountability for onward transfers, security, data integrity and purpose limitation, access, recourse, enforcement and liability.
If you are located in the EEA or in Switzerland, and believe that your personal information has been used in a manner that is not consistent with the relevant privacy policies listed above, please contact us using the information below. If your complaint or dispute remains unresolved, you may also contact the International Centre for Dispute Resolution®, the international division of the American Arbitration Association® (ICDR/AAA). This organization provides independent dispute resolution services, at no charge to you. ICDR/AAA can be contacted at http://go.adr.org/privacyshield.html.
If, after attempting to resolve a dispute through ICDR/AAA, you feel that your concerns about the use of your personal information have not been resolved, you may seek resolution of the issue through binding arbitration. For more information about the binding arbitration process, please visit http://www.privacyshield.gov.
By participating in the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework, Shopify’s participating U.S. entities are subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission. For more information about the EU-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield, please visit https://www.privacyshield.gov. You can view Shopify’s certification statement at https://www.privacyshield.gov/participant?id=a2zt0000000TNSNAA4&status=Active.
WHY WE LINK TO OTHER WEBSITES
Our online services contain hyperlinks to websites that are owned and operated by other organizations. These websites have their own privacy and cookie policies, and we urge you to read them. They control how your personal information is used when you give it to these other organizations or they collect it with cookies. We do not approve any other websites and we are not responsible for any information, material, products or services that are on or accessible through those websites or for the privacy practices of websites run by other organizations. If you use these other websites, you do so at your own risk.
DATA PROCESSING ADDENDUM FOR GDPR COMPLIANCE
Please note this Shopify Data Processing Addendum (“Addendum”) amends the Shopify Terms of Service (the “Agreement”) by and between Wild Mantle, our customers, and Shopify Inc., a Canadian corporation with offices at 150 Elgin Street, Suite 800, Ottawa, ON, K2P 1L4, on behalf of itself and its Irish affiliate Shopify International Ltd. (“Shopify”).
(a) “Data Protection Legislation” means European Directives 95/46/EC and 2002/58/EC, and any legislation and/or regulation implementing or made pursuant to them, or which amends or replaces any of them (including the General Data Protection Regulation, Regulation (EU) 2016/679);
(b) “Data Processor”, “Data Subject”, “Processor”, “Processing”, “Subprocessor”, and “Supervisory Authority” shall be interpreted in accordance with applicable Data Protection Legislation;
(c) “Personal Data” as used in this Addendum means information relating to an identifiable or identified Data Subject who visits or engages in transactions through your store (a “Customer”), which Shopify Processes as a Data Processor in the course of providing you with the Services. Notwithstanding the foregoing sentence, Personal Data does not include information that Shopify processes in the context of services that it provides directly to a consumer, such as through its consumer-facing applications like Frenzy or its consumer-facing services like Shopify Pay; and
(d) All other capitalized terms in this Addendum shall have the same definition as in the Agreement.
2. Data Protection
2.1. Where a Data Subject is located in the European Economic Area, that Data Subject’s Personal Data will be processed by Shopify’s Irish affiliate, Shopify International Ltd. As part of providing the Services, this Personal Data may be transferred to other regions, including to Canada and the United States. Such transfers will be completed in compliance with relevant Data Protection Legislation.
2.2. When Shopify Processes Personal Data in the course of providing the Services, Shopify will:
2.2.1. Process the Personal Data as a Data Processor, only for the purpose of providing the Services in accordance with documented instructions from you (provided that such instructions are commensurate with the functionalities of the Services), and as may subsequently be agreed to by you. If Shopify is required by law to Process the Personal Data for any other purpose, Shopify will provide you with prior notice of this requirement, unless Shopify is prohibited by law from providing such notice;
2.2.2. notify you if, in Shopify’s opinion, your instruction for the processing of Personal Data infringes applicable Data Protection Legislation;
2.2.3. notify you promptly, to the extent permitted by law, upon receiving an inquiry or complaint from a Data Subject or Supervisory Authority relating to Shopify’s Processing of the Personal Data;
2.2.4. implement and maintain appropriate technical and organizational measures to protect the Personal Data against unauthorized or unlawful processing and against accidental loss, destruction, damage, theft, alteration or disclosure. These measures shall be appropriate to the harm which might result from any unauthorized or unlawful processing, accidental loss, destruction, damage or theft of Personal Data and appropriate to the nature of the Personal Data which is to be protected;
2.2.5. provide you, upon request, with up-to-date attestations, reports or extracts thereof where available from a source charged with auditing Shopify’s data protection practices (e.g. external auditors, internal audit, data protection auditors), or suitable certifications, to enable you to assess compliance with the terms of this Addendum;
2.2.6. notify you promptly upon becoming aware of and confirming any accidental, unauthorized, or unlawful processing of, disclosure of, or access to the Personal Data;
2.2.7. ensure that its personnel who access the Personal Data are subject to confidentiality obligations that restrict their ability to disclose the Customer Personal Data; and
2.2.8. upon termination of the Agreement, Shopify will promptly initiate its purge process to delete or anonymize the Personal Data. If you request a copy of such Personal Data within 60 days of termination, Shopify will provide you with a copy of such Personal Data.
2.3 In the course of providing the Services,you acknowledge and agree that Shopify may use Subprocessors to Process the Personal Data. Shopify’s use of any specific Subprocessor to process the Personal Data must be in compliance with Data Protection Legislation and must be governed by a contract between Shopify and Subprocessor.
3.1 In the event of any conflict or inconsistency between the provisions of the Agreement and this Addendum, the provisions of this Addendum shall prevail. For avoidance of doubt and to the extent allowed by applicable law, any and all liability under this Addendum, including limitations thereof, will be governed by the relevant provisions of the Agreement. You acknowledge and agree that Shopify may amend this Addendum from time to time by posting the relevant amended and restated Addendum on Shopify’s website, available at https://www.shopify.com/legal/dpa and such amendments to the Addendum are effective as of the date of posting. Your continued use of the Services after the amended Addendum is posted to Shopify’s website constitutes your agreement to, and acceptance of, the amended Addendum. If you do not agree to any changes to the Addendum, do not continue to use the Service.
3.2 Save as specifically modified and amended in this Addendum, all of the terms, provisions and requirements contained in the Agreement shall remain in full force and effect and govern this Addendum. If any provision of the Addendum is held illegal or unenforceable in a judicial proceeding, such provision shall be severed and shall be inoperative, and the remainder of this Addendum shall remain operative and binding on the parties.
3.3 The terms of this Addendum shall be governed by and interpreted in accordance with the laws of the Province of Ontario and the laws of Canada applicable therein, without regard to principles of conflicts of laws. The parties irrevocably and unconditionally submit to the exclusive jurisdiction of the courts of the Province of Ontario with respect to any dispute or claim arising out of or in connection with this Addendum.
HOW WE CAN MAKE CHANGES TO THIS POLICY
WHERE AND HOW TO ASK QUESTIONS OR CONTACT US ABOUT THIS POLICY