Our Policy is designed to reflect the high standards established by the General Data Protection Regulation (GDPR), a set of laws passed in the European Union.
We respect your personal data. We have never and will never sell it to third parties. We have also strived to simplify language and remove jargon, to make our privacy statement easier to read and understand.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
Should you have any concerns, we would appreciate the chance to deal with them in the first instance. If you would like to speak to us in relation to any concerns you have, please contact us by email at email@example.com. You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).
- What is the GDPR?
The GDPR is a regulation intended to strengthen and unify data protection for everyone within the European Union (EU). The GDPR requires greater openness and transparency from companies on how they collect, store and use personal data, while also imposing tighter limits on the use of personal data.
- What is the purpose of this Privacy Statement?
This privacy statement explains how Rock Luggage looks after your personal data in connection with our services and products and in accordance with applicable legislation intended to protect your personal data, including the General Data Protection Regulation. We also explain what your rights are.
By providing your personal data you acknowledge that we will only use it in accordance with this Privacy Statement.
Where we refer to “Rock” or “we”, we mean the Rock Luggage brand. This statement applies where Rock Luggage act as the Data Controller, which is where we are responsible for deciding how we hold and use your personal data. It is important that you read this statement together with any other privacy notice we may provide on specific occasions, so you are aware of how and why we are using your personal data.
- What Personal Data does Rock Luggage collect about you?
Personal data means any information about an individual from which that person can be identified.
In order for Rock Luggage to provide our products and content, depending on which you select, we may collect the following types of Personal Data:
- Email address(es)
- Delivery address
- Phone Number
- IP address(es)
- Data provided by cookies and other similar technologies
- Why does Rock Luggage need your information?
Rock Luggage uses data to provide you with the best experience from the products, content and services that we offer, which includes using data to improve and personalise your experiences.
We also use your Personal Data to communicate with you, for example, informing you about new products availability, product delivery and other types of updates.
If you have any concerns or questions about the handling of your personal information, please don't hesitate to contact us. We prioritise the protection of your privacy and are committed to maintaining the confidentiality and security of your data.
- How do you get my consent?
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
- How do I withdraw my consent?
If after you opt in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at firstname.lastname@example.org.
- How will we collect your Personal Data?
We may collect Personal Data from you in a number of ways, depending on the product, service or event. Information you give us may be collected in a variety of ways. You may choose to provide us with your Personal Data by one of the following methods:
- Submitting a form through the website;
- Purchasing our products;
- Enquiring about product warranty or repair;
- Corresponding with us by phone, email, letter or other means;
- In discussion with one of our representatives;
- In provision of reviews or customer feedback;
- By participating in feedback or surveys or by providing your contact details offline.
- Other interactions with our brand, website or third parties
We automatically collect certain information when you visit, use or navigate the Website. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Website and other technical information. This information is primarily needed to maintain the security and operation of our Website, and for our internal analytics and reporting purposes.
- Where does Rock Luggage store your data?
- How do we ensure the security of your personal data?
With Klaviyo, we have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way. In addition, we limit access to your personal data to employees of Rock Luggage who have a business need to access or use your information.
- Does Rock Luggage sell your personal data to third parties?
Rock Luggage does not sell your Personal Data with third parties.
- How does does Rock Luggage work with third parties?
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
Links: When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
The above excludes text messaging originator opt-in data and consent; this information will not be shared with any third parties.
Where there are exceptions to this, you will be clearly notified, and we will request your explicit consent to do so.
We may process and share your Personal Data that we hold about you without your knowledge or consent where this is required or permitted by law.
- About Shopify
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify's data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
Payment: If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify's Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
- Transferring information outside of the European economic area (EEA)?
Rock Luggage does not typically transfer your Personal Data outside of the EEA.
We take your security of your Personal Data very seriously and always ensure that the appropriate safeguards are in place to protect your Personal Data and fundamental freedoms.
- Your rights in connection with your Personal Data
You can ask us to do certain things with your Personal Data such as provide a copy of it, correct it or even delete it. There may be occasions where we cannot comply with a request, and we will tell you if this is the case and give our reasons. This will usually be for legal or regulatory reasons.
Under certain circumstances you have the right to:
- Request access to your Personal Data; This is also known as a Subject Access Request. This enables you to confirm whether we hold and process your Personal Data and receive a copy of the Personal Data we are processing and certain information about how we use your Personal Data.
- Request correction of the Personal Data we hold about you; This enables you to have any incomplete or inaccurate information we hold about you updated.
- Request the removal of your Personal Data; This is also known as the Right To Erasure. You can ask us to delete or remove your Personal Data where the processing is no longer necessary, or where you have withdrawn consent, or the processing is unlawful. However, in some cases, if we have another legal basis or legitimate interest for processing your Personal Data, we may not be able to comply.
- Object to the processing of your Personal Data; You have the right to object to us processing your Personal Data where we are doing so:
- Based on our legitimate interest
- For direct marketing purposes
Please note that by exercising this right, it is possible that Rock Luggage will no longer be able to continue to provide its products or services or administer its contact with you.
Request the transfer of your Personal Data to another party; In certain circumstances, you may ask us to transfer your Personal Data to a third party.
It is important that the Personal Data that we hold about you is accurate and current. Please keep us informed if your Personal Data changes.
- How long do we keep your Personal Data?
Rock Luggage will retain your Personal Data for as long as necessary to provide products and content, and other updates to fulfil transactions you have requested, or for other essential purposes such as complying with our legal obligations and resolving disputes and enforcing our agreements.
Because these needs can vary for different data types in the context of different products or services, actual retention periods can vary significantly.
- Changes to this Privacy Statement
We reserve the right to update this Privacy Statement at any time. We may notify you in other ways from time to time about the processing of your Personal Data. You should check our website at www.rockluggage.com periodically to view the most up to date Privacy Statement.