PRIVACY STATEMENT

 

The American company PopSockets, whose registered office is located at 5757 Central Avenue Boulder, CO 80301 USA, registered under the number 273935248 ("PopSockets", "we") values the privacy of those who provide personal data to us. 

This Privacy Statement describes how we collect and use personal data about you, via our website popsockets.se as a data controller, in accordance with applicable data protection legislation. It also explains the basis upon which we process it, with whom it is shared, and how it is stored. 

We may process your personal data, as described in this Privacy Statement and as described when we collect data from you. Our Privacy Statement must be read together with any other legal notices or terms and conditions provided to you when we collect personal data from you (or at a later stage) or that are available on other pages of our website.

 

SECTION 1 - WHAT PERSONAL DATA DO WE COLLECT?

 

When you purchase something from our store, as part of the buying and selling process, we collect the personal data you give us such as your name, address and email address. 

When you browse our website, we also automatically receive your computer’s internet protocol (IP) address via our cookies in order to provide us with information that helps us learn about your browser and operating system. To know more about our use of cookies, please read our Cookie Policy

 

SECTION 2 - WHY DO WE PROCESS YOUR PERSONAL DATA?

 

We may process your personal data for different purposes as described below:

Purposes of the processing

Legal basis of the processing

To create and manage your user account 

Performance of an agreement to which you are party (Terms of Service)

To verify standards of customer submitted images for product customization

Performance of an agreement to which you are party (Terms of Service)

To manage your participation to the Poptivism program

Performance of an agreement to which you are party (Terms of Service)

To complete a transaction, verify your credit card, place an order, send you invoices, arrange for a delivery or return a purchase, send you non-marketing communications

Performance of an agreement to which you are party (Terms of Sale)

To answer any request you made through the contact form 

Performance of an agreement to which you are party (if such type of agreement is in place) or our legitimate interest (if no such type of agreement is in place) which is the management and development of our business

To send you marketing communications (including our newsletter)

Your consent (if requested and provided)

To answer any question or request you made via our contact form

Our legitimate interest, which is the management and development of our business.

To organize sweeptakes and price draw (selection and sending of price to the winner)

Performance of an agreement to which you are party (General Competition and Prize Draw Terms and Conditions)

To use your name and photograph (i.e. the photographs that are public on your social network account) in publicity Popsockets’ materials related to a competitions and/or a prize draw you entered, on social networks (Facebook, Instagram, Twitter)

Your consent (if provided)

To manage customer reviews

Our legitimate interest, which is the management of our website

To ensure the good functioning of the website (including to analyse the use of the website, to handle data subjects' requests or claims, to improve the website and the goods and services we provide,  to verify address deliverability, to correct performance problems, to organize satisfaction surveys, for the detection and prevention of fraud, other criminal offences and for risk management purposed, for business and disaster recovery – to create back-ups)

Our legitimate interests, which are the management and development of our business. 

 

We believe the risk to your data protection rights in connection with personal data that we process on the basis of our legitimate interests is not excessive or overly intrusive. We have also put in place protections for your rights by ensuring security controls.

If you choose not to provide the personal data requested by us, we may not be able to provide you with the products and/or services you have requested or otherwise fulfil the purpose(s) for which we have asked for the personal data.

If we ask for your personal data to send you marketing communications, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.

If after you opt-in, you change your mind, you may withdraw your consent at anytime, by contacting us at uk-ecomstore@popsockets.com or mailing us at: 

PopSockets LLC

5757 Central Avenue Boulder, CO 80301 USA Please remember that any information that you disclose in public areas of the website (such as reviews) will become public information, and be accessible to the public. You should be cautious when considering whether to disclose your personal data on the website.

 

SECTION 3 – HOW AND WHEN DO WE SHARE PERSONAL DATA WITH THIRD PARTIES?

 

Some products and/or services that we provide require the involvement of third parties. We do not sell, rent, distribute or otherwise make personal data commercially available to any third party, except that we may share information with our service providers and other third parties for the purposes set out in this Privacy Statement:

a) Data sharing with service providers

We may share your personal with our third party whom we engage to provide various services. 

 

If you choose a direct payment gateway to complete your purchase, then Salesforce Commerce Cloud stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted. 

 

All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers. 

 

For more insight, you may also want to read Salesforce Commerce Cloud’s Terms of Service (https://www.salesforce.com/company/legal/sfdc-website-terms-of-service/) or Privacy Statement (https://www.salesforce.com/company/privacy/).  

 

 

 

 

b) Data sharing with other recipients

We may also share your personal data with: 

 

 

 

 

 

SECTION 4 - LINKS

 

When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.

 

SECTION 5 – LOCATION OF PERSONAL DATA

 

As mentioned above, your personal data are stored on Salesforce's servers. As part of its service, Salesforce may transfer your personal data to other regions, including to Canada and the United States. In order to ensure that your personal data is protected when transferred out of the EEA, Salesforce relies on the EU-U.S. Privacy Shield, as well as inter-company agreements between its various affiliates that may process your personal data on behalf of Salesforce. Salesforce is responsible for all onward transfers of personal information to third parties. Please read Salesforce Privacy Policy for more information: https://www.salesforce.com/company/privacy/

Your personal data can also be processed by other service providers listed above at Section 3 that may not be located in the EEA. Please note that to make sure your personal data are stored securely and protected, we concluded with each of these service providers an agreement compliant with article 28 of the General Data Protection Regulation ((EU) 216/679) and incorporating EU-Commission’s Standard Contractual Clauses. 

 

SECTION 6 – RETENTION PERIOD

 

We will keep your personal data for as long as we need it to provide you with your requested service(s) or to meet our commercial or legal obligations.

To determine the retention period of your personal data, we consider several criteria to make sure that we do not keep your personal data for long than is necessary or appropriate. These criteria include:

When we no longer need to retain your personal data, it will be deleted or be anonymised so that you can no longer be identified from it.

 

SECTION 7 - SECURITY

 

To protect your personal data, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. 

If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.

 

SECTION 8 - CHILDREN

 

We do not knowingly solicit or collect personal data from children below the age of 15. If we discover that we have unintentionally collected personal data from a child below 15, we will remove that child’s personal data from our records promptly.

 

SECTION 9 - CHANGES TO THIS PRIVACY STATEMENT

 

We reserve the right to modify this Privacy Statement at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this Privacy Statement, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it. 

 

SECTION 10 – YOUR RIGHTS

 

The following section explains your rights that you may exercise. The various rights are not absolute and each is subject to certain exceptions or qualifications in accordance with applicable data protection legislation. 

 

 

 

 

 

 

 

QUESTIONS AND CONTACT INFORMATION

 

If you want to exercise your rights  or simply want more information please contact us at uk-ecomstore@popsockets.com or by mail at 

PopSockets LLC

5757 Central Avenue Boulder, CO 80301 USA 

Before assessing your request, we may request additional information in order to identify you.  If you do not provide the requested information and, as a result, we are not in a position to identify you, we may refuse to action your request.

If you are not satisfied with our response to your complaint or believe our processing of your personal data does not comply with data protection law, you can file a complaint to the relevant data protection authority.