Privacy Policy
PRIVACY POLICY
SECTION 1 - WHAT DO WE DO WITH YOUR INFORMATION?
When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address.
When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
Email marketing (if applicable): With your permission, we may send you emails about our store, new products and other updates.
SECTION 2 - CONSENT
How do you get my consent?
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at contact@onsetblack.com or mailing us at: On-Set Black, LLP. 650 E. Dyer Rd., Santa Ana, CA 92705, United States.
SECTION 3 - DISCLOSURE
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
SECTION 4 - SHOPIFY
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
Payment:
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service here or Privacy Statement here.
SECTION 5 - THIRD-PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.
Links
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
SECTION 6 - SECURITY
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
COOKIES
Here is a list of cookies that we use. We’ve listed them here so you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
SECTION 7 - AGE OF CONSENT
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
SECTION 8 - CHANGES TO THIS PRIVACY POLICY
We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
SECTION 9 - WEBSITE ACCESSIBILITY POLICY
On-Set Black, LLP (the “Company”) is committed to ensuring full and equal access to the goods, services, facilities, privileges, advantages, and accommodations provided by and through its websites (“Websites”) and digital/mobile applications (“Mobile Applications”) through effective communication based on the Web Content Accessibility Guidelines 2.1 Level A and AA Success Criteria (the “WCAG 2.1”) from the Web Accessibility Initiative of the World Wide Web Consortium for all customers, potential customers, guests and their companions (collectively, “Customers”) with disabilities.
Maintenance of Policy. On-Set Black, LLP will review, update and maintain this Website Accessibility Policy on an annual basis or more frequently.
Version. This Website Accessibility Policy is effective as of February, 2020 and supersedes all prior versions hereof.
Responsibility and Ownership of this Policy. The responsibility and ownership of this Website Accessibility Policy will be assigned to the Web Accessibility Coordinator.
Distribution of Policy. On-Set Black, LLP will, on an annual basis or more frequently, distribute this Website Accessibility Policy to all employees and contractors who have responsibilities for website content, mobile application content, technical support related to Company Websites or Mobile Applications. This Website Accessibility Policy will be maintained and made available to affected Company employees and contractors in the same manner as similar policy documents affecting Company operations and Customer interaction.
Website and Mobile Application Accessibility Training. On-Set Black, LLP will, on an annual basis or more frequently, provide training to website content personnel on how to achieve effective communication and conform website content and mobile applications with the WCAG 2.1. Website content personnel shall also receive this training when they are hired into a position that includes such a role.
Web Accessibility Coordinator. On-Set Black, LLP will designate an employee as On-Set Black, LLP’s Web Accessibility Coordinator:
- The Web Accessibility Coordinator will be knowledgeable with the requirements of Title III of the ADA, the WCAG 2.1, and website accessibility generally;
- The Web Accessibility Coordinator will hold the ultimate responsibility for ensuring On-Set Black, LLP’s compliance with this Website Accessibility Policy;
- The Web Accessibility Coordinator will report directly to the Executive Owner;
- The Web Accessibility Coordinator will involve the appropriate Company departments in discussions and analyses regarding website and mobile content accessibility.
- The role, identity, existence and contact information for the Web Accessibility Coordinator will be publicized to employees, contractors and Customers in the ordinary channels relating to website access and use.
Automated Website and Mobile Application Accessibility Testing. On-Set Black, LLP will perform automated accessibility tests of its Websites and Mobile Applications at least once annually to identify any instances where its Websites and Mobile Applications are not in conformity with WCAG 2.1. The results of this testing will be provided to the Web Accessibility Coordinator to be evaluated and addressed.
User Accessibility Testing. On-Set Black, LLP will perform, on an annual basis or more frequently, testing for usability of its Websites and Mobile Applications by individuals with different disabilities, including at a minimum individuals who are blind or have low vision, individuals who are deaf or hard of hearing and individuals who have physical disabilities affecting manual dexterity (such as those limiting the ability to use a mouse). Testing shall include the use and access to the primary features of On-Set Black, LLP’s Websites and Mobile Applications, such as the creation of an account, logging-in to an existing account, viewing goods, selecting items and placing them in the virtual shopping cart, checking out and paying for items in the virtual shopping cart, and scheduling delivery or pick-up. The results of this testing will be provided to the Web Accessibility Coordinator to be evaluated and addressed.
Website Accessibility Consultant. On-Set Black, LLP shall retain an accessibility consultant which is knowledgeable about website and mobile content accessibility, development, structure and testing to serve as a resource for On-Set Black, LLP’s existing development infrastructure. The Website Accessibility Consultant will provide On-Set Black, LLP advice on:
- Achieving WCAG 2.1 AA conformity for On-Set Black, LLP’s Websites and mobile apps;
- Testing protocols, methodologies and result analysis;
- Internal Development Guideline best practices for ensuring the development, maintenance and updating of Website and Mobile Application content which conforms with WCAG 2.1 AA standards and achieves effective communication; and
- Company development team training to achieve conformity with WCAG 2.1 AA standards and effective communication.
Development Guidelines. On-Set Black, LLP shall create, maintain, and update Website and Mobile Application Development Guidelines that mandate effective communication through conformity with WCAG 2.1 AA standards where technically feasible. The Development Guidelines shall treat the elimination of bugs that create accessibility barriers, including those that create nonconformance with WCAG 2.1 AA, with the same level of priority (e.g., speed, resources used to remediate) as any other equivalent loss of function for individuals without disabilities.
Complaint and Policy Modification Request Channel. On-Set Black, LLP shall provide an email and telephonic communication channel for its Customers to make complaints regarding the accessible features of the Websites or Mobile Applications, or to make a request for On-Set Black, LLP to modify an existing policy. This complaint/modification request channel shall be prominently displayed and directly linked from the Websites’ homepages, with a statement of On-Set Black, LLP’s policy to ensure that persons with disabilities have full and equal enjoyment of the goods, services, facilities, privileges, advantages, and accommodations of On-Set Black, LLP through its Websites and its Mobile Applications. The Websites homepages shall include an email address and a telephone number that customers with disabilities who are experiencing technical difficulties with the Websites or Mobile Applications can request assistance. On-Set Black, LLP will establish and maintain procedures to evaluate all disabled access-related requests for a new service or to modify an existing service to accommodate a Customer’s individual needs. On-Set Black, LLP will evaluate such requests on the basis of the Customer’s needs and disability and take action to fulfill such requests, propose an alternative or, if appropriate, deny the request. Company agents will promptly communicate all website and mobile content complaints and policy modification requests to the Web Accessibility Coordinator, who will maintain and keep records of such requests. The Web Accessibility Coordinator will review such requests to ensure that they are reasonably, promptly and effectively responded to.
Third Party Content. If On-Set Black, LLP uses or integrates third-party plug-ins or content in its Websites or Mobile Applications, then On-Set Black, LLP shall obtain reasonable representations, warranties and assurances from such third-parties that the provided content conforms to WCAG 2.1 AA standards, and/or On-Set Black, LLP shall undertake reasonable efforts to test and confirm that such content conforms to WCAG 2.1 AA standards.
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at contact@OnSetBlack.com or by mail at On-Set Black, LLP.