Updated August 14, 2023
This policy describes how Luca + Danni collects, uses, and shares the information we obtain from you online. California residents click here for more information about your privacy rights. To print this policy click here.
SECTION 1 - WHAT DO WE DO WITH YOUR INFORMATION?
When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, street address, email address and phone number. When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
Email marketing: With your explicit permission, we may send you emails about our store, new products and other updates.
SECTION 2 - CONSENT
How do you get my consent?
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only. If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent and confirmation, or provide you with an opportunity to say no.
It is our policy not to accept an order online unless you provide us an email address, a physical address and a phone number. By making an online purchase, either directly through our website or through a third party payment service like PayPal or Apple Pay, you give us express and explicit permission to use your personally identifiable information (your name, your email address, your street address and your phone number) to send you emails. If you do not want to receive promotional email from us in the future, you may unsubscribe. You can also contact Customer Service at firstname.lastname@example.org or write to us at the address shown below, and tell us that you do not want to receive promotional email from our company.
SECTION 3 - DISCLOSURE
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
SECTION 4 - SHOPIFY
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers. For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
We do not share your credit card information with anyone other than the banks and processors required to process your transaction.
SECTION 5 - THIRD-PARTY SERVICES
We also track aggregate information on what pages consumers access or visit and information volunteered by the consumer, such as survey information. The information we collect is used to improve the content of our Web site or used to contact you for marketing purposes.
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us. However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
Google Analytics (Google Inc.)
Our store uses Google Analytics to help us learn about who visits our site and what pages are being looked at. Google Analytics is a web analysis service provide by Google Inc. ("Google"). Google utilizes the Data collected to track and examine the use of this site to prepare reports on its activities and share them with other Google services. Google may use the Data collected to contextualize and personalize the ads of its own advertising network.
Personal data collected: cookie and usage data.
Google AdWords conversion tracking (Google Inc.)
Google AdWords conversion tracking is an analytics service provided by Google Inc. that connects data from the Google AdWords advertising network with actions performed on this Application.
Personal data collected: cookie and usage data.
Facebook Ads conversion tracking (Facebook, Inc.)
Facebook Ads conversion tracking is an analytics service provided by Facebook, Inc. that connects data from the Facebook advertising network with actions performed on this Application.
Personal data collected: cookie and usage data.
Personal data collected: cookie and usage data.
Luca + Danni may collect your email address via cookies and pixels on the Website through the use of trusted third party partners. These partners may combine your email information with other information they have access to such as mailing address so that Luca + Danni may serve relevant marketing offers to you via direct mail. If you do not want Luca + Danni to collect information about you, please contact Luca + Danni to opt out.
SECTION 6 - SECURITY
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
SECTION 7 - COOKIES
"Cookies" are small bits of information that are placed on the hard drive of your computer. Cookies remember information about your activities on the site to make your visits to our website more enjoyable and valuable to you by providing a customized experience and recognizing your preferences when you visit our website. If you've chosen to disable cookies on your browser, some of the functionality of our website may be lost. Certain of our web pages, particularly those that require a login and password, require that cookies be enabled in your browser and cannot be used when you have disabled cookies in your browser.
Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
PREF, persistent for a very short period, Set by Google and tracks who visits the store and from where.
By using this site, you are responsible for any Personal Data of third parties obtained, published or shared through this site and confirm that you have the third party's consent to provide the Data to us.
SECTION 8 - AGE OF CONSENT
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
SECTION 10 - SMS/MMS MOBILE MESSAGING
Personal Information We Collect
When you sign up for the Messaging Service, We collect personal information such as your name, phone number, and email address. When you use the Messaging Service to send or receive messages, We collect communications metadata (e.g., the time/date a message was sent or received) and the contents of any communications you send or receive via the Messaging Service.
We may also collect information about you using cookies or similar technologies on Our website or other digital properties. Cookies are small text files placed on device browsers that store preferences and facilitate and enhance your experience. Cookies enable personalization of your experience via the Messaging Service (e.g., sending you personalized text messages such as shopping cart reminders).
If you participate in a contest, sweepstakes, research study, or email survey associated with the Messaging Service, We will collect basic contact information and any other information you choose to provide in connection with these activities. We will also collect your personal information if you contact Us with questions about the Messaging Service or for customer service.
Use of Personal Information
We use your information to deliver, analyze, maintain and support the Messaging Service. We may also use your information to enhance the Messaging Service features and customize and personalize your experiences on the Messaging Service.
We may use your personal information to generate aggregated and/or de-identified information. Aggregated and/or de-identified information is not personal information and may be shared with any third party, including advertisers, promotional partners, and sponsors.
Sharing of Personal Information
- Third Parties that Help Provide the Messaging Service. We may share your personal information with third parties that help Us provide the Messaging Service (including, but not limited to, platform providers, phone companies, and other vendors who assist us in the delivery of text messages).
- Legal Requirements, Disclosures to Protect Us or Others. We may disclose any information We store associated with you to external parties if We, in good faith, believe doing so is required or appropriate to: comply with law enforcement or national security requests and legal process, such as a court order or subpoena; protect your, Our, or others' rights, property, or safety; enforce Our policies or contracts; collect amounts owed to Us; or assist with an investigation or prosecution of suspected or actual illegal activity.
When you complete forms online or otherwise provide Us information in connection with the Messaging Service, you agree to provide accurate, complete, and true information. You agree not to use a false or misleading name or a name that you are not authorized to use. If, in Our sole discretion, We believe that any such information is untrue, inaccurate, or incomplete, or you have opted into the Messaging Service for an ulterior purpose, We may refuse you access to the Messaging Service and pursue any appropriate legal remedies.
Choices and Controls
Text messages may be sent via an automatic telephone dialing system. Consent to receive automated marketing text messages is not a condition of any purchase. You can opt-out of receiving further commercial text messages via the Messaging Service by responding to any of Our text messages with any of the following replies: STOP, END, CANCEL, UNSUBSCRIBE, or QUIT. For additional opt-out information, please review Our Terms of Service.
If you are experiencing any problems with the Messaging Service, please visit https://lucadanni.com and submit the form with details about your problem or your request for support, or email email@example.com.
Supplemental California Privacy Notice
This Supplemental California Privacy Notice only applies to Our processing of personal information via the Messaging Service that is subject to the California Consumer Privacy Act of 2018 ("CCPA"). The CCPA provides California residents with the right to know what categories of personal information We have collected about them and whether We have disclosed that personal information for a business purpose (e.g., to a service provider) in the preceding twelve months. California residents can find this information below:
|Category of Personal Information Collected by Us||Categories of Third Parties Personal Information is Disclosed to for a Business Purpose|
|Identifiers||• Service providers|
|Personal information categories listed in Cal. Civ. Code § 1798.80(e)||• Service providers|
|Commercial information||• Service providers|
|Internet or other electronic network activity||• Service providers|
|Inferences drawn from other personal information to create a profile about a consumer||• Service providers|
Additional Privacy Rights for California Residents
Individual Rights under the CCPA.
The CCPA provides California residents with the right to request:
- Access to Personal Information, including obtaining access to or a copy of your personal information.
- Deletion of Personal Information
If you are a California resident and would like to exercise any of your rights under the CCPA, please contact Us at firstname.lastname@example.org. We will process such requests in accordance with applicable laws.
Non-Discrimination. California residents have the right not to receive discriminatory treatment by Us for the exercise of their rights conferred by the CCPA.
Authorized Agent. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. To designate an authorized agent, please contact Us at email@example.com.
Verification. When you make a request, We will ask you to provide sufficient information that allows Us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include confirming the email address or phone number associated with any personal information We have about you.
COMMUNICATE WITH US
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at firstname.lastname@example.org or by mail at:
Luca + Danni
[Re: Privacy Compliance Officer]
838 Dyer Avenue
Cranston, RI 02920
Last Updated: August 1, 2020
Categories of Personal Information We Collect
The types of information that we have collected during the 12 months before the Revision Date fall into certain categories established by the California Consumer Privacy Act:
- Identifiers, such as your name, address, email address, and phone number
- Personal information, such as a signature, credit or debit card number, or driver's license number
- Commercial information, such as history of products purchased or considered
- Internet or other electronic network activity information, such as browsing history and information regarding your interaction with advertisements and other features on our websites
- Inferences drawn from the information described above to create a customer profile about you
Source of Personal Information
We collect the information described above from the following sources: advertising networks, social networks, data brokers, data analytics providers and directly from you.
Purposes For Which We Use Your Personal Information
We use your personal information to provide services to you and to operate, develop, and improve our business and the products and services we offer to our customers. For example, we use your information:
- To take and handle orders, deliver products and services, process payments, and communicate with you about your orders
- To deliver marketing and promotional communications that we believe may be of interest to you, including ads or offers tailored to you
- To personalize your experience with us
- To detect security incidents and protect against malicious, deceptive, fraudulent, or illegal activity
- For our business purposes, such as risk control, data analysis, audits, developing new products and services, debugging and enhancing our website, improving the products and services we provide to you, and identifying usage trends and determining the effectiveness of our promotional campaigns
Information We Disclose or Sell
Over the 12 months preceding the Revision Date:
- We disclosed personal information listed under all of the "Categories of Personal Information We Collect" to service providers who help us provide goods and services to you and operate our business, such as payment processors, shipping companies, analytics companies, consumer reporting agencies, and fraud protection and investigation companies.
- We sold (as the California Consumer Privacy Act defines the term "sell") the following types of personal information to credit card issuers, data brokers, media companies, and marketing companies: identifiers, commercial information, and internet or other electronic network activity information.
Your Rights Under the California Consumer Privacy Act
If you are a resident of California, the California Consumer Privacy Act gives you the following rights with respect to your personal information:
- The right to ask us to disclose what personal information we have collected, used, disclosed, or sold about you
- We will use the process described below to verify the identity of anyone who requests your personal information
- You can ask us to provide this information to you up to twice in any 12-month period
- You may ask us to disclose information in any of the categories listed above under "Categories of Personal Information We Collect"
- We will not disclose information that we are prohibited from disclosing by applicable law. For example, the California Consumer Privacy Act prohibits us from disclosing your credit card number or account password.
- The right to ask us to delete the personal information that we have collected from you
- To make a request for deletion, please email us.
- We will use the process described below to verify the identity of anyone who requests deletion of your personal information
- Please note that deleting your information will remove your purchase history from our records, so after deletion we will be unable provide you with a record of your purchases
- Under the California Consumer Privacy Act, we are not required to delete your personal information if we need it for certain purposes, such as completing a transaction you requested or fulfilling the terms of a written warranty
- The right to opt out of sales of your personal information
- You have the right to tell us not to sell your personal information (the right to "opt out")
- To make a Do Not Sell request, please contact us at email@example.com
- The right not to be discriminated against for exercising your privacy rights
- We cannot treat you differently, such as by refusing to sell you goods or services or charging you different prices, because you chose to exercise your privacy rights
- This rule does not prohibit us from offering different prices that are directly related to the value of your information to us
Verifying a Request to Disclose or Delete
In order to protect your information from unauthorized disclosure or deletion, we will not disclose any information unless we believe that the person making the request is you or your authorized agent. To verify the identity of the requestor, we will ask for your email address. We will also ask you for an additional piece of information to match information we already know about you, such as the last 4 digits of your credit card number, the last item you purchased, or a shipping address you have used in the past. We may send an email or text message with an authentication code to a device you have used previously to communicate with us. If you have a password-protected account with us, we can verify your identity by using your account authentication credentials.
If you have authorized someone else (an "authorized agent") to request information on your behalf, you must give the agent your written and signed permission. We may request that you identify yourself directly and confirm that you have authorized the agent to submit the request on your behalf.
Protection of Children's Personal Information
We recognize the importance of protecting the privacy of children's personal information. We do not knowingly collect personal information from anyone under the age of 16. If you believe that a child younger than 16 has provided personal information to us, please contact us at firstname.lastname@example.org.
For More Information
- By email at email@example.com
- By using the request link on our website at lucadanni.com/privacy
By postal mail at:
Luca + Danni
[Re: Privacy Compliance Officer]
838 Dyer Avenue
Cranston, RI 02920