Privacy Policy – BAGGU
Cart 0

Privacy Policy

PRIVACY STATEMENT

Effective Date: May 25, 2018


----

SECTION 1 - WHAT DO WE DO WITH YOUR INFORMATION?

When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address.

When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.

Email marketing (if applicable): With your permission, we may send you emails about our store, new products and other updates.

SECTION 2 - CONSENT

How do you get my consent?

When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.

If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.


How do I withdraw my consent?

If, after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at info@baggu.com or mailing us at: BAGGU 2415 3rd Street, Suite 239, San Francisco, CA, 94107, United States

SECTION 3 - DISCLOSURE

We may disclose personal information that we collect or you provide as described in this Policy:

  1. To fulfill the purpose for which you provide it.
  2. To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of the Site's assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal information about our Site users is among the assets transferred.
  3. We may, without restriction, disclose aggregated information about our users and information that does not identify any individual.
  4. To enforce our Terms of Service.
  5. To comply with any court order, law or legal process, including to respond to any government or regulatory request.
  6. If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of the Site, our customers or others.
  7. For any other purpose disclosed by us when you provide the information.

 

SECTION 4 - SHOPIFY

Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.

Your data is stored in Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.

Payment:

If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.

All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.

PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

For more insight, you may also want to read Shopify’s Terms of Service here or Privacy Statement here.

SECTION 5 - THIRD-PARTY SERVICES


      In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.

      However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.

      For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.

      In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.

      As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.

      Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.

      We may share personal information with our service providers, including those who assist us with marketing, and with other trusted parties whom we believe offer products or services that may be of interest to you.

      Links

      When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.


      SECTION 6 - SECURITY

      To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.

      If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.

      COOKIES

      Cookies are small text files that can be used by websites to make a user's experience more efficient.

      The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission.

      This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.

      You can at any time change or withdraw your consent from the Cookie Declaration on our website.

      Learn more about who we are, how you can contact us and how we process personal data in our Privacy Policy.

      Your consent applies to the following domains: www.baggu.com

       Cookie declaration last updated on 23/05/2018 by Cookiebot:

      Necessary (19)

      Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

       

      Name

      Provider

      Purpose

      Expiry

      Type

      __cfduid [x3]

      backinstock.org

      beeketing.com

      specialoffers.io

      Used by the content network, Cloudflare, to identify trusted web traffic.

      1 year

      HTTP Cookie

      CookieConsent

      baggu.com

      Stores the user's cookie consent state for the current domain

      1 year

      HTTP Cookie

      csrftoken

      oneclicksociallogin.devcloudsoftware.com

      Helps prevent Cross-Site Request Forgery (CSRF) attacks.

      1 year

      HTTP Cookie

      JSESSIONID [x2]

      fs22.formsite.com

      nr-data.net

      Preserves users states across page requests.

      Session

      HTTP Cookie

      PHPSESSID [x2]

      app.specialoffers.io

      ittechzilla.com

      Preserves user session state across page requests.

      Session

      HTTP Cookie

      SESS# [x10]

      oneclicksociallogin.devcloudsoftware.com

      saso-www1.herokuapp.com

      saso-www2.herokuapp.com

      saso-www3.herokuapp.com

      saso-www4.herokuapp.com

      saso-www5.herokuapp.com

      saso-www6.herokuapp.com

      saso-www7.herokuapp.com

      saso-www8.herokuapp.com

      saso-www9.herokuapp.com

      Preserves users states across page requests.

      13 days

      HTTP Cookie

       

      Statistics (11)

      Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

       

      Name

      Provider

      Purpose

      Expiry

      Type

      @@History/@@scroll|#

      baggu.com

      Unclassified

      Session

      HTML Local Storage

      _ga [x2]

      alveo.io

      baggu.com

      Registers a unique ID that is used to generate statistical data on how the visitor uses the website.

      2 years

      HTTP Cookie

      _gat [x2]

      alveo.io

      baggu.com

      Used by Google Analytics to throttle request rate

      Session

      HTTP Cookie

      _gid [x2]

      alveo.io

      baggu.com

      Registers a unique ID that is used to generate statistical data on how the visitor uses the website.

      Session

      HTTP Cookie

      optimizelyBuckets

      baggu.com

      Stores settings on Optimizely user experience experiments and variations that the visitor has been bucketed into. This ensures the visitor consistently sees the same variation, even over multiple sessions.

      10 years

      HTTP Cookie

      optimizelyEndUserId

      baggu.com

      Used to measure how selected users react to targeted changes to the website's content and functionality, in order to determine what variation is most efficacious in terms of converting users to customers.

      10 years

      HTTP Cookie

      optimizelyPendingLogEvents

      baggu.com

      Used by Optimizely as a cache of a user's actions between tracking calls.

      Session

      HTTP Cookie

      optimizelySegments

      baggu.com

      Used by Optimizely to store the user's audience and dimension information (e.g., browser, campaign, mobile, source type, custom dimensions).

      10 years

      HTTP Cookie

       

      Marketing (11)

      Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

       

      Name

      Provider

      Purpose

      Expiry

      Type

      _omappvp

      baggu.com

      Used by the lead generation platform OptinMonster to determine if the visitor is returning and has visited the website before.

      11 years

      HTTP Cookie

      _omappvs

      baggu.com

      Used by the lead generation platform OptinMonster to determine if the visitor is visiting the website for the first time.

      Session

      HTTP Cookie

      ads/ga-audiences

      google.com

      Used by Google AdWords to re-engage visitors that are likely to convert to customers based on the visitor's online behaviour across websites.

      Session

      Pixel Tracker

      ads/user-lists/#

      google.com

      Unclassified

      Session

      Pixel Tracker

      collect

      google-analytics.com

      Used to send data to Google Analytics about the visitor's device and behaviour. Tracks the visitor across devices and marketing channels.

      Session

      Pixel Tracker

      fr

      facebook.com

      Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers.

      3 months

      HTTP Cookie

      IDE

      doubleclick.net

      Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

      1 year

      HTTP Cookie

      impression.php/#

      facebook.com

      Used by Facebook to register impressions on pages with the Facebook login button.

      Session

      Pixel Tracker

      NID

      google.com

      Registers a unique ID that identifies a returning user's device. The ID is used for targeted ads.

      6 months

      HTTP Cookie

      test_cookie

      doubleclick.net

      Used to check if the user's browser supports cookies.

      Session

      HTTP Cookie

      tr

      facebook.com

      Unclassified

      Session

      Pixel Tracker

       

      Unclassified (19)

      Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.

       

      Name

      Provider

      Purpose

      Expiry

      Type

      _landing_page

      baggu.com

      Unclassified

      13 days

      HTTP Cookie

      _orig_referrer

      baggu.com

      Unclassified

      13 days

      HTTP Cookie

      _s

      baggu.com

      Unclassified

      Session

      HTTP Cookie

      _shopify_fs

      baggu.com

      Unclassified

      2 years

      HTTP Cookie

      _shopify_s

      baggu.com

      Unclassified

      Session

      HTTP Cookie

      _shopify_sa_p

      baggu.com

      Unclassified

      Session

      HTTP Cookie

      _shopify_sa_t

      baggu.com

      Unclassified

      Session

      HTTP Cookie

      _shopify_y

      baggu.com

      Unclassified

      2 years

      HTTP Cookie

      _y

      baggu.com

      Unclassified

      2 years

      HTTP Cookie

      AWSALB

      fs22.formsite.com

      Unclassified

      6 days

      HTTP Cookie

      cart_sig

      baggu.com

      Unclassified

      13 days

      HTTP Cookie

      cookietest

      baggu.com

      Unclassified

      Session

      HTTP Cookie

      lsContextID

      baggu.com

      Unclassified

      Session

      HTTP Cookie

      qab_previous_pathname

      baggu.com

      Unclassified

      Session

      HTTP Cookie

      secure_customer_sig

      baggu.com

      Unclassified

      20 years

      HTTP Cookie

      storefront/page

      v.shopify.com

      Unclassified

      Session

      Pixel Tracker

      storefront/session-attribution

      v.shopify.com

      Unclassified

      Session

      Pixel Tracker

      storefront/track

      v.shopify.com

      Unclassified

      Session

      Pixel Tracker

      v3

      ct.pinterest.com

      Unclassified

      Session

      Pixel Tracker

       

      SECTION 7 - CHILDREN’S PRIVACY


      Our Site is not directed to children under the age of 18. We do not knowingly collect any personal information about children under the age of 18. If we obtain actual knowledge that we have collected personal information about a child under the age of 18, that information will be promptly deleted from our database, unless it is necessary to retain it for legal purposes. If a parent believes that his or her child has submitted personal information to us, he or she can contact us via e-mail. We will promptly delete the information upon learning that it relates to a child under the age of 18. Please note that it is possible some of this information may remain archived in web logs and back-up archives after we delete the information from our active database.

       

      • YOUR CALIFORNIA PRIVACY RIGHTS

      We will not share any personal data with third-parties for their direct marketing purposes to the extent prohibited by California law. If our practices change, we will do so in accordance with applicable laws and will notify you in advance. California law requires that operators of online services disclose how they respond to a Do Not Track signal. Some browsers have incorporated “Do Not Track” features. Most of these features, when turned on, send a signal or preference to the online service that a user visits, indicating that the user does not wish to be tracked. We do not currently respond to Do Not Track signal.

       

      • EU USERS’ RIGHTS

      This section of our Privacy Policy applies to the users of our platform in the EU. We would like to inform you about your EU General Data Protection Regulation (GDPR) rights and how we safeguard them.

      1. Your GDPR rights to be informed, to access, rectify, erase or restrict the processing of your personal information. You have the right to receive free information about what personal data we have obtained about you, where it is stored, for how long, for what purposes it is used, to whom it was disclosed. You have the right to require that we, without undue delay, rectify of inaccurate personal data concerning you. That means you can request we change your personal data in our records, or have you incomplete personal data completed. You have the “right to be forgotten,” i.e. to have us delete your personal information, without undue delay, if the data is no longer necessary in relation to the purposes for which it was collected. However, GDPR gives us the right to refuse erasure if we can demonstrate compelling legitimate grounds for keeping your information.
      2. GDPR gives you the right to restrict processing if any of the following applies:

        If you contest t
        he accuracy of your personal data, we will restrict processing it for a period enabling us to verify its accuracy.
        ii. The processing is unlawful and you oppose its erasure and request instead the restriction of its use.

        iii. We no longer need your persona
        l data for the purposes of the processing, but you require us to restrict processing for the establishment, exercise or defence of legal claims.
        iv. You have objected to processing pursuant to Article 21(1) of the GDPR pending the verification whether our
        legitimate grounds override yours.
      3. Right to data portability. Upon request, we will provide you your personal data in our possession, in a structured, commonly used and machine-readable format. You have the right to transmit that data to another controller if doing so does not adversely affect the rights and freedoms of others.
      4. Right to object. You can object, on grounds relating your particular situation, at any time, to processing of your personal information, if based on point (e) or (f) of Article 6(1) of the GDPR.  We will then have to stop processing, unless we can demonstrate compelling legitimate grounds for the processing. If you object to the processing for direct marketing purposes, we will have to stop processing for these purposes.
      5. Right to withdraw consent. GDPR grants you the right to withdraw your earlier given consent, if any, to processing of your personal data at any time.
      6. Rights related to automated decision making. As a responsible business, we do not rely on any automated decision making, such as profiling.

       

      DATA RETENTION 

      We retain your personal data for as long as your account is active or for as long as we need it to fulfill the purposes for which we have initially collected it, unless otherwise permitted or required by law. We will retain and use information as necessary to comply with our legal obligations, resolve disputes, and enforce our rights. We will cease to retain your personal data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes.


      SECTION 8 - CHANGES TO THIS PRIVACY POLICY

      We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it. The date of the last update is indicated at the top of this page.

      If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.

      QUESTIONS AND CONTACT INFORMATION

      If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at info@baggu.com or by mail at BAGGU

      [Re: Privacy Compliance Officer]

      [2415 3rd Street, Suite 239, San Francisco, CA, 94107, United States]