Privacy Policy
This Privacy Policy describes how T-shirt Hut (the “site”) collect, use, and process any personal data that we collect from you—or you provide to us—in connection with your use of our website (www.tshirthut.ca) or our mobile apps. By accessing or using our Services, you signify your understanding of the terms set out in this Privacy Policy.
COLLECTING PERSONAL INFORMATION
When you visit the Site, we collect certain information about your device, your interaction with the Site, and information necessary to process your purchases. We may also collect additional information if you contact us for customer support. In this Privacy Policy, we refer to any information that can uniquely identify an individual (including the information below) as “Personal Information”. See the list below for more information about what Personal Information we collect and why. We collect information that may contain the following personal data:
- Name;
- Company name;
- Shipping information;
- Email address and phone number;
- Payment and billing information (payment method details, first and last digits of your payment card);
- Order handling information
Device information
- Examples of Personal Information collected: version of web browser, IP address, time zone, cookie information, what sites or products you view, search terms, and how you interact with the Site.
- Purpose of collection: to load the Site accurately for you, and to perform analytics on Site usage to optimize our Site.
- Source of collection: Collected automatically when you access our Site using cookies, log files, web beacons, tags, or pixels.
- Disclosure for a business purpose: shared with our processor Shopify and Third Party Suppliers (such as Printful) that help us fulfill your orders in this website. Please read on Sharing Information with Third Party Suppliers below.
Order and Customer Support
- Examples of Personal Information collected: name, billing address, shipping address, payment information (including credit card numbers and ewallet registration IDs, etc.), email address, and phone number.
- Purpose of collection: to provide products or services to you to fulfill our contract, to process your payment information, arrange for shipping, and provide you with invoices and/or order confirmations, communicate with you, screen our orders for potential risk or fraud, and when in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
- Source of collection: collected from you.
- Disclosure for a business purpose: shared with our processor Shopify and Third Party Suppliers (such as Printful, Dsers), social media channels, and payment gateway systems.
Minors
We do not knowingly collect, maintain, disclose, or sell the personal information about users under the age of sixteen (16). If you are under the age of 16, please do not use our Services. If you are under the age of 16 and have used our Services, please contact us at the email address below so that we may delete your personal information.
SHARING PERSONAL INFORMATION
We share your Personal Information with service providers to help us provide our services and fulfill our contracts with you, as described above. For example:
- We use Shopify to power our online store. You can read more about how Shopify uses your Personal Information here: https://www.shopify.com/legal/privacy.
- We may share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.
Sharing personal data with Third Party Suppliers
In order for us to provide you with our Services, we work with third parties (“Third Party Service Providers”) with whom we share personal data to support these Services.
Information you have provided to us during the use of our Services, including technical usage data, is shared with third parties who provide hosting and server co-location services as well as data and cyber security services.
Information you have provided to us during the use of our Services may also be shared with third-party manufacturing services whom we engage to provide any Services.
Your email address and other contact details you have provided to us and your messages to our customer service is shared with communication, email distribution, and content delivery services as well as customer support system providers.
Information regarding your purchases and payments is shared with billing and payment processing services, fraud detection and prevention services, accounting and financial advisors.
Information regarding your use of our website and other information received from cookies and similar technology is shared with web analytics, session recording, and online marketing services.
Information on your account, purchases and preferences can be shared with marketing services.
Insofar as reasonably necessary to defend our legal rights, we may share your personal data with our legal advisors.
We will only share personal data to Third Party Service Providers that have undertaken to comply with obligations set out in applicable data protection laws.
In certain circumstances, we are required to share information with third parties to comply with legal requirements or requests, as well as to protect our, or a third party’s, lawful interests. We will also disclose your information to third parties in and outside your country only to the extent allowed by applicable law, including:
- to a prospective purchaser or purchaser that acquires all or substantially all of us or our business;
- to a third party in the event that we sell or buy any business or undergo a merger, in which case we may disclose your information to the prospective buyer of such business; and
- to a third party if we sell, buy, merge or partner with other companies or businesses, undergo a re-organization, bankruptcy, or liquidation; or otherwise undertake a business transaction or sell some or all of our assets. In such transactions, your information may be among the transferred assets.
Behavioural Advertising
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For example:
- We use Google Analytics to help us understand how our customers use the Site. You can read more about how Google uses your Personal Information here: https://policies.google.com/privacy?hl=en.You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
- We share information about your use of the Site, your purchases, and your interaction with our ads on other websites with our advertising partners. We collect and share some of this information directly with our advertising partners, and in some cases through the use of cookies or other similar technologies (which you may consent to, depending on your location).
For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
You can opt out of targeted advertising by:
- FACEBOOK - https://www.facebook.com/settings/?tab=ads
- GOOGLE - https://www.google.com/settings/ads/anonymous
- BING - https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads]
Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.
Information security
We seek to use reasonable organizational, technical, and administrative measures to protect the confidentiality, integrity, and availability of personal data. We encourage you to take care of the personal data in your possession that you process online and set strong passwords for your account, limit access to your computer and browser by signing out after you have finished your session, and avoid providing us with any sensitive information.
International transfers of data
All the information you provide may be transferred or accessed by our affiliate companies and subsidiaries in other countries, and our Third Party Service Providers (as described above) in these countries for the provision of our Services as described in this Privacy Policy. When we transfer your information globally, we take necessary measures to ensure adequate protection of your information, including where required by applicable law entering into the European Commission’s Model clauses for the transfer of personal data to third countries (i.e., the standard contractual clauses), or transferring to a recipient certified to EU-US Privacy Shield of the US Department of Commerce.
Retention
When you place an order through the Site, we will retain your Personal Information for our records unless and until you ask us to erase this information.
We retain your personal data for as long as you have an account with us or any of the abovementioned legal basis for personal data processing still exists. For example, if you unsubscribe from our marketing, newsletter, or blog emails, we will stop the processing of the personal data for such purposes. If you have used our Services without creating an account, we will keep your personal data as long as necessary to comply with our legal obligation to retain information relating to provision of services, for example, for tax purposes.
After terminating your relationship with us by deleting your account or otherwise ceasing to use our Services, we may continue to store copies of your personal data) as necessary to comply with our legal obligations, to resolve disputes between you and us, to prevent fraud and abuse, to enforce our agreements, and/or to protect our legitimate interests (to the extent that we are permitted by the applicable law to continue to store copies to protect our legitimate interests).
Automatic decision-making
If you are a resident of the EEA, you have the right to object to processing based solely on automated decision-making (which includes profiling), when that decision-making has a legal effect on you or otherwise significantly affects you.
We do not engage in fully automated decision-making that has a legal or otherwise significant effect using customer data.
Our processor Shopify uses limited automated decision-making to prevent fraud that does not have a legal or otherwise significant effect on you.
Services that include elements of automated decision-making include:
- Temporary denylist of IP addresses associated with repeated failed transactions. This denylist persists for a small number of hours.
- Temporary denylist of credit cards associated with denylisted IP addresses. This denylist persists for a small number of days.
GDPR
If you are a User located in the European Economic Area or the United Kingdom, in accordance with European Union and United Kingdom data protection regulations, you have certain rights with respect to your personal data. You have the right to request access to your personal data; in certain circumstances to correct, amend, delete, or restrict the use of your personal data by logging into your account or by reaching us using the contact information provided below. In addition, you can object to the processing of your personal data in some circumstances (in particular, where we are not required to process your data to meet a contractual or other legal requirement). These rights may be limited, for example, if fulfilling your request would reveal personal data about another person, or if you ask us to delete information which we are required by law to retain, are permitted by law to retain, or have compelling legitimate interests in retaining (to the extent that applicable law permits us to retain such information based on our legitimate interests).
Furthermore, if you believe that we have unlawfully processed your personal data, you have the right to submit a complaint to the contact information provided below, or to your respective data protection supervisory authority..
Your Personal Information will be initially processed in Ireland and then will be transferred outside of Europe for storage and further processing, including to Canada and the United States. For more information on how data transfers comply with the GDPR, see Shopify’s GDPR Whitepaper: https://help.shopify.com/en/manual/your-account/privacy/GDPR.
CCPA
If you are a resident of the State of California and you have provided your personal information to us, you have certain rights under the California Consumer Privacy Act of 2018 (“CCPA”). You have the right to request that we disclose what personal information we collect, use, disclose, and sell. Contact us to exercise your right to know. You have the right to request deletion of your personal information we collect and maintain. You can exercise this right by deleting your account in your account Settings. In case you delete your account we will only retain information regarding your purchases and payments to comply with our legal obligations. We will verify requests to exercise your California Privacy Rights requiring you to log into your account. You have the right not to be discriminated against by us for exercising any of your rights under the CCPA.
We disclose your personal information to third parties for the commercial purpose of providing you interest-based advertising. You have the right to opt out of the sale of your personal information by declining our cookies or by deleting all cookies stored in your browser and setting up your browser to block cookies being saved.
COOKIES
A cookie is a small amount of information that’s downloaded to your computer or device when you visit our Site. We use a number of different cookies, including functional, performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the site or browse from one page to another. Cookies also provide information on how people use the website, for instance whether it’s their first time visiting or if they are a frequent visitor.
We use the following cookies to optimize your experience on our Site and to provide our services.
Cookies Necessary for the Functioning of the Store
|
Name |
Function |
|
_ab |
Used in connection with access to admin. |
|
_secure_session_id |
Used in connection with navigation through a storefront. |
|
Cart |
Used in connection with shopping cart. |
|
cart_sig |
Used in connection with checkout. |
|
cart_ts |
Used in connection with checkout. |
|
checkout_token |
Used in connection with checkout. |
|
Secret |
Used in connection with checkout. |
|
secure_customer_sig |
Used in connection with customer login. |
|
storefront_digest |
Used in connection with customer login. |
|
_shopify_u |
Used to facilitate updating customer account information. |
Reporting and Analytics
|
Name |
Function |
|
_tracking_consent |
Tracking preferences. |
|
_landing_page |
Track landing pages |
|
_orig_referrer |
Track landing pages |
|
_s |
Shopify analytics. |
|
_shopify_fs |
Shopify analytics. |
|
_shopify_s |
Shopify analytics. |
|
_shopify_sa_p |
Shopify analytics relating to marketing & referrals. |
|
_shopify_sa_t |
Shopify analytics relating to marketing & referrals. |
|
_shopify_y |
Shopify analytics. |
|
_y |
Shopify analytics. |
The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing and persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and will expire between 30 minutes and two years from the date they are downloaded to your device.
You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our website may no longer be fully accessible.
Most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu. For more information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser’s help file or through such sites as www.allaboutcookies.org.
Additionally, please note that blocking cookies may not completely prevent how we share information with third parties such as our advertising partners. To exercise your rights or opt-out of certain uses of your information by these parties, please follow the instructions in the “Behavioural Advertising” section above.
Do Not Track
Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.
CHANGES
We may update this Privacy Policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal, or regulatory reasons.
CONTACT
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at info@tshirthut.ca, with heading "Privacy Policy".
Last Updated: July 08, 2023.