The Boring Vape Company Ltd. understands that your privacy is important to you and that you care about how your personal data is used and shared online. We respect and value the privacy of everyone who visits this website, www.theboringvapeco.com (“Our Site”) and will only collect and use personal data in ways that are described here, and in a manner that is consistent with Our obligations and your rights under the law.
SECTION 1 – DEFINITIONS AND INTERPRETATION
Account: means an account required to access and/or use certain areas and features of Our Site;
Cookie: means a small text file placed on your computer or device by Our Site when you visit certain parts of Our Site and/or when you use certain features of Our Site. Details of the Cookies used by Our Site are set out in section 11, below;
Cookie Law: means the relevant parts of the Privacy and Electronic Communications (EC Directive) Regulations 2003;
Personal data: means any and all data that relates to an identifiable person who can be directly or indirectly identified from that data. In this case, it means personal data that you give to Us via Our Site. This definition shall, where applicable, incorporate the definitions provided in the EU Regulation 2016/679 – the General Data Protection Regulation (“GDPR”);
We/Us/Our: means The Boring Vape Company Ltd, a limited company registered in England under company number10940236, whose registered address is Unit 7 Devonshire Business Centre, Cranborne Road, Potters Bar, Hertfordshire, UK.
SECTION 2 – WHAT DOES THIS POLICY COVER?
SECTION 3 – WHAT DATA DO WE COLLECT?
– contact information such as address, email addresses and telephone numbers;
– IP address;
– web browser type and version;
– operating system;
– a list of URLs starting with a referring site, your activity on Our Site
SECTION 4 – HOW DO WE USE YOUR DATA?
All personal data is processed and stored securely, for no longer than is necessary in light of the reason(s) for which it was first collected. We will comply with Our obligations and safeguard your rights under the General Data Protection Regulation at all times.
Our use of your personal data will always have a lawful basis, either because it is necessary for Our performance of a contract with you, because you have consented to Our use of your personal data (e.g. by subscribing to emails), or because it is in Our legitimate interests. Specifically, We may use your data for the following purposes:
– Providing and managing your Account;
– Providing and managing your access to Our Site;
– Personalising and tailoring your experience on Our Site;
– Supplying Our products to you (please note that We require your personal data in order to enter into a contract with you);
– Personalising and tailoring Our products and services to you.
– Replying to emails from you;
– Supplying you with emails that you have opted into (you may unsubscribe or opt-out at any time by following unsusbscribe links at bottom of emails, or by contacting email@example.com
– Market research;
– Analysing your use of Our Site and gathering feedback to enable Us to continually improve Our Site and your user experience;
With your permission and/or where permitted by law, We may also use your data for marketing purposes which may include contacting you by email, telephone, text message or post with information, news and offers on Our products. We will not, however, send you any unsolicited marketing or spam and will take all reasonable steps to ensure that We fully protect your rights and comply with Our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003.
Third parties whose content appears on Our Site may use third party Cookies, as detailed below in section 11. Please refer to section 11 for more information on controlling Cookies. Please note that We do not control the activities of such third parties, nor the data they collect and use and advise you to check the privacy policies of any such third parties.
You have the right to withdraw your consent to Us using your personal data at any time, and to request that We delete it.
SECTION 5 – HOW AND WHERE DO WE STORE YOUR DATA
We only keep your personal data for as long as We need to in order to use it as described above in section 4, and/or for as long as We have your permission to keep it.
Some or all of your data may be stored outside of the European Economic Area (“the EEA”) (The EEA consists of all EU member states, plus Norway, Iceland, and Liechtenstein). You are deemed to accept and agree to this by using Our Site and submitting information to Us. If We do store data outside the EEA, We will take all reasonable steps to ensure that your data is treated as safely and securely as it would be within the UK and under the GDPR.
Data security is very important to Us, and to protect your data We have taken suitable measures to safeguard and secure data collected through Our Site.
SECTION 6 – DO WE SHARE YOUR DATA?
We may sometimes contract with third parties to supply products and services to you on Our behalf. These may include payment processing, delivery of goods, search engine facilities, advertising, and marketing. In some cases, the third parties may require access to some or all of your data. Where any of your data is required for such a purpose, We will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, Our obligations, and the obligations of the third party under the law.
We may compile statistics about the use of Our Site including data on traffic, usage patterns, user numbers, sales, and other information. All such data will be anonymised and will not include any personally identifying data, or any anonymised data that can be combined with other data and used to identify you. We may from time to time share such data with third parties such as prospective investors, affiliates, partners, and advertisers. Data will only be shared and used within the bounds of the law.
We may sometimes use third party data processors that are located outside of the European Economic Area (“the EEA”) (The EEA consists of all EU member states, plus Norway, Iceland, and Liechtenstein). Where We transfer any personal data outside the EEA, We will take all reasonable steps to ensure that your data is treated as safely and securely as it would be within the UK and under the GDPR.
In certain circumstances, We may be legally required to share certain data held by Us, which may include your personal data, for example, where We are involved in legal proceedings, where We are complying with legal requirements, a court order, or a governmental authority.
SECTION 7 – HOW CAN YOU ACCESS YOUR DATA
You have the right to ask for a copy of any of your personal data held by Us (where such data is held). Under the GDPR, no fee is payable and We will provide any and all information in response to your request free of charge. Please contact Us for more details at firstname.lastname@example.org
SECTION 8 – SHOPIFY
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more information, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
SECTION 9 – THIRD PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies with respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located under a different jurisdiction from either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements
SECTION 10 – SECURITY
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with an AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
SECTION 11 – COOKIES
Strictly necessary cookies: These are essential to the functionality of the site and enable you to navigate and use its features.
Functionality cookies: These cookies store preferences such as the country you visit from, language and currency to make your browsing experience as seamless as possible.
Analytics cookies: These cookies allow us to measure site performance and gather information on how our customers interact with our site and what pages are viewed to help us make improvements to your experience.
Targeting or advertising cookies: These cookies are used to deliver advertising that is relevant to you and measure the performance of our marketing campaigns.
By using Our Site you agree to us placing cookies on your device or computer and accessing them when you visit the site in future. To control cookies or to delete existing cookies please consult your bowser help menu for instructions. Further information on cookies can be found at https://ico.org.uk/for-organisations/guide-to-pecr/cookies-and-similar-technologies/
SECTION 12 – AGE OF CONSENT
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
QUESTIONS AND CONTACT INFORMATION
If you would like to access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at email@example.com or by mail at
The Boring Vape Company Ltd
For the attention of Privacy Compliance Officer
Unit 7 Devonshire Business Centre