SECTION 1 - WHAT DO WE DO WITH YOUR INFORMATION?
When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address.
When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
Email marketing (if applicable): With your permission, we may send you emails about our store, new products and other updates.
SECTION 2 - CONSENT
How do you get my consent?
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at firstname.lastname@example.org
SECTION 3 - DISCLOSURE
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
SECTION 4 - SHOPIFY
Our store is hosted on Shopify. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
All transactions are processed in Australian dollars AUD.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers. For more insight, you may also want to read Shopify Terms of Service or Privacy Statement.
SECTION 5 - THIRD-PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
Our store uses Google Analytics to help us learn about who visits our site and what pages are being looked at
SECTION 6 - SECURITY
Organic Seeds provides its customers with a secure PCI compliant shopping cart and we will never share, sell or distribute your information with any third parties, apart from those required to process your order. In addition to this we also scan daily with McAfee to ensure our site is free of malware, malicious links, and phishing so that you can be 100% certain your information is safe and secure.
WHAT IS PCI DSS COMPLIANCE?
The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle credit card and debit card information. Defined by the Payment Card Industry Security Standards Council, the standard was created to increase controls around credit card data to reduce credit card fraud via its exposure. If a retailer wants to sell online and accept payments from Visa, MasterCard, American Express or Discover credit cards, your software and hosting needs to be PCI compliant.
THERE ARE SIX CATEGORIES OF PCI STANDARDS THAT MUST BE MET IN ORDER FOR A MERCHANT TO BE DEEMED COMPLIANT:
- Maintain a Secure Network
- Protect Cardholder Data
- Maintain a Vulnerability Management Program
- Implement Strong Access Control Measures
- Regularly Monitor and Test Networks
- Maintain an Information Security Policy
IS ORGANIC SEEDS PCI COMPLIANT?
The Organic Seeds website and shopping cart is powered by Shopify. Shopify is certified Level 1 PCI DSS compliant and this compliance extends to all online stores powered by Shopify. This means any information you enter during the check out process on our website is 100% safe and secure.
Shopify is very serious about securely hosting our online store and has invested significant time and money in order to be PCI compliant. From annual on-site assessments, validating compliance to continuous risk management, they work really hard to ensure this shopping cart software and ecommerce hosting is safe and secure. Organic Seeds only works with businesses who take the security of your information very serious.
Further Privacy Information: For more information about privacy issues in Australia and protecting your privacy, visit the Australian Federal Privacy Commissioner's web site. http://www.privacy.gov.au/ We welcome any comments or feedback.