Privacy Policy
SECTION 1 - WHAT DO WE DO WITH YOUR INFORMATION?
When you purchase something from our store, as part of the buying and selling process, we collect personal information such as your name, address, email address, and payment details.
When you browse our store, we also automatically receive your computer’s internet protocol (IP) address to provide us with information about your browser and operating system, helping us improve your shopping experience.
If you opt-in to our email marketing, we may send you emails about our store, new products, promotions, and other updates.
Abandoned Cart Emails
If you begin a purchase but do not complete checkout, we may send you reminders about your abandoned cart using the email address you provided during the checkout process. These emails are intended to help you complete your purchase and may include relevant offers or support. You can opt out of these emails at any time by clicking the unsubscribe link provided in the email.
SECTION 2 - CONSENT
How do we obtain your consent?
When you provide us with personal information to complete a transaction, verify your payment method, place an order, arrange for a delivery, or return a purchase, we imply that you consent to us collecting and using it for that specific reason only.
For secondary purposes, such as marketing, we will either ask you directly for your expressed consent or provide you with an opportunity to opt out.
How do I withdraw my consent?
If you change your mind after opting in, you can withdraw your consent for us to contact you, store, or use your personal information at any time by contacting us at:
📧 Email: contact@massivedimension.com
📍 Mail: Massive Dimension, 81 Parker Rd, Barre, Vermont, USA 05641
SECTION 3 - DISCLOSURE
We may disclose your personal information if required by law or if you violate our Terms of Service.
SECTION 4 - SHOPIFY
Our store is hosted on Shopify Inc., which provides us with an online e-commerce platform to sell our products and services.
Your data is stored securely through Shopify’s data storage, databases, and the Shopify application, all of which are protected by industry-standard security measures.
Payment
If you choose a direct payment gateway to complete your purchase, Shopify stores your payment data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS) and stored only as long as necessary to complete the transaction. Once completed, your purchase information is deleted.
All direct payment gateways adhere to PCI-DSS standards, ensuring the secure handling of credit card information.
For more details, please review Shopify’s policies:
-
Terms of Service: https://www.shopify.com/legal/terms
-
Privacy Statement: https://www.shopify.com/legal/privacy
SECTION 5 - THIRD-PARTY SERVICES
Third-party providers used by us will only collect, use, and disclose your information as necessary to perform their services.
However, certain third-party providers, such as payment processors and logistics services, have their own privacy policies regarding the information we must provide them for your purchase-related transactions.
We recommend reviewing their privacy policies to understand how your personal data is handled.
If you proceed with a transaction involving a third-party provider, your information may be subject to the jurisdiction(s) in which they operate.
External Links
When you click on links on our store, they may direct you to external websites. We are not responsible for the privacy practices of other sites and encourage you to read their privacy policies.
Google Analytics
We use Google Analytics to track visitor behavior and website performance. Google may collect and process data according to its own privacy policies.
SECTION 6 - SECURITY
To protect your personal information, we implement reasonable security measures and follow industry best practices to prevent unauthorized access, misuse, loss, or disclosure.
If you provide us with credit card information, it is encrypted using Secure Socket Layer (SSL) technology and stored with AES-256 encryption. While no method of electronic storage is 100% secure, we comply with all PCI-DSS requirements and implement additional industry standards.
SECTION 7 - COOKIES
We use cookies to enhance your browsing experience and track website usage. You can choose to disable cookies in your browser settings.
Cookies Used on Our Store:
|
Cookie |
Purpose |
Duration |
|
_session_id |
Stores session information (e.g., referrer, landing page) |
Session |
|
_shopify_visit |
Tracks number of visits |
30 minutes |
|
_shopify_uniq |
Counts visits by a customer |
Expires at midnight |
|
cart |
Stores cart contents |
2 weeks |
|
_secure_session_id |
Stores session data securely |
Session |
|
storefront_digest |
Identifies logged-in customers |
Indefinite |
|
PREF (Google) |
Tracks visitor behavior |
Short duration |
SECTION 8 - AGE OF CONSENT
By using this site, you confirm that you are at least the age of majority in your state/province or that you have given consent for any of your minor dependents to use this site.
SECTION 9 - CHANGES TO THIS PRIVACY POLICY
We reserve the right to modify this Privacy Policy at any time. Changes will take effect immediately upon posting on our website.
If significant changes occur, we will notify you via our website so that you are aware of how we collect, use, and protect your information.
If our company is acquired or merged, your information may be transferred to the new entity to continue providing services to you.
QUESTIONS & CONTACT INFORMATION
If you would like to:
-
Access, correct, amend, or delete any personal information
-
Register a complaint
-
Request more information
📧 Contact Us: contact@massivedimension.com
📍 Mailing Address:
Massive Dimension
[Re: Privacy Compliance Officer]
81 Parker Rd, Barre, Vermont, USA 05641
Policy basis:
The guidance to update your privacy policy to include the use of customer emails for abandoned cart reminders is based on interpretations of data protection regulations and best practices:
-
General Data Protection Regulation (GDPR):
-
Under GDPR, businesses can process personal data based on "legitimate interests," provided this interest is not overridden by the individual's rights and expectations. Sending abandoned cart emails is often considered a legitimate interest, as it serves both the business and the customer by reminding them of incomplete purchases. However, it's essential to conduct a Legitimate Interest Assessment (LIA) to ensure compliance. enzuzo.com
-
CAN-SPAM Act (U.S. Law):
-
The CAN-SPAM Act differentiates between commercial and transactional emails. While transactional emails (those facilitating an agreed-upon transaction) are exempt from certain provisions, it's crucial to ensure that abandoned cart emails don't cross into promotional content without proper compliance. Including an opt-out mechanism in such emails is a recommended practice. socketlabs.com
-
Best Practices and Transparency:
-
Regardless of the legal basis, transparently informing customers about how their data will be used fosters trust and aligns with principles of fair processing. Updating your privacy policy to explicitly mention the use of emails for abandoned cart reminders ensures customers are aware of this practice, reducing potential complaints or misunderstandings.
By incorporating this information into your privacy policy, you demonstrate a commitment to transparency and compliance with data protection regulations.
