Privacy Policy
This Privacy Policy describes how Ammolite Canada Inc., www.ammonite-factory.com, (the “Site” or “we”) collects, uses and discloses your Personal Information when you visit or make a purchase from the Site.
We value the relationship with our Customers and are committed to responsible and reasonable handling of your personal information. When you visit the Site, we collect certain information about your device, your interaction with the Site and the information necessary to process your purchase. We may also collect additional information if you contact us for customer support. In this Privacy Policy, we refer to any information that can uniquely identify an individual (including the information below) as “Personal Information”. It is our policy to only collect, use and disclose your personal information after notifying you of the purpose for doing so and obtaining your consent, unless required or permitted by law.
Device Information
Personal Information which is collected: version of web browser, IP address, time zone, cookie information, additional sites or products you view, search terms and how you interact within the Site.
Purpose of collecting information: we use this information to load the site accurately for you, and to perform analytics on Site usage to optimize our Site.
Source of collection: the Site uses a technology called “cookies”. A cookie is a small file that our server may send to your browser when you access the Site. Cookies store data and may be used to provide additional functionality to your use of our Site.
Disclosure for business purpose: shared with our processor Squarespace.
This website is hosted by Squarespace. Squarespace collects personal data when you visit this website, including:
Information about your browser, network and device
Web pages you visited prior to coming to this website
Web pages you view while on this website
Your IP address
Squarespace needs the data to run this website, and to protect and improve its platform and services.
Order Information
Personal Information which is collected: purchaser’s name, billing address, shipping address, payment information (including credit card information) email, address and phone number.
Purpose of collecting information: to provide products to you to fulfil our contract, to process your payment information, arrange for shipping and provide you with an invoice for the purchase(s), and screen orders for potential risk or fraud.
Source of Collection: this is information that we have requested from you, the purchaser.
Disclosure for business purpose: shared with our processor Squarespace, who in turn, utilizes a payment processor called “Stripe”. Facebook and Instagram.
Minors
This website does not intentionally collect Personal Information from children under the age of 18. If you are a parent or guardian and believe your minor has provided us with Personal Information, please email us so we may request a deletion from the Site.
We share your Personal Information with service providers to help us provide our services and to fulfill our contracts to you. We use Squarespace to power our online store. You can read how Squarespace uses your Personal Information here: https://www.squarespace/privacy.
Currently, our Squarespace’s data controller is Stripe. Stripe is a data processor where it is facilitating payment transactions on behalf of and at the direction of Ammolite Canad Inc. Stripe uses and processes your complete payment information in accordance with Stripe’s privacy policy. You can read how Stripe uses your Personal Information at https://stripe.com/en-ca/legal/privacy-center. We may share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful requests for information we receive, or to otherwise protect our rights.
Behavioural Advertising
We use Google Analytics to help us understand how our customers use the Site. You can read more about how Google uses your Personal Information at https://policies.google.com/privacy?hl=en. You can also opt out of Google Analytics at https://tools.google.com/dlpage/gaoptout.
Using Personal Information
We use your personal information to provide our services to you, which includes: offering products for sale, processing payments, shipping and fulfillment of your order.
While we make reasonable efforts to maintain the security of personal information in our custody or control, please be advised that the internet and email are inherently insecure media, and we accept no liability for the security or privacy of personal information in transit over the internet.
Lawful basis
Pursuant to the General Data Protection Regulation (“GDPR”, if you are a resident of the European Economic Area (“EEA), we process your personal information under the following lawful basis:
Your consent
The performance of the contract between you and the site
Compliance with our legal obligations
To protect our interests
To perform a task carried out in the public interest
For our legitimate interests, which do not override you fundamental rights and freedoms
Retention
When you place an order through the Site, we will retain your Personal Information as long as it is reasonable or until you ask us to erase this information. Upon expiry of an appropriate retention period, bearing in mind reasonable legal and business requirements, personal information will be destroyed in a secure manner.
Automatic decision making
If you are a resident of the EEA, you have the right to object to processing based solely on automated decision making (which includes profiling), when that decision making has a legal effect on you or otherwise significantly affects you.
We do not engage in fully automated decision-making that has a legal or otherwise significant effect using customer data.
Our data processor Stripe https://stripe.com/en-ca/privacy uses limited automated decision-making to prevent fraud that does not have a legal or otherwise significant effect on you.
Services that include elements of automated decision-making include:
Temporary blacklist of IP addresses associated with repeated failed transactions. This blacklist persists for a small number of hours.
Temporary blacklist of credit cards associated with blacklisted IP addresses. This blacklist persists for a small number of days.
GDPR
The General Data Protection Regulation (EU GDPR) is a European privacy law that regulates how individuals and organizations may collect, use, and retain the personal data of individuals.
Following the exit of the United Kingdom of Great Britain and Northern Ireland (UK) from the European Union (EU), at the end of the UK-EU transition period (December 31, 2020), the EU GDPR forms part of the body of retained EU law in the UK (UK GDPR), along with the UK Data Protection Act 2018 (DPA 2018), continues to be part of UK law.
References to the GDPR and its provisions include the law as it applies to both EU GDPR and UK GDPR.
The GDPR requires certain safeguards when transferring personal data from outside the EEA, the UK and Switzerland to "third countries," which are all countries outside these protected areas, including Canada and the United States. Squarespace is committed to treating personal data received from the EEA, the UK, Switzerland, and elsewhere around the world in a secure and privacy-first way. Squarespace processes personal data in a way that meets the European Commission and UK Standard Contractual Clauses.
Standard Contractual Clauses
Squarespace uses the European Commission Standard Contractual Clauses (also known as Model Contractual Clauses) and the UK’s International Data Transfer Addendum (UK Addendum) as the legal basis for transferring personal data to third countries, including the United States.
The European Commission updated the Standard Contractual Clauses on June 4, 2021 to reflect:
How data processing happens in the modern world
The requirements of the EU GDPR
Recommendations from the European Data Protection Board The Schrems II decision by the Court of Justice of the European Union
On March 21, 2022, the UK’s Information Commissioner’s Office’s updated requirements related to data transfers outside of the UK, including the use of an international data transfer agreement and the UK Addendum to the updated Standard Contractual Clauses, took effect.
Squarespace protects your personal data and has put appropriate technical and organizational safeguards in place to meet these standards.
U.S. Federal Data Privacy Laws
Unlike the EU/UK with GDPR, the US doesn't have one generally applicable data privacy law. In addition to state laws, there are several industry-specific federal laws that relate to data privacy.
Personal Information
These state laws can also differ in how they define personal information. However, in general, the term is defined broadly in all of these laws, and includes not only traditional personal data— like birthdays, names, physical addresses, email addresses—but may also include location data, biometric data, financial information, and more.
For example:
California’s data privacy law defines personal information as “information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.”
Virginia’s data privacy law defines personal information as “information that is linked or reasonably linkable to an identified or identifiable individual.”
CCPA
If you are a resident of California, you have the right to access the Personal Information we hold about you (also known as the “Right to Know”), to port it to a new service, and to ask that your Personal Information be corrected, updated, or erased. Please contact us through the contact information in the “Contact Us” tab on the website.
Cookies
This website uses cookies and similar technologies, which are small files or pieces of text that download to a device when you access the website.
These functional and required cookies are always used, which allow Squarespace, our hosting platform, to securely serve this website to you.
These analytics and performance cookies are used on this website, as described below, only when you acknowledge our cookie banner. This website uses analytics and performance cookies to view site traffic, activity, and other data.
What are cookies?
Cookies are small pieces of data that websites store on a device. Cookies can improve your browsing experience because they help websites remember preferences and understand how you use different features.
Functional and required cookies
Squarespace uses some necessary cookies so visitors can navigate and use key features on the site. These cookies vary from site to site depending on the features it uses. For example, functional and required cookies help these features work:
URL redirects
You can view Squarespace’s current list of cookies at https://support.squarespace.com/hc/en-us/articles/360001264507-The-cookies-Squarespace-uses
The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing and persistent cookies last until they expire between 30 minutes and two years from the date they are downloaded to your device.
You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies may negatively impact your user experience and parts of our website may no longer be fully accessible.
Most browsers automatically accept cookies, but you can choose whether or not you accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu. For more information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser’s help file, or through such sites as www.allaboutcookies.org.
Do Not Track
Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.
Policy Changes
We may update this Privacy Policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal, or regulatory reasons.