Privacy Policy

Date of Last Revision: November 30, 2020 

Ecwid, Inc. (“Ecwid”) with its principal place of business at 687 South Coast Highway 101, Suite 239, Encinitas, California 92024 USA knows that you care how information about you is used and shared, and we appreciate your trust that we will do so carefully and sensibly.

By visiting our websites, including Ecwid.com, or using our services, apps, or our other user interfaces, you are accepting the practices described in this Privacy Policy. This Privacy Policy operates in conjunction with our Terms of Service and other agreements which reference this Privacy Policy. Please review each of these documents to understand the terms and conditions of your agreement with us. Ecwid’s services, websites, apps, or our other user interfaces may contain links to third-party services or websites. Ecwid is not responsible for the information practices or the content of such third-party services or websites. We encourage you to review the privacy policies of third-party services or websites to understand their information practices.

This Privacy Policy is designed to help you understand your privacy choices when you visit or use our services, websites, apps, or our other user interfaces. If you have questions about this Privacy Policy or our privacy practices, please contact us at privacy@ecwid.com.

1. Definitions.

“Account Information” means data about how and when an Ecwid account is created, accessed and used, including Store Information.

“Automated Decision Making” means a decision made solely by automated means without human involvement.

“Browser Information” means browser provided information, including the IP address, the website visited, network connection, device information, and other data, including Cookies.

“Contact Information” means basic personal and business information, such as first and last name, company name, postal address, phone number, email address and social media account information.

“Controller” means an entity that determines the purposes and means of the Processing of Personal Data.

“Cookie” a small file which resides on a computer hard drive containing an anonymous unique identifier accessible by the website that placed it there.

“Device Information” means information about a device, such as device ID number, model, and manufacturer, version of your operating system and geographical region, collected from device accessing the Services.

“Merchant” means a person or entity which uses or has used the Services.

“Partner” means a separate entity which participates in our channel partner or reseller program or other third-party program related to the Services.

“Payment Information” means and includes credit card, automated clearing house (ACH) or other payment information.

“Personal Data” or “Personal Information” means information that (i) relates to an identified or identifiable natural person, or (ii) identifies, relates to, or could reasonably be linked with you or your household.

“Processing” means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, including, but not limited to, collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

“Processor” means the entity which processes Personal Data on behalf of the Controller.

“Security Information” means user ID, password and password hints, and other security information used for authentication and account access

“Services” means Ecwid’s websites, services, apps, or other user interfaces

“Store Information” means information about a store, its products, and its architecture.

“Support Information” includes information about your hardware and software, authentication data, chat session contents, error reports, performance data, and other communication or technical information and may, with express permission, include remote access to facilitate troubleshooting.

“Transaction Information” means the data related to transactions that occur on the Services, including product, order, shipping information, Contact Information, and Payment Information.

“Usage Information” means information collected when you interact with the Services, including functionalities accessed, pages visited, and other interaction data.

“User” means an entity or person that interacts with a Merchant through the Services.

2. Information We Collect and Duration.

2.1 Information Collected from Merchants. When a Merchant interacts or uses the Services, we collect and control information such as Account Information, Browser Information, Contact Information, Device Information, Payment Information, Support Information, Device Information, Security Information, Transaction Information, Usage Information and set a Cookie.

2.2 Information Collected from Users. When Users interact with a Merchant’s ecommerce offering through the Services, we collect and process Browser Information and Transaction Information of the User on behalf of the Merchant.

2.3 Information Collected from Partners. When a Partner signs up for a partner account or refers a Merchant to us, we collect and control information such as Account information, Browser Information, Contact Information, Payment Information, Support Information, and Usage Information.

2.4 Information Collected from Visitors. When visitors browse our website or use the Services, or engage in communications with us online or offline, we collect and control, as applicable, Browser Information, Support Information, Contact Information, and Usage Information submitted or communicated to us.

2.5 Duration. We will delete your personal data when it is no longer necessary or relevant for the fulfillment of the purpose for which it was collected, or when you revoke a given consent, if the processing has been based on such consent, or in case you exercise your rights to oppose the processing or to delete your data; notwithstanding that a longer retention period may be established to pursue our legitimate business interests, comply with our legal obligations, resolve disputes and enforce applicable agreements.

3. How We Use Your Information.

3.1 Use of Merchant Information. We use this information as a Controller to provide Merchants with the Services, confirm identities, provide support such as debugging, troubleshooting, automated decision making such as the detection of fraudulent account creation when signing up for the Services, for advertising and marketing, invoicing, to resolve incidents related to the use of the Services, to improve and personalize the Services, such as push notifications regarding your store activities, and to comply with legal requirements. We may disclose certain information, including Account Information, Contact Information, Support Information and Transaction Information, to Partners subject to confidentiality obligations that refer Merchants to us or are engaged by a Merchant to provide services, apps or products relating to the Merchant’s store(s) or use of the Services, or to confirm identities and improve and personalize our interactions and services. We may use this information in other cases where the Merchant has given express consent or when we are legally obliged to do so.

3.2 Use of User Information. We use this information as a Processor to provide the Services to Merchants, support and process orders, and to comply with legal requirements like managing risk and fraud. The Merchant is the Controller of this information and Users who have questions about our use of this information should contact the Merchant. We may also use certain information as a Controller to improve and personalize the Services when we have the legal basis to do so and to comply with a legal requirement like manage risk and fraud.

3.3 Use of Partner Information. We use this information as a Controller to provide Partners with the Services, confirm identities, provide support, for advertising and marketing, invoicing, to resolve incidents related to the use of the Services, to improve and personalize the Services, and to comply with legal requirements. We may use this information in other cases where the Partner has given express consent.

3.4 Use of Visitor Information. We use this information as a Controller to provide the Services, and improve and personalize communications, interactions with the Services, to provide support, if needed, and to comply with legal requirements. We may use this information in other cases where the visitor has given express consent.

3.5 Promotional. We may send promotional communications to existing Merchants and Partners and to prospective customers who give consent by email, phone, and other channels. For example, we may notify a Merchant when a subscription is ending. You can opt-out of receiving promotional communications from us at any time.

4. How We Share Your Information.

4.1 Information Sharing. The Services are possible because of a variety of third parties and service providers. Sometimes it is necessary to share Merchant, Partner, User or visitor Personal Data with them to support the Services. We may access, transfer, disclose, and/or retain that Personal Data with consent or in the following circumstances.

4.2 Compliance. If we have a good faith belief that doing so is necessary to comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies.

4.3 Protection. If we have a good faith belief that doing so is necessary to: (i) protect Merchants, Partners, Users, or visitors; for example, to prevent spam or attempts to defraud us or users of the Services, or in response to threats of safety of any person; (ii) protect the rights or property of Ecwid, including enforcing the terms governing the use of the Services; or (iii) operate and maintain the security of the Services, including to prevent or stop an attack on our computer systems or networks.

4.4 Affiliates. We share Personal Data among Ecwid-controlled affiliates and subsidiaries for the purposes described in this Privacy Policy.

4.5 Service Providers. Ecwid may use from time to time a limited number of third-party service providers, data processors, contractors, and other businesses to assist us in providing the Services for the purposes described in this Privacy Policy.

4.6 Payment Processing. We share payment data with banks and other entities that process payment transactions or provide other financial services, and for fraud prevention and credit risk reduction.

4.7 Apps. Upon receiving a Merchant’s consent to install an application, we will share the Merchant’s Contact Information and other information requested by the app with the app Partner.

4.8 Merger; Sale. We may also disclose Personal Data as part of a sale of assets or if we merge with or are acquired by another company.

5. Cookies.

5.1 Usage. Ecwid and its third-party service providers use cookies, web beacons, and similar tracking technologies to recognize you when you visit our website, remember your preferences, and give you a personalized experience. When you visit our websites, we, or an authorized third party, may place a cookie on your device that collects information, including Personal Data, about your online activities over time and across different sites. Cookies allow us to track use, infer browsing preferences, and improve and customize your browsing experience.

5.2 Persistence. We use both session-based and persistent cookies on our websites. Persistent cookies remain on your computer when you have gone offline, while session cookies are deleted as soon as you close your web browser. A website may set a cookie if the browser’s preferences allow it. A browser only permits a website to access the cookies that it has set, not those set by other websites.

5.3 Types of Cookies include: essential cookies which are necessary for our website to work as intended; functional cookies which enable enhanced functionality, like videos and live chat, without these cookies, certain functions may become unavailable; analytic cookies which provide statistical information on site usage which allow us to improve our website over time; targeting and advertising cookies which are used to create profiles or personalize content to enhance your experience.

5.4 Control. It is possible to disable cookies through your device or browser settings, but doing so may affect your ability to use our website. For instance, we may not be able to recognize your computer or mobile device and you may need to log in every time you visit our website. The method for disabling cookies may vary by device and browser, but can usually be found in preferences or security settings.

5.5 Other Resources. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit allaboutcookies.org, or aboutcookies.org.

6. Information Protection.

6.1. We maintain administrative, technical, and physical security measures designed to provide reasonable protection for Personal Data against unauthorized access, disclosure, alteration, loss, and misuse. The ways we do this include (i) using Secure Sockets Layer (SSL) software, which encrypts information you input during transmission; (ii) following Payment Card Industry Data Security Standard (PCI DSS) when handling credit card data; (iii) maintaining physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of Personal Data. Unfortunately, no method of Internet use, data transmission, or electronic storage is completely secure, so we cannot guarantee the absolute security of Personal Data.

6.2 While we are dedicated to securing the Services, you are responsible for securing and maintaining the privacy of your passwords and account information. We are not responsible for protecting Personal Data shared with a third-party based on an account connection that you have authorized.

7. Accountability and Safeguards for Onward Transfer.

7.1 Data Processors. We will only share or disclose Personal Data to the Processors listed on Ecwid website, which are contractually obligated to provide at least the same level of privacy protection as the one described in the present privacy policy and as required by the principles underlying the Privacy Shield. Furthermore, we will obligate any Processor to the specified, explicit and legitimate purposes consistent with your consent.

7.2 Remedial Measures. If we learn Personal Data is not protected according to our contract, or is being processed beyond your consent, we will take reasonable steps to protect your information and/or cease its illegitimate processing.

7.3 Privacy Shield. We provide services around the world. To provide the Services, it may be necessary to transmit Personal Data outside of the country, state, or province where the data was received. While the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework may no longer be used or relied upon for transfer of personal information, we will continue to comply with all EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework obligations. To learn more about the Privacy Shield program, or to view Ecwid’s certification, please see https://www.privacyshield.gov/. 

7.4 Standard Contractual Clauses. For third-country transfer outside the EU/EEA we also use the Standard Contractual Clauses adopted by the EU Commission as an adequate level of protection.

8. Legal Basis for Processing (EU visitors only).

8.1 Lawful Basis. We collect Personal Data from you only where (i) necessary for a specific purpose such as to perform a contract with you, (ii) the processing is in our legitimate interests and not overridden by your rights, or (iii) we have your consent. In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.

8.2 Notice. If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not, as well as of the possible consequences if you do not provide your personal information.

8.3 Legitimate Interest. If we collect and use your personal information in reliance on our legitimate interests (or those of any third party), we will make clear to you at the relevant time what those legitimate interests are. For instance, we may rely on our legitimate interests when responding to your queries, improving and personalizing the Services or undertaking marketing (when we can do so in accordance to our legitimate interest) or for the purposes of detecting or preventing illegal activities (e.g. checking your identity, fraud prevention).

8.4 Questions. If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided below.

9. Your Choices.

9.1 Generally. You can exercise rights over your Personal Data against the Controller. We provide reasonable steps to allow you to access, rectify, erase, port, or restrict the use of your Personal Data. You have the right to object to the use of your Personal Data at any time, subject to applicable law. When collection is based on your consent, you have the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal by applicable law. If applicable by national law, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data relating infringes your rights.

9.2 Merchants, Partners, and Visitors. Merchants and Partners can update many types of collected Personal Data directly within their accounts. Please contact us if you are a visitor or otherwise unable to access or otherwise change your Personal Data within your account.

9.3 Users. We serve as a Processor for Merchants. Users may wish to contact Merchants directly regarding their Personal Data. We can forward User requests for access or deletion to Merchants, but we are unable to delete Merchant data. Requests for deletion of Personal Data may adversely affect our ability to serve you.

 

10. Contact Information; Enforcement; Recourse. If you would like to ask about, make a request relating to, or complain about how we process your Personal Data, you can contact as follows:

privacy@ecwid.com or 

Ecwid, Inc.Attention: Privacy
687 S. Coast Highway 101, Suite 239
Encinitas, California 92024 USA

 

11. Children/ U.S. Children’s Privacy. The Services are not directed to users below the age of 18 years, or equivalent minimum age in the relevant jurisdiction. If you are younger than 18, you cannot register with and use this websites or online services. Ecwid does not knowingly collect the Personal Data of children under the age of 13 in the U.S. and 16 in the EU. If you are a parent or guardian and believe Ecwid collected information about a child, please contact Ecwid as described in this Privacy Statement. Ecwid will take steps to delete the information as soon as possible.

12. California Consumer Privacy Act (CCPA)

12.1 Generally. The California Consumer Privacy Act (“CCPA”) requires us to provide California residents with some additional information about the categories of personal information we collect and share, where we get that personal information, and how and why we use it.

12.2 Categories of Information Collected. The CCPA requires us to provide a list of the “categories” of personal information we collect, as that term is defined in the law. In the last 12 months, we collected the following categories of personal information from California residents, depending on the Services used: (a) identifiers (like your name, contact information, and device and online identifiers); (b) commercial information (your billing information and purchase history, for example); (c) internet or other electronic network activity information (such as your usage of the Services;(d) geolocation data (such as your location based on your IP address); (e) financial information, such as Payment Information; and (f) other Personal Information, such as Support Information.

12.3 Your CCPA Rights. If you are a California resident, you have additional rights under the CCPA, subject to any exemptions provided by the law, including the right to: (a) request to know the categories of personal information we collect, the categories of business or commercial purpose for collecting and using it, the categories of sources from which the information came, the categories of third parties we share it with, and the specific pieces of information we collect about you; (b) request deletion of personal information we collect or maintain; (c) opt out of any sale of personal information; and (d) not receive discriminatory treatment for exercising your rights under the CCPA. If you wish to do any of the foregoing please contact Ecwid as provided above.

12.4 No Sales. We have not sold any personal information of consumers, as those terms are defined under the California Consumer Privacy Act.

 

13. Updates. We may update this Privacy Policy from time to time in response to changing legal, technical or business developments. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Policy changes if and where this is required by applicable data protection laws. You can see when this Privacy Policy was last updated by checking the “Date of Last Revision” date displayed at the top of this Privacy Policy.

We use cookies and similar technologies to remember your preferences, measure effectiveness of our campaigns, and analyze depersonalized data to improve performance of our site. By choosing «Accept», you consent to the use of cookies.