Privacy Policy

This Privacy Policy describes how Loomi™ (the “Site” or “We”) collects, uses, and discloses your Personal Information when you visit or make a purchase from the Site.

Contact

After reviewing this policy, if you have additional questions, want more information about our privacy practices, or would like to make a complaint, please contact us by e-mail or using our contact page.

Collecting Personal Information

When you visit the Site, we collect certain information about your device, your interaction with the Site, and information necessary to process your purchases. We may also collect additional information if you contact us for customer support. In this Privacy Policy, we refer to any information about an identifiable individual (including the information below) as “Personal Information”. See the list below for more information about what Personal Information we collect and why.

• Device information
• Purpose of collection: to load the Site accurately for you, and to perform analytics on Site usage to optimize our Site.
• Source of collection: Collected automatically when you access our Site using cookies, log files, web beacons, tags, or pixels
• Disclosure for a business purpose: shared with our processor provider
• Personal Information collected: version of web browser, IP address, time zone, cookie information, what sites or products you view, search terms, and how you interact with the Site
• Order information
• Purpose of collection: to provide products or services to you to fulfill our contract, to process your payment information, arrange for shipping, and provide you with invoices and/or order confirmations, communicate with you, screen our orders for potential risk or fraud, and when in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
• Source of collection: collected from you.
• Disclosure for a business purpose: shared with our processor provider
• Personal Information collected: name, billing address, shipping address, payment information (including credit card numbers, email address, and phone number.
• Customer support information
• Purpose of collection:
• Source of collection:
• Disclosure for a business purpose:
• Purpose of collection: to provide customer support.
• Source of collection: collected from you

Minors

The Site is not intended for individuals under the age of 15. We do not intentionally collect Personal Information from children. If you are the parent or guardian and believe your child has provided us with Personal Information, please contact us at the address above to request deletion.

Sharing Personal Information

We share your Personal Information with service providers to help us provide our services and fulfill our contracts with you, as described above. For example:

• We may share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.

Behavioural Advertising

As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For example:

• We use Google Analytics to help us understand how our customers use the Site. You can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
• We share information about your use of the Site, your purchases, and your interaction with our ads on other websites with our advertising partners. We collect and share some of this information directly with our advertising partners, and in some cases through the use of cookies or other similar technologies (which you may consent to, depending on your location).
• We use site Audiences to help us show ads on other websites with our advertising partners to buyers who made purchases with other site merchants and who may also be interested in what we have to offer. We also share information about your use of the Site, your purchases, and the email address associated with your purchases with site Audiences, through which other site merchants may make offers you may be interested in.

For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at https://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.

You can opt out of targeted advertising by:

FACEBOOK - https://www.facebook.com/settings/?tab=adsGOOGLE - https://www.google.com/settings/ads/anonymous

• BING - https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads

Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: https://optout.aboutads.info/.

Using Personal Information

We use your personal Information to provide our services to you, which includes: offering products for sale, processing payments, shipping and fulfillment of your order, and keeping you up to date on new products, services, and offers.

Lawful basis

Pursuant to the General Data Protection Regulation (“GDPR”), if you are a resident of the European Economic Area (“EEA”), we process your personal information under the following lawful bases:

• Your consent;
• The performance of the contract between you and the Site;
• Compliance with our legal obligations;
• To protect your vital interests;
• To perform a task carried out in the public interest;
• For our legitimate interests, which do not override your fundamental rights and freedoms.

Retention

When you place an order through the Site, we will retain your Personal Information for our records unless and until you ask us to erase this information. For more information on your right of erasure, please see the ‘Your rights’ section below.

Automatic decision-making

If you are a resident of the EEA, you have the right to object to processing based solely on automated decision-making (which includes profiling), when that decision-making has a legal effect on you or otherwise significantly affects you.

We engage in fully automated decision-making that has a legal or otherwise significant effect using customer data.

Our processor provider uses limited automated decision-making to prevent fraud that does not have a legal or otherwise significant effect on you.

Services that include elements of automated decision-making include:

• Temporary blacklist of IP addresses associated with repeated failed transactions. This blacklist persists for a small number of hours.
• Temporary blacklist of credit cards associated with blacklisted IP addresses. This blacklist persists for a small number of days.

Your rights

GDPR

Depending on where you live, you may have some or all of the rights listed below in relation to your personal information. However, these rights are not absolute, may apply only in certain circumstances and, in certain cases, we may decline your request as permitted by law.

• Right to Access / Know. You may have a right to request access to personal information that we hold about you.
• Right to Delete. You may have a right to request that we delete personal information we maintain about you.
• Right to Correct. You may have a right to request that we correct inaccurate personal information we maintain about you.
• Right of Portability. You may have a right to receive a copy of the personal information we hold about you and to request that we transfer it to a third party, in certain circumstances and with certain exceptions.
• Right to Opt out of Sale or Sharing for Targeted Advertising. Depending on where you reside, you may have a right to opt out of the "sale" or "share" of your personal information or to opt out of the processing of your personal information for purposes considered to be "targeted advertising", as defined in applicable privacy laws. You can exercise your rights to opt-out of those uses here. Please note that if you visit our website with the Global Privacy Control opt-out preference signal enabled, depending on where you are, we will automatically treat this as a request to opt-out for the device and browser that you use to visit the website. If we are able to associate the device sending the signal to a Shopify account, we will apply the opt out request to the account as well. To learn more about Global Privacy Control, you can visit https://globalprivacycontrol.org/. Other than the Global Privacy Control, we do not recognize other "Do Not Track" signals that may be sent from your web browser or device.
• Managing Communication Preferences. We may send you promotional emails, and you may opt out of receiving these at any time by using the unsubscribe option displayed in our emails to you. If you opt out, we may still send you non-promotional emails, such as those about your account or orders that you have made.

Persons who are residents of any of the member countries of the European Union (“EU”), residents of the United Kingdom (the “UK”) or are other data subjects covered by either the EU’s General Data Protection Regulation, (EU) 2016/679 (the “EU GDPR”) or the United Kingdom GDPR (the “UK GDPR”, and collectively with the EU GDPR, the “GDPR”) have certain additional privacy rights under applicable law. The following provisions of this Privacy Policy provide an overview of these additional rights.

Legal Bases for Processing Personal Information

When processing your personal information, the Company may rely on one or more of the following legal bases (or other available legal grounds), depending on the circumstances:

• Legitimate Interests. We may process your personal information where the Company has a legitimate interest in such processing for managing, operating or promoting our business, and that legitimate interest is not overridden by your interests, fundamental rights or freedoms.
• Consent. We may process your personal information where the Company has obtained your consent to the processing.
• Contractual Necessity. We may process your personal information where such processing is necessary in connection with any contract that the Company has with you.
• Legal Requirements. We may process your personal information where such processing is required by applicable law.
  

Disclosures to Third Parties

Your personal information will not be disclosed to third parties except for where it is necessary for fulfillment of the Company’s obligations to you or where the Company is obliged or permitted to do so by law (including, without limitation, through the terms of any agreement the Company may have with you), or where the Company makes disclosures that are otherwise consistent with the uses described in this Policy.

The Company may also disclose any information (including personal information) relating to you to law enforcement authorities or any regulatory or government authority in response to any request including requests in connection with the investigation of any suspected illegal activities.

The Company reserves the right to transfer any personal information the Company has about you in the event the Company sells or transfers all or a portion of our business or assets, or merges with another organization. Should such a sale, transfer or merger occur, the Company will use reasonable efforts seeking to require that the transferee uses personal information you have provided to the Company in a manner that is consistent with this Policy.

We will not sell, resell or lease your personal information to any third parties but the Company may, if required for the purpose(s) for which your personal information was collected and processed, share it with the Company partners and/or service providers to enable them to provide their services to the Company or to you, as applicable. The foregoing are in addition to the other uses described elsewhere in this Policy.

Security of Personal Information of EU and UK Residents

The Company has policies and technical and organizational measures in place which are intended to help safeguard and protect your personal information against unauthorized access, accidental loss, improper use and disclosure. However, you should be aware that information transmitted over the internet is not completely secure because of the nature of the internet and that systems and measures used to secure information are not flawless. For these reasons, although the Company will use reasonable efforts to protect your personal information, the Company does not warrant the security of personal information transmitted to the Company or stored by the Company, and personal information that is transmitted to the Company by you electronically is done at your own risk.

Retention of Personal Information of EU and UK Residents

Our policy is to retain your personal information only for as long as is necessary to fulfill the purposes for which the Company collected such personal information, including for the purposes of satisfying any professional, legal, accounting or reporting requirements to which the Company is subject. To determine the appropriate retention period for personal information, the Company considers the scope, nature and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of the personal information, the purposes for which the Company collected and processed your personal information and whether the Company can achieve those purposes through other means, and any applicable legal and professional requirements.

International Data Transfers

See Section N “International Data Transfers and Use of Third Parties” below, of this Policy for information concerning international transfers of personal information.

Your Rights as an EU or UK Resident

As a resident of the EU or the UK you have a number of rights concerning your personal information that the Company holds and uses, including the following:

• Right of Access. You have the right to be informed about what personal information the Company holds about you and to a copy of this personal information.
• Right to Rectification. You have the right to have any inaccurate personal information which the Company holds about you updated or corrected.
• Right to Erasure. In certain circumstances you may request that the Company delete the personal information that the Company holds about you.
• Right to Complain. You have the right to lodge a complaint regarding the processing of your personal information to an applicable governmental or supervisory authority in your country.
• Right to Withdraw Consent. Where processing of personal information is based on your consent, you have the right to withdraw such consent at any time.
• Right to Object. Where the Company relies on our legitimate interests to process your personal information, you have the right to object to such use and the Company is required to discontinue such processing unless the Company can demonstrate an overriding legitimate interest in such processing.
• Right to Restriction. You have the right to request that the Company stop using your personal information in certain circumstances including if you believe that the personal information the Company holds about you is inaccurate or that the Company’s use of your personal information is unlawful. If you validly exercise this right, the Company will store your personal information and will not carry out any other processing until the issue is resolved.

We will not discriminate against you for exercising any of these rights. We may need to verify your identity before we can process your requests, as permitted or required under applicable law. In accordance with applicable laws, you may designate an authorized agent to make requests on your behalf to exercise your rights. Before accepting such a request from an agent, we will require that the agent provide proof you have authorized them to act on your behalf, and we may need you to verify your identity directly with us. We will respond to your request in a timely manner as required under applicable law

Please note that we may transfer, store and process your personal information outside the country you live in.

If we transfer your personal information out of the European Economic Area or the United Kingdom, we will rely on recognized transfer mechanisms like the European Commission's Standard Contractual Clauses, or any equivalent contracts issued by the relevant competent authority of the UK, as relevant, unless the data transfer is to a country that has been determined to provide an adequate level of protection.

CCPA

If you are a resident of California, you have the right to access the Personal Information we hold about you (also known as the ‘Right to Know’), to port it to a new service, and to ask that your Personal Information be corrected, updated, or erased. If you would like to exercise these rights, please contact us through the contact information above. 

If you would like to designate an authorized agent to submit these requests on your behalf, please contact us at the address above.

Cookies

A cookie is a small amount of information that’s downloaded to your computer or device when you visit our Site. We use a number of different cookies, including functional, performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the site or browse from one page to another. Cookies also provide information on how people use the website, for instance whether it’s their first time visiting or if they are a frequent visitor.

The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing and persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and will expire between 30 minutes and two years from the date they are downloaded to your device.

You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our website may no longer be fully accessible.

Most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu. For more information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser’s help file or through such sites as: https://allaboutcookies.org.

Additionally, please note that blocking cookies may not completely prevent how we share information with third parties such as our advertising partners. To exercise your rights or opt-out of certain uses of your information by these parties, please follow the instructions in the “Behavioural Advertising” section above.

Do Not Track

Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.

Changes

We may update this Privacy Policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal, or regulatory reasons.

Complaints

As noted above, if you would like to make a complaint, please contact us by e-mail or by mail using the details provided under “Contact” above.

If you are not satisfied with our response to your complaint, you have the right to lodge your complaint with the relevant data protection authority. You can contact your local data protection authority, or our supervisory authority here