Vintage Vape Rooms Privacy Policy(GDPR Compliant)

This privacy policy has been compiled to better serve those who are concerned with how their ‘Personally Identifiable Information’ (PII) is being used online. PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website and all the new General Data Protection Regulation(GDPR) regulations.

What personal information do we collect from the people that visit our blog, website or app?

When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, mailing address, phone number or other details to help you with your experience.

When do we collect information?

We collect information from you when you register on our site, place an order, subscribe to a newsletter, respond to a survey, fill out a form or enter information on our site. Provide us with feedback on our products or services.

How do we use your information?

We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:

To personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested.

  • To improve our website in order to better serve you.
  • To allow us to better service you in responding to your customer service requests.
  • To administer a contest, promotion, survey or other site feature.
  • To quickly process your transactions.
  • To ask for ratings and reviews of services or products
  • To follow up with them after correspondence (live chat, email or phone inquiries)

How do we protect your information?

Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible. We use regular Malware Scanning.

Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.

We implement a variety of security measures when a user places an order enters, submits, or accesses their information to maintain the safety of your personal information.

All transactions are processed through a gateway provider and are not stored or processed on our servers.

We prepared for the General Data Protection Regulation (GDPR) by the European Union

This implies new requirements concerning the processing of personal data within the EU. We welcome this change, and the updates on our Privacy Policy reflects the transparency required by the law.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

A simple Data Request tool

We’ve made it easy for you to request your data. Simply email info@vintagevaperooms.com (mailto:info@vintagevaperooms.com) and we will begin the process of sending you the data we hold.

Data Erasing tool

You can now request us to erase your account and all the data by emailing info@vintagevaperooms.com (mailto:info@vintagevaperooms.com)

Do we use ‘cookies’?

Yes. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the site’s or service provider’s systems to recognize your browser and capture and remember certain information. For instance, we use cookies to help us remember and process the items in your shopping cart. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

We use cookies to:

  • Help remember and process the items in the shopping cart.
  • Understand and save user’s preferences for future visits.
  • Compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future.

We may also use trusted third-party services that track this information on our behalf.

You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since the browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.

If you turn cookies off it won’t affect the user’s experience.

If you leave a comment on our site you may opt-in to save your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Embedded Content

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

What we collect and store

While you visit our site, we’ll track:

  • Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
  • Location, IP address and browser type: we’ll use this for purposes of estimating taxes and shipping
  • Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!

We’ll also use cookies to keep track of cart contents while you’re browsing our site.

When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:

  • Send you information about your account and order
  • Respond to your requests, including refunds and complaints
  • Process payments and prevent fraud
  • Set up your account for our store
  • Comply with any legal obligations we have, such as calculating taxes
  • Improve our store offerings
  • Send you marketing messages, if you choose to receive them

If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.

We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for 6 years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.

We will also store comments or reviews if you choose to leave them.

Who on our team has access

Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:

  • Order information like what was purchased, when it was purchased and where it should be sent, and
  • Customer information like your name, email address, and billing and shipping information.

Our team members have access to this information to help fulfil orders, process refunds and support you.

What we share with others

We share information with third parties who help us provide our orders and store services to you; for example —

Third-party disclosure

We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when it’s release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property or safety.

However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.

Third-party links

We do not include or offer third-party products or services on our website.

Google

Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users. https://support.google.com/adwordspolicy/answer/1316548?hl=en

We use Google AdSense Advertising on our website.

Google, as a third-party vendor, uses cookies to serve ads on our site. Google’s use of the DART cookie enables it to serve ads to our users based on previous visits to our site and other sites on the Internet. Users may opt-out of the use of the DART cookie by visiting the Google Ad and Content Network privacy policy.

We have implemented the following:

      • Google Display Network Impression Reporting
      • Demographics and Interests Reporting

We, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website.

Opting out:

Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt-Out page or by using the Google Analytics Opt-Out Browser Add-on.

MailChimp

We use MailChimp to help us better understand your needs so we can personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested. We don’t want you missing out on our latest products, promotions and offers, so would like to be able to stay in touch with you with information about them. For example information about the latest liquid lines released by Vintage Vape Rooms, offers such as free shipping and bundle deals, new information and trends in the industry.

Displaying content from external platforms

This type of service allows you to view content hosted on external platforms directly from the pages of this Website and interact with them.

This type of service might still collect web traffic data for the pages where the service is installed, even when Users do not use it.

Instagram widget (Instagram, Inc.)

  • Instagram is an image visualization service provided by Instagram, Inc. that allows this Website to incorporate the content of this kind on its pages.
  • Personal Data collected: Cookies and Usage Data.
  • Place of processing: United States – Privacy Policy.

Vimeo video (Vimeo, LLC)

  • Vimeo is a video content visualization service provided by Vimeo, LLC that allows this Website to incorporate the content of this kind on its pages.
  • Personal Data collected: Cookies and Usage Data.
  • Place of processing: United States – Privacy Policy.

YouTube video widget (Google Inc.)

  • YouTube is a video content visualization service provided by Google Inc. that allows this Website to incorporate the content of this kind on its pages.
  • Personal Data collected: Cookies and Usage Data.
  • Place of processing: United States – Privacy Policy. Privacy Shield participant.

Interaction with external social networks and platforms

This type of service allows interaction with social networks or other external platforms directly from the pages of this Website.

The interaction and information obtained through this Website are always subject to the User’s privacy settings for each social network.

This type of service might still collect traffic data for the pages where the service is installed, even when Users do not use it.

Facebook Like button and social widgets (Facebook, Inc.)

  • The Facebook Like button and social widgets are services allowing interaction with the Facebook social network provided by Facebook, Inc.
  • Personal Data collected: Cookies and Usage Data.
  • Place of processing: United States – Privacy Policy. Privacy Shield participant.

Twitter Tweet button and social widgets (Twitter, Inc.)

  • The Twitter Tweet button and social widgets are services allowing interaction with the Twitter social network provided by Twitter, Inc.
  • Personal Data collected: Cookies and Usage Data.
  • Place of processing: United States – Privacy Policy. Privacy Shield participant.

PayPal button and widgets (PayPal Inc.)

  • The PayPal button and widgets are services allowing interaction with the PayPal platform provided by PayPal Inc.
  • Personal Data collected: Cookies and Usage Data.
  • Place of processing: See the PayPal privacy policy – Privacy Policy.

SPAM protection

This type of service analyzes the traffic of this Website, potentially containing Users’ Personal Data, with the purpose of filtering it from parts of traffic, messages and content that are recognized as SPAM.

Google reCAPTCHA (Google Inc.)

  • Google reCAPTCHA is a SPAM protection service provided by Google Inc.
  • The use of reCAPTCHA is subject to the Google privacy policy and terms of use.

Personal Data collected: Cookies and Usage Data.

  • Place of processing: United States – Privacy Policy. Privacy Shield participant.

California Online Privacy Protection Act

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting Personally Identifiable Information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared. – See more at http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf

According to CalOPPA, we agree to the following:

Users can visit our site anonymously.

Once this privacy policy is created, we will add a link to it on our homepage or at a minimum, on the first significant page after entering our website.

Our Privacy Policy link includes the word ‘Privacy’ and can easily be found on the page specified above.

You will be notified of any Privacy Policy changes:

  • On our Privacy Policy Page

Can change your personal information:

  • By emailing us
  • By calling us
  • By logging in to your account

How does our site handle Do Not Track signals?

We honour Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.

Does our site allow third-party behavioural tracking?

It’s also important to note that we do not allow third-party behavioural tracking

COPPA (Children Online Privacy Protection Act)

When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.

We do not specifically market to children under the age of 13 years old

Fair Information Practices

The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:

We will notify you via email

  • Within 3 business days
  • We will notify the users via in-site notification
  • Within 3 business days

We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.

CAN-SPAM Act

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

We collect your email address in order to:

  • Send information, respond to inquiries, and/or other requests or questions
  • Process orders and to send information and updates pertaining to orders.
  • Send you additional information related to your product and/or service
  • Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.

To be in accordance with CAN-SPAM, we agree to the following:

  • Not use false or misleading subjects or email addresses.
  • Identify the message as an advertisement in some reasonable way.
  • Include the physical address of our business or site headquarters.
  • Monitor third-party email marketing services for compliance, if one is used
  • Honour opt-out/unsubscribe requests quickly.
  • Allow users to unsubscribe by using the link at the bottom of each email.

If at any time you would like to unsubscribe from receiving future emails, you can email us at and we will promptly remove you from ALL correspondence.

  • Follow the instructions at the bottom of each email.

GDPR Compliant

The new GDPR regulations come into effect on the 25th MAY 2018As a business, we are continuously working to ensure our GDPR compliance, as well as being responsive to any late amendments/revisions to the Regulations. Changes we have made for the 25th May deadline:

  • Appointment of a GDPR project task team
  • Update to our websites Privacy & Cookies policies (How we handle your information)
  • Update to our website’s Terms & Conditions
  • Making it easier for our customers to update marketing preferences
  • Review of our own processes to ensure correct and lawful processing
  • Data breach reporting processes

Definitions and legal references

Personal Data (or Data)

Any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification or identifiability of a natural person.

Usage Data

Information collected automatically through this Website (or third-party services employed in this Website), which can include: the IP addresses or domain names of the computers utilized by the Users who use this Website, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User’s IT environment.

User

The individual using this website who, unless otherwise specified, coincides with the Data Subject.

Data Subject

The natural person to whom the Personal Data refers.

Data Processor (or Data Supervisor)

The natural or legal person, public authority, agency or other bodies which processes Personal Data on behalf of the Controller, as described in this privacy policy.

Data Controller (or Owner)

The natural or legal person, public authority, agency or other bodies which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of this Website. The Data Controller, unless otherwise specified, is the Owner of this Website.

This Website (or this Application)

The means by which the Personal Data of the User is collected and processed.

Service

The service provided by this Website as described in the relative terms (if available) and on this site/application.

European Union (or EU)

Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.

Cookies

Small sets of data stored in the User’s device.

Contacting Us

If there are any questions regarding this privacy policy, you may contact us using the information below.

Vintage Vape Rooms
3 Fownes Street, Temple Bar
Dublin, Dublin A63 AH98
Ireland
087 1193 356
Web: https://vintagevaperooms.com
Email: info@vintagevaperooms.com


Legal information

This privacy statement has been prepared based on provisions of multiple legislations, including Art. 13/14 of Regulation (EU) 2016/679 (General Data Protection Regulation).

This privacy policy relates solely to this Website, if not stated otherwise within this document.

Last Edited on 2018-05-23