Your privacy is important to us. Therefore, we always collect and process personal data responsibly and with your privacy in mind. This privacy policy explains how Leo and Stripes Pty Ltd (“Leo & Stripes”, “we”, “us”, “our”) collects, uses and shares your personal data when you visit or make a purchase from www.leoandstripes.com (the “Site”). It also describes your rights and how to exercise them.

By accessing this Site, using features of this Site and submitting information to Leo & Stripes, you are bound by all terms and conditions in the Terms of Service and this privacy policy.

  1. Collecting Personal Information

When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information.”

We collect Device Information using the following technologies:

  • “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, see more under section 8 below.
  • “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
  • “Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Site.

Additionally, when you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, shipping address, payment information (including credit card numbers or other payment-related information), email address, and phone number. We refer to this information as “Order Information”.

When we talk about “Personal Information” in this privacy policy, we are talking about Device Information and Order Information.

  1. Using Personal Information

We use the Order Information that we collect generally to fulfil any orders placed on the Site (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations). Additionally, we use Order Information to:

  • communicate with you;
  • screen our orders for potential risk or fraud; and
  • when in line with the preferences you have shared with us, with your permission, send you emails about our store, new products, and other updates.

We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns). 

We may also use third-party advertising companies to serve or track ads on our Site and other sites. Third-party advertising companies may use non-personal information about your visits to this Site or other sites in order to provide advertising that may be of interest to you and to measure advertising effectiveness.

  1. Sharing Personal Information

We share your Personal Information with third parties to help us use the same. For example, our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your Personal Information is stored through Shopify’s data storage, databases, and the general Shopify application. They store your data on a secure server behind a firewall. You can read more about how Shopify uses your Personal Information here: https://www.shopify.com/legal/privacy.

We also use Google Analytics to help us understand how our customers use the Site. You can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.

Finally, we may share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful requests for information we receive, or to otherwise protect our rights.

Behavioural Advertising

As described above, we may use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work

You can opt out of targeted advertising by include opt-out links from whichever services being used. Common links include: 

Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal athttp://optout.aboutads.info/.

  1. Transferring Personal Information 

Third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy and no transfer of your personal data will take place to an organisation or a country unless there are adequate controls in place including the security of your data and other personal information.

  1. Payments

If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

It should be noted that payment gateways and other payment transaction processors have their own privacy policies with respect to the information we are required to provide to them for your purchase-related transactions. If you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.

Once you leave our Site or are redirected to a third-party website or application, you are no longer governed by this privacy policy or our Site's Terms of Service. When you click on links on our store, they may direct you away from our Site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.

  1. Collecting Consent

When you provide us with Personal Information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to us collecting it and using it for that specific reason only. If we ask for your personal information for a secondary reason, like marketing via our newsletter, we will either ask you directly for your expressed consent or provide you with an opportunity to say no. If you no longer wish to receive our newsletter you can, whenever you want, unsubscribe directly in the footer of the e-mail newsletter or contact us through the contact information below. 

  1. Withdrawing your Consent

If after you opt-in (i.e. allowed us to collect your Personal Information), you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time, by contacting us through the contact information below.

  1. Your Rights

You have the right, at any time, to access the Personal Information we hold about you and ask that it be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below. Nevertheless, we cannot delete your data when there is a statutory requirement for storage, such as accounting rules, or when there are other legitimate reasons why the data must be saved, such as unpaid debts. However, you may at all times revoke your consent to let us use your Personal Information for marketing purposes.

  1. Data Retention

When you place an order through the Site, we will maintain your Order Information for our records either until you ask us to delete this information or in accordance with applicable law.

  1. Cookies

A cookie is a small amount of information that’s downloaded to your computer or device when you visit our Site. We use a number of different cookies, including functional, performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the site or browse from one page to another. Cookies also provide information on how people use the website, for instance whether it’s their first time visiting or if they are a frequent visitor.

We use the following cookies to optimise your experience on our Site and to provide our services. 

Cookies Necessary for the Functioning of the Store:

Name

Function

Duration

_ab

Used in connection with access to admin.

2y

_secure_session_id

Used to track a user's session through the multi-step checkout process and keep their order, payment and shipping details connected.

24h

_shopify_country

For shops where pricing currency/country set from GeoIP, that cookie stores the country we've detected. This cookie helps avoid doing GeoIP lookups after the first request.

session

_shopify_m

Used for managing customer privacy settings.

1y

_shopify_tm

Used for managing customer privacy settings.

30min

_shopify_tw

Used for managing customer privacy settings.

2w

_storefront_u

Used to facilitate updating customer account information.

1min

_tracking_consent

Used to store a user's preferences if a merchant has set up privacy rules in the visitor's region.

1y

c

Used in connection with checkout.

1y

cart

Used in connection with shopping cart.

2w

cart_currency

Set after a checkout is completed to ensure that new carts are in the same currency as the last checkout.

2w

cart_sig

A hash of the contents of a cart. This is used to verify the integrity of the cart and to ensure performance of some cart operations.

2w

cart_ts

Used in connection with checkout.

2w

cart_ver

Used in connection with shopping cart.

2w

checkout

Used in connection with checkout.

4w

checkout_token

Used in connection with checkout.

1y

dynamic_checkout_shown_on_cart

Used in connection with checkout.

30min

hide_shopify_pay_for_checkout

Used in connection with checkout.

session

keep_alive

Used in connection with buyer localization.

2w

master_device_id

Used in connection with merchant login.

2y

previous_step

Used in connection with checkout.

1y

remember_me

Used in connection with checkout.

1y

secure_customer_sig

Used to identify a user after they sign into a shop as a customer so they do not need to log in again.

20y

shopify_pay

Used in connection with checkout.

1y

shopify_pay_redirect

Used in connection with checkout.

1 hour, 3w or 1y depending on value

storefront_digest

Stores a digest of the storefront password, allowing merchants to preview their storefront while it's password protected.

2y

tracked_start_checkout

Used in connection with checkout.

1y

checkout_one_experiment

Used in connection with checkout.

session

checkout_session_lookup

Used in connection with checkout.

3w

checkout_session_token_<<id>>

Used in connection with checkout.

3w

 

Reporting and Analytics

Name

Function

Duration

_landing_page

Track landing pages.

2w

_orig_referrer

Track landing pages.

2w

_s

Shopify analytics.

30min

_shopify_d

Shopify analytics.

session

_shopify_fs

Shopify analytics.

30min

_shopify_s

Shopify analytics.

30min

_shopify_sa_p

Shopify analytics relating to marketing & referrals.

30min

_shopify_sa_t

Shopify analytics relating to marketing & referrals.

30min

_shopify_y

Shopify analytics.

1y

_y

Shopify analytics.

1y

_shopify_evids

Shopify analytics.

session

_shopify_ga

Shopify and Google Analytics.

session

 

The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing and persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and will expire between 30 minutes and two years from the date they are downloaded to your device.

You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our website may no longer be fully accessible.

Most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu. For more information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser’s help file or through such sites as: www.allaboutcookies.org.

Additionally, please note that blocking cookies may not completely prevent how we share information with third parties such as our advertising partners. To exercise your rights or opt-out of certain uses of your information by these parties, please follow the instructions in the “Behavioural Advertising” section above.

Do Not Track

Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.

  1. Changes

We may update this Privacy Policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal, or regulatory reasons.

  1. Contact Us

If you would like to access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information, please contact us at hello@leoandstripes.com.