Last Updated: Jan 26, 2021
Introduction and General Terms
Decorebay is a "Data Controller" which is a legal term which means we make decisions regarding how and why we collect and use your personal data. As the "Data Controller" we are responsible for ensuring that your Personal Information is only used for the purposes on which it was originally collected and in compliance with all applicable data protection laws. We are also responsible to ensure that any third party that we authorize to process the data on our behalf, known as "Data Processors," also follow these standards and use the data only for these same reasons.
We take the privacy of our Customers very seriously. We never share the information of our Customers under any circumstances, unless it is required to complete the transaction contracted with our Customer. In addition, we require our Customers, where applicable, to undertake to respect the European Union General Data Protection Regulation (GDPR).
The Purpose of this Policy
It explains the Legal Basis that Decorebay has in processing your personal data, how and what data we collect about you and what we do with that data. This policy will also inform you of your data privacy rights, and how you can exercise those rights.
In this policy, when we talk about "Personal Information", we are referring to any information that relates to you as an identifiable natural person such as your name, email address, mailing address, telephone number etc.
When we talk about the Site we mean the Decorebay website www.decorebay.com.
Legal Basis for Collecting and Processing Data
As part of our GDPR compliance program, we are required to provide EEU Data Subjects information about why we collect and process their Personal and Sensitive data. We collect and use your Personal Information for a range of different business purposes and according to different Legal Bases of processing. The following is detail of how and according to which Legal Basis we use your Personal Information.
The Information We Collect and How We Collect That Information
Types of Personal Information We Collect:
In connection with access to our Services, when you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, shipping address, payment information (including credit card numbers) email address, and phone number. We refer to this information as “Order Information.”
Personal Information You Give Us When You Use Our Service or Register an Account With Us:
We collect or otherwise receive information when you register or open an account, sign in, pay fees, purchase or otherwise use a Service, call us for support, or give us feedback. We may also obtain information from other companies or third parties, such as when we may use service providers to supplement the Personal Information you give us (e.g., validate your mailing address) to help us maintain the accuracy of your data and provide you with better service. We may collect content or other information that you may provide or create when you interact with our Services.
NOTE: If you give us Personal Information about someone else, including our social media Platforms and reviews and comments on our websites, you must do so only with that person's authorization. You should inform them how we collect, use, disclose, and retain their Personal Information according to our privacy notice.
Personal Information Automatically Collected When You Use Our Service or Register an Account With Us:
When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically collected information as “Device Information.”
Personal Information Collected Using Cookies and Other Similar Technologies
Generally, we use these tracking technologies to:
- Fulfill your requests for products and services and improve our services.
- Remind us of who you are on return visits in order to deliver to you a better and more personalized service. This cookie is set when you first visit the Site.
- Estimate our audience size and measure traffic patterns. Each browser accessing Decorebay is given a unique cookie which is then used to determine the extent of repeat usage and usage by a registered user versus by an unregistered user.
- Track the number of entries in our promotions.
Customize the advertising and content you see.
“Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
“Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Site.
How Do We Use Your Personal Information
Fulfill a Sales Order or Contract and Provision of Services:
We may use your information, including your Personal Information to fulfil sales and provide you with our Services. This includes the following:
- To manage your registration as a user on the Site. This helps us identify you as a user, and offers you access to different functionalities, and a better experience.
- To complete business transactions and fulfill orders (online or in our store). This involves sending your Personal Information to our partners for shipping and tracking your purchases.
- To process payments. We do not store or capture any credit card information. This information is collected directly by our payment processing partners. Since this information is collected from our site and from you, our customer, we would like to inform you about its collection.
- To update you with order status, shipping and tracking information.
- To provide you with the best quality of customer service via our chat, email and phone lines.
- To provide you with services related to the warranty of your purchase, usually provided through our warranty partners or sometimes directly from the manufacturer of your purchased product.
- To provide you with important information about your purchased product including any updates or other manufacturer notices.
- To ask you to review your purchase, your experience on our Platform and review us as a company.
- To detect, prevent, mitigate and investigate fraud, or other criminal or potentially prohibited activities.
Collecting Information for our Legitimate Interests:
We may use your personal data to pursue our Legitimate Interests where your rights and freedoms do not outweigh those interests. We have implemented controls to balance our interests with your rights. Our use of your Personal Data for our Legitimate Interest includes:
- Improving our services; for example, reviewing information associated with non-functioning pages or links, so we can fix them and give you a frustration-free experience on our Platform.
- Personalize, measure and improve our advertising based on your activities on our Platform.
- Contact you view email, push notifications on your browser and mobile app and by SMS/text message to offer you information about your purchased products, our products, sales, offers, and services.
- Measure the performance of our marketing campaigns; for example, analyzing the open and click rates of an email campaign.
- To serve you better, we may combine the information you provide us online, in our superstore and through our catalogs to improve your overall shopping experience, for example analyzing browsing behavior to create a better navigation menu, so you need fewer clicks to get to your product of choice.
- Contact you by email, telephone or SMS, or other equivalent forms of electronic communication, such as the app's push notifications etc., regarding updates or informative communications related to the functionalities, products or contracted services, including Platform security updates, when necessary or reasonable for their implementation.
- To respond to your posts, comments and provide customer service on our Platform and other social media Platforms including but not limited to Twitter, Facebook, Instagram.
- To provide customer service to you via chat and email.
- Measure the performance of our Customer Service associates.
- To verify product and customer experience reviews left on the Site provide a truthful assessment of our services and merchandise.
- For the internal management and audit of business operations and financials.
How We Share Your Personal Information
From time to time, we may need to share your Personal Information with others.
Third Party Service Providers:
We may share your information, including Personal Information and Usage Data, with third party service providers who perform various functions to enable us to provide our Services and help us operate our business, such as website design, sending email communications, telephone communication, SMS (text messaging), advertising, fraud detection and prevention, customer care, third-party surveys, order management, customer service or performing analytics. These companies are authorized to use your personal information only as necessary to provide these services to us. Our contracts with these third parties require them to maintain the confidentiality of the Personal Information we provide to them, only act on our behalf and under our instructions, and not use Personal Information for purposes other than the product or service they're providing to us or on our behalf.
We share your Personal Information with third parties to help us use your Personal Information, as described above. For example, we use Shopify to power our online store--you can read more about how Shopify uses your Personal Information here: https://www.shopify.com/legal/privacy. We also use Google Analytics to help us understand how our customers use the Site--you can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
Response to Subpoenas and Other Legal Requests:
We may share your information with courts, law enforcement agencies, or other government bodies when we have a good faith belief that we are required or permitted to do so by law, including to meet national security or law enforcement requirements, to protect our company, or to respond to a court order, subpoena, search warrant, or other law enforcement request.
To Comply with Other legal obligations:
To comply with all relevant tax and financial reporting requirements and regulations
- To deal with requests form you to exercise your Data Subject access rights
- To monitor activities and safeguard your welfare on our Platform and premises
- To protect you, ourselves and our employees through appropriate legal action against third parties who have committed a criminal act or are in breach of their legal obligations.
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
You can opt out of targeted advertising by:
Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at http://optout.aboutads.info/.
What You Can do to Manager Your Privacy
Updating Your Personal Information:
In connection with your right to manage your Personal Information you provide to us, you may access, update, change, correct or request deletion of your information either through the Service or through our customer support. You can reach our customer support by using the contact information provided in the "How to Contact Us" section of this Policy. We will respond to your request within a reasonable time frame.
Managing Marketing Communications from Us:
We will honor your choices when it comes to receiving marketing communications from us.
You have the following choices if you have been receiving marketing communications from us that you no longer wish to receive:
- You may contact the Site at any time to request that your information not be shared with third parties or set preferences when you place an order with us. Please note that requesting that your information not be shared/removed/deleted may mean that we are unable to proceed with the order and may have to cancel the transaction to comply with the request.
- You can opt-out of marketing emails by simply unsubscribing from the mailing list.
- Remember that even if you choose not to receive marketing communications from us, we will continue to send you mandatory service or transactional communications.
European Union data subjects will only receive marketing communications from Decorebay or Third Parties, if they affirmatively opt-in to such communication, upon initiating service or at another time.
Cookies and Other Tracking Technologies
If you are uncomfortable having a cookie placed on your system, you may elect to turn off the cookie or delete existing cookies in your browser. If you turn off or delete the Decorebay cookie, you may not be able to receive special offers or personalized content from the Site.
Technologies such as cookies, or similar technologies, are used by the Site and our partners (e.g., network advertising partners), affiliates, or analytics or service providers (e.g., online customer support providers). These technologies are used in analyzing trends, administering the site, tracking user movements around the site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.
We partner with a third party to either display advertising on our website or to manage our advertising on other sites. Our third-party partners may use technologies such as cookies to gather information about your activities on this site and other sites to provide you advertising based upon your browsing activities and interests. If you do not wish to have this information used for the purpose of serving you interest-based ads, you may 1) clear your cache or 2) opt-out through a third-party by contacting us. Please note this does not opt you out of being served ads. You will continue to receive generic ads.
European Union data subjects will only have cookies placed on their system if they affirmatively opt-in to such tracking. European Union data subjects may visit http://www.youronlinechoices.eu/ to understand more about Cookies and other tracking technologies in each European Union countries.
Customers in Canada may visit http://youradchoices.ca/ to understand more about Cookies and other tracking technologies in Canada.
https://tools.google.com/dlpage/gaoptout to opt out of Google Analytics for display advertising or to customize Google Display Network ads.
Please note that even if you opt-out of such Cookies or otherwise opt-out of interest-based advertising, you will still receive advertisements, they just will not be tailored to your interests. Also, if you opt-out and later delete your Cookies, use a different browser, or buy a new computer, you may need to renew your opt-out choices.
Do Not Track:
Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser.
Social Media Features:
If you are a European resident, you have the right to access the personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below.
Additionally, if you are a European resident, we note that we are processing your information to fulfill contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.
Your Access Rights:
Upon request and as required by applicable law, you may contact Decorebay to confirm whether we maintain, or process on behalf of a third party, and of your Personal Information and to review it to verify its accuracy and the lawfulness of our processing of such Personal Information. Where you have determined that the Personal Information we collect about you is inaccurate or processed in violation of applicable law you may also request that your Personal Information be corrected, amended, or deleted. Requests for access to your Personal Information and to have it corrected, amended, or deleted should be sent to firstname.lastname@example.org or to the mailing address provided under "How to Contact Us."
EU data subjects have certain rights to access Personal Information about them, and to limit the use and disclosure of their Personal Information.
Under the GDPR, residents and nationals of the EEU have the following data rights:
- Right to be informed - You have a right to know how and what personal data we collect from you and what we use it for. In this policy, you will find that information.
- Right to request access: You have the right to request access to the personal data held about you, to obtain confirmation that it is being processed, and to obtain certain prescribed information about how we process it.
- Right to object applies to processing of your personal data where it is based on Legitimate Interests and where your data is processed for direct marketing or processed for the purposes of collating statistical information.
- Right to restrict processing or 'block' the use of your personal data, for instance where you believe your personal data is not accurate (until the accuracy can be verified).
- Right to Erasure: The right to have your personal data erased, also known as the "right to be forgotten" enables you to request the deletion or removal of personal data where there is no compelling reason for its continued use. Requests for erasure may be refused in some circumstances such as where the personal data must be retained to comply with a legal obligation or to exercise or defend legal claims.
- Right to rectification: You have the right to request to have your personal data corrected if it is inaccurate and to have incomplete personal data completed in certain circumstances.
- The right to data portability allows you to obtain and reuse your personal data for your own purposes across different services; to move copy or transfer their personal data easily from one environment to another in a safe and secure way without hindrance to usability.
If you wish to request access, to limit use, or to limit disclosure, please contact us at email@example.com or the mailing address provided under "How to Contact Us" and please provide us your name.
When you place an order through the Site, we will maintain your Order Information for our records unless and until you ask us to delete this information.
Security of Your Information
Keeping your information safe is important to us. We provide reasonable and appropriate security measures in connection with securing Personal Information we collect. How we keep your data securely stored using the following
For example, we and the Third-party service providers we use:
- Consistently work to update our security practices to implement accepted best methods to protect your Personal Information and review our security procedures carefully.
- Comply with applicable laws and security standards.
- Securely transmit your sensitive Personal Information.
- Train our staff and require them to safeguard your data. Limit the staff with access to your Personal Information.
- Transmit, store, protect, and access all cardholder information in compliance with the Payment Card Industry's Data Security Standards.
If you request more information about our third-party service providers, third party partners or third-party requests for further information should be sent firstname.lastname@example.org or to the mailing address provided under "How to Contact Us."
International Data Transfer
When you complete our registration forms or use our services, we may transfer your information to processors outside the European Economic Area but will do so with appropriate measures and controls in place to protect that information in accordance with applicable data protection legislation. When you give us information about another person, you confirm that they have appointed you to act for them and agreed to the transfer of their information abroad.
The Site is not intended for individuals under the age of 13.
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at email@example.com or by mail using the details provided below:
MSHZ International Inc.
931 Progress Avenue Unit 5,