Privacy Policy / GDPR

PushCommerce is committed to protecting your privacy, and has therefore developed this privacy policy to explain how your personal data is collected, processed and disclosed by its platform. We advise everyone to read it carefully, in order to become familiar with our privacy practices.

Scope and Coverage

This Privacy Policy applies only to the collection and processing of personal data carried out by PushCommerce for the provision of services through the PLATFORM, allowing those services to be provided expeditiously and without inconvenience to the USERS.

Users can navigate through parts of the PLATFORM without having to register, however, it is necessary to register to be able to make use of certain features, in particular those that enable the operation of online stores.


Personal Data

Personal data means any information in any nature and/or medium relating to an identified or identifiable person, directly or indirectly, in particular by reference to one or more specific elements, whether of their identity or their private life.

In practice, this means your name, email address, address, conversations we have, etc.


Purpose

The collected personal data is an essential tool for USERS’ satisfaction and that personal data is processed in accordance with the applicable law and best practices. PushCommerce uses this data in an appropriate and expected way for the provision of its PLATFORM services, namely, (a) to enable the services that facilitate the operations of online stores; (b) to setup the USERS accounts and profiles; (c) to improve the contents of the service; (d) to report news about the PLATFORM; (e) to adapt the services to the needs of its USERS; (f) and, to allow the development of new features.

In practice this means that we need some information about you to enable use of the Platform effectively. We also use your information to improve the service we provide and to let you know about it.


Data Collected

PushCommerce collects and processes personal data necessary for the provision of services, operations, and PLATFORM management, namely: username, full name, email address, billing information, shipping address, date of registration and of the last login.

When using the service, the PLATFORM can automatically register in it’s servers general data, such as the type of browser, IP address and requested pages.


How Data is Collected

The data will be collected through forms and through the PLATFORM's usage, after the USER acknowledges the collection, and explicitly consents to the processing, which is made according to the law. The collected data is stored on secure servers. The personal data collected will not be used, in any situation, for any purpose other than that for which consent was previously obtained.

In practice this means that we seek your consent prior to collection of your information and then store this on Google and Amazon Web Services Servers; which are encrypted with a SHA256 bit Encryption. We also won’t use your data for anything you haven’t consented to.


Cookies

Cookies are small files that are downloaded to your device when you visit a website. Your browser sends these cookies back to the website every time you visit the site again, so it can recognize you, which allows customizing your experience to you.

PushCommerce uses cookies to/for:

  1. Provide the services you are using. These cookies are essential;
  2. Other cookies allow the website to remember choices you make;
  3. Some are used to understand how the PLATFORM users interact and use our products and services; and,
  4. Others might be used for advertising purposes that PushCommerce believes might be relevant to you.

With the exception of these essential cookies, PushCommerce cookies are only installed in your device after you consent.

You can also configure your browser settings to now allow cookies or to clean it up, but this action might affect your experience on the PLATFORM.


Users and Security

PushCommerce takes the security of USERS’ personal information very seriously, and does its best to safeguard it. Keeping in mind the technology and the technical knowledge available, PushCommerce uses technical and organisational measures to protect personal data against destruction, accidental or unlawful loss, accidental alteration, disclosure or unauthorised access, within a level of security appropriate to the nature of the data being protected. However, PushCommerce cannot guarantee the total security of the information of its USERS’ accounts against all possible situations of unauthorised access, hardware or software failures and other factors that may compromise the security of the information.

USERS should make careful use of the PLATFORM in order to prevent unauthorised access to their accounts and personal information, namely, by carefully selecting and protecting their passwords and limiting access to the devices through which they access the PLATFORM.

In practice this means that we will do everything we can to secure your data but nothing is ever 100%. We also ask that you do your best to secure your data from your side with strong passwords, by locking your computer when you leave it, etc.


Storage Period

Personal data will be stored and kept only for the lifespan of each USER’s account, and up to seven years after its termination, either by cancellation, suspension or lack of use of the PLATFORM, as referred to in the Terms and Conditions. This period is deemed to be sufficient for the purposes for which the personal data was collected. After this period, any personal data collected will be eliminated.

In practice this means that we’ll keep your data for 7 years from collection. If you exercise your right to delete your data, please note that this will terminate your account at the same time. For tax purposes we do need to keep some data, specifically your location and sales invoices.


Rectification

You may update your personal data at any time through the USER's admin section in the PLATFORM.

If you are unable to update your personal data, you should contact PushCommerce via the Help Desk or via email on help@pushcommerce.com requesting this rectification, erasure, update and/or modification, of which you will be notified by email as soon as it occurs.

In practice, if you notice any errors that you cannot adjust through your shop’s admin section just contact us and we’ll help you out.


Right of Access

Data protection regulations grant you the right to access your personal data at any time under a Subject Access Request. Ideally this would be via a written request on email at help@pushcommerce.com or via our help desk. As per data protection regulations, we will accept other avenues of requests, however our response will only and always be via email.

We will provide the information in a portable manner e.g. a CSV file and email this over to you within 28 days; this time period begins the day after your request has been received. We will charge a reasonable fee if an individual requests further copies of their data following a request, this will cover only our administration which is currently set as £8.00.

PushCommerce cannot guarantee email transmissions are secure, if you would like your file to be password protected please let us know when you contact us. We will then send the password in a separate email.

In order to ensure that you are requesting your own data and to ensure the confidentiality of your data we may take steps to verify your identity. If you have requested a third-party to access the information we hold about you for you, we will require written confirmation and further proof of identity prior to releasing this information. In addition, PushCommerce will only send this information to the subject of the request, not the third party.

In practice, this means that you can access your data which we’ll send to you in a spreadsheet by email once we’ve established that you are the subject of the request. If you make an ‘excessive’ amount of requests then we are entitled to reject or charge you for the response.


Right to be Forgotten

You have the right to be forgotten thus removing your personal data. At any time USERs can remove their data by terminating their account. However some of the personal data may be stored for a longer period of time, as detailed above. Please note the section: Costs, Fees, Payments and Refunds under PushCommerce’s Terms and Conditions in regards to this.


Metrics

PushCommerce uses statistical information gathering services, which collect anonymous information about the PLATFORM’s usage, for example, time of visits, pages viewed and type of operating system used. These services are:

  1. Google Analytics is a traffic analysis service provided by Google, Inc. ("GOOGLE") used in the PLATFORM. GOOGLE uses the data collected to analyse the PLATFORM’s usage and to prepare reports which enable PushCommerce to improve its services. Google Analytics integration is done in a way that keeps USERS’ IP address anonymous by removing part of it’s information. You can find GOOGLE’s privacy policy on its website http://www.google.com/intl/en/policies/privacy/;
  2. "Facebook Ads Manager" is a business analytics service provided by Facebook, Inc. ("FACEBOOK") used in the PLATFORM. It allows us to manage and create Facebook Ads by keeping track of how many people have been reached and the actions they took. Collected data is used to build custom reports and measure user engagement and retention. You can find FACEBOOK’s privacy policy on its website https://www.facebook.com/about/privacy.

Your Customer’s Personal Data

Regarding your Customer’s personal data; you accept that you are the controller of such personal data and you will comply with the applicable legislation.

PushCommerce will process such data on your behalf acting as your processor, accordingly with your instructions.

If you have any specific requirements in regards to data privacy please speak to the Customer Success team to discuss these.


Disclosure to Third Parties

PushCommerce does not sell or rent personal data to third parties, However, sharing of personal data may occur under the following conditions:

PushCommerce may rely on third parties for the provision of certain services on its behalf, and these third parties may have access to some personal data. PushCommerce ensures that entities that have access to personal data are credible and offer high guarantees of protection, never transmitting more data than that which is necessary to provide the contracted service; and,

PushCommerce may also transmit data to third parties regarding investigations, judicial enquiries and legal and/or administrative procedures, when ordered to do so by a court of law.


Third Parties Websites

The PLATFORM may contain links to other websites. These websites and the way they process collected information are the sole responsibility of their holders, and therefore, PushCommerce is not responsible for their privacy policies and/or practices.


Data Transfer

In the event of any personal data being transferred to third-parties in countries which are not Member states of the European Union, PushCommerce will comply with the applicable legislation, in particular in regard to the adequate level of protection offered to personal data and the requirements for such transfers, not transferring personal data to jurisdictions that do not provide adequate safety and security guarantees.


Abandoned Carts

As this is a controversial subject within the eCommerce industry, PushCommerce has decided to clarify their position and reasoning on this topic to aid transparency.

In the event of a cart with items added being subsequently abandoned, PushCommerce intends to utilise Legitimate Interest in order to facilitate an email to the USER’s Customer. PushCommerce feels that this single email, that will be solely regarding the items previously added and no more, will have a minimal impact on an individual and follows the individual’s original purchase intent. In the event that the cart remains abandoned, any personal details collected and/or held will be subsequently deleted from the Platform every 14 days.


Changes to the Privacy Policy

PushCommerce reserves the right to adjust or amend this Privacy Policy at any time, adequately announcing those changes.


Data Protection Contact

Due to the nature of the Platform and the relatively small size of the PushCommerce team, it has been deemed inappropriate to assign a designated Data Protection officer from within our team. However, there is obviously a requirement for a single point of contact for any data related queries. In this instance these should be directed to our Operations Manager on help@pushcommerce.com or using the following details:

Mr D. Kavanagh
PushCommerce Ltd
Kingsgate House
62 High Street
Redhill
RH1 1SH

In the event that PushCommerce requires a data protection specialist, we will enlist the services of an outsourced Consultant as necessary.