INTRODUCTION & SCOPE
We respect the privacy of our website visitors and are committed to collecting, maintaining and securing information about our website visitors in accordance with this Privacy Policy. In this Privacy Policy, we (Après Nicotine AB) describe our privacy practices for everydaybaby.com. This privacy policy is intended for visitors worldwide. Please read this entire Privacy Policy before using or submitting information to the Sites. By submitting information to the Site, you acknowledge that you understand and agree to the terms of this Privacy Policy.

SECTION 1 - WHAT DO WE DO WITH YOUR INFORMATION?

Active information collection:
You actively send information to us when you register on a form on the website, participate in surveys or promotions, respond to us or otherwise contact us. When you buy something from our store, we also collect the personal information you give us such as your name, address and email address as part of the buying and selling process.

When you browse our store, we also automatically receive your computer's Internet Protocol (IP) address to provide us with information that helps us learn more about your browser and operating system.

Email marketing: With your permission, we may send you emails about our store, new products and other updates. This will be in accordance with the GDPR law governing the European Union from 25 May 2018 (see section 9 for more information).

Passive Information Collection:
We may also collect information about how you use our websites through web log files, cookies, web beacons, tracking pixels and similar technologies. This information is used to better understand our customers' behavior in order to improve our website and services.

SECTION 2 - CONSENT
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange a delivery or return a purchase, we imply that you consent to us collecting it and using it only for that specific purpose.

If we request your personal information for a secondary purpose, such as marketing, we will ask you directly for your express consent.

How do I withdraw my consent?
If after you choose to participate, you change your mind, you can withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time by contacting us at contact@byapres.com .

SECTION 3 - DISCLOSURE
We may disclose your personal information if we are required to do so by law or if you breach our terms of use.

SECTION 4 - SHOPIFY
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.

Your data is stored through Shopify's data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.

Payment:
If you choose a direct payment gateway to complete your purchase, Shopify stores your credit card details. It is encrypted according to the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is only stored for as long as is necessary to complete your purchase transaction. After that's done, your purchase transaction information is deleted. For more insight, you can also read Shopify's Terms of Service.

SECTION 5 - SERVICES PROVIDED BY THIRD PARTIES
In general, the third party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.

However, some third-party providers, such as payment gateways and other payment transaction processors, have their own privacy policies regarding the information we are required to provide to them for your purchase-related transactions.

For these providers, we recommend that you read their privacy policies so that you understand how your personal information will be handled by these providers.

Links
When you click on links on our store, they may take you away from our website. We are not responsible for the privacy practices of other websites and encourage you to read their privacy policies.

SECTION 6 - SECURITY
To protect your personal information, we take reasonable precautions and follow industry best practices to ensure that it is not unauthorizedly lost, misused, accessed, disclosed, altered or destroyed.

If you provide us with your credit card details, the information is encrypted using Secure Socket Layer (SSL) technology and stored using an AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we comply with all PCI-DSS requirements and implement additional generally accepted industry standards.

COOKIES
If legally permitted, non-personally identifiable information and data may be automatically collected through the use of "cookies" or "internet tags" and other similar technologies placed by Everyday Baby and third parties. Cookies are small text files that are transferred to a user's computer's hard drive by a website for the purpose of storing information about a user's identity, browser type or website visit patterns. Cookies can be used on our website to monitor web traffic, such as visit time, pages visited and certain system information about the type of computer used. We use this information to improve the content and services offered on our website. If you disable the use of cookies in your browser or remove or reject specific cookies from our website or linked websites, you may not be able to access all the content and facilities of those websites.

Here is a list of cookies we use. We have listed them here so you can choose whether or not to opt out of cookies.

_session_id, unique token, session, allows Shopify to store information about your session (referrer, landing page, etc.).

_shopify_visit, no data stored, Persistent for 30 minutes from the last visit, Used by our website provider's internal statistics tracker to record the number of visits

_shopify_uniq, no data stored, expires at midnight (relative to the visitor) the next day, Counts the number of visits to a store by a single customer.

cart, unique token, lasting for 2 weeks, Stores information about the contents of your shopping cart.

_secure_session_id, unique token, session

storefront_digest, unique token, undefined If the store has a password, this is used to determine whether the current visitor has access.

SECTION 7 - CONSENT SECTIONS
By using this website, you represent that you are at least 18 years old and above the legal age in your state or province.

SECTION 8 - CHANGES TO THIS INTEGRITY POLICY
We reserve the right to change this privacy policy at any time, so please review it regularly. Changes and clarifications are effective immediately after they are posted on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances we use and/or disclose it.

SECTION 9 - GDPR STATEMENT
The EU's General Data Protection Regulation (GDPR) comes into force on 25 May 2018 with the aim of harmonizing data protection laws across Europe and protecting citizens' data privacy. Article 5 of the law "Principles for processing personal data" is described below. Everyday Baby AB has started to change immediately to ensure GDPR compliance by May 25, 2018.

Article 5: Principles for processing personal data

Personal data must:

treated lawfully, fairly and in a transparent manner in relation to the data subject ('lawfulness, fairness and transparency');
is collected for stated, expressed and legitimate purposes and may not be further processed in a manner incompatible with these purposes; further processing for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes shall not be considered incompatible with the original purposes under Article 89(1) ('purpose limitation');
be adequate, relevant and limited to what is necessary having regard to the purposes for which they are processed ('task minimisation');
be accurate and, where necessary, kept current; all reasonable steps shall be taken to ensure that personal data which is inaccurate, having regard to the purposes for which it is processed, is deleted or rectified without delay ('accuracy');
stored in a way that enables the identification of the data subjects for a period of time that does not exceed the time necessary for the purposes for which the personal data is processed; personal data may be stored for longer periods to the extent that the personal data will be processed only for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) taking into account the implementation of the technical and organizational measures required under this Regulation to ensure the rights and freedoms of data subjects ('storage limitation');
processed in a way that ensures adequate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures ('integrity and confidentiality').

To read more about GDPR legislation, visit https://www.eugdpr.org

QUESTIONS AND CONTACT INFORMATION
If you wish to access, correct, amend or delete any personal information we hold about you, register a complaint or simply want more information, please contact us at contact@byapres.com