Privacy Policy

Effective: February 09, 2022

We appreciate your interest in our group of companies and our technologies and services. Protection of your personal data is key to us. Aiming to make you feel safe when visiting our website and dealing with our technologies and services, this Privacy Policy offers you information on how we deal with your personal and non-personal data – whether you visit our website, whether we collect data from you as a client or whether you are a user (visitor of our website or our clients’ website and platforms). The collection, processing and use of your data takes place in compliance with all applicable national data protection regulations.

When visiting our website www.together-commerce.com

1. Privacy at a glance

General information

The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data is all data with which you can be personally identified. Detailed information on the subject of data protection can be found in our data protection declaration listed under this text.

Data collection on this website

Who is responsible for data collection on this website?

The data processing on this website is carried out by the website operator. You can find their contact details in the section "Notice on the responsible body" in this data protection declaration.

How do we collect your data?

On the one hand, your data is collected when you communicate it to us. This can be z. B. be data that you enter in a contact form.

Other data is collected automatically or with your consent by our IT systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of the page view). This data is collected automatically as soon as you enter this website.

What do we use your data for?

Part of the data is collected to ensure that the website is provided without errors. Other data can be used to analyze your user behavior.

What rights do you have regarding your data?

You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future. You also have the right, under certain circumstances, to request that the processing of your personal data be restricted. You also have the right to lodge a complaint with the competent supervisory authority.

You can contact us at any time if you have any further questions on the subject of data protection.

Analysis tools and third-party tools

When you visit this website, your surfing behavior can be statistically evaluated. This happens mainly with so-called analysis programs.

Detailed information on these analysis programs can be found in the following data protection declaration.

2. Hosting WIX

We host our website at Wix.com Ltd., 40 Namal Tel Aviv St., Tel Aviv 6350671, Israel (hereinafter: "WIX"). WIX a tool for creating and hosting websites. When you visit our website, WIX analyzes user behavior, visitor sources, website visitor regions and visitor numbers. WIX stores cookies on your browser that are required to display the website and to ensure security (necessary cookies).The data is stored on the WIX servers in Israel. Israel is considered a safe third country in terms of data protection law. This means that Israel has a level of data protection that corresponds to the level of data protection in the European Union. Details can be found in the WIX data protection declaration: https://de.wix.com/about/privacy.

WIX is used on the basis of Article 6 (1) (f) GDPR. We have a legitimate interest in our website being displayed as reliably as possible. If a corresponding consent has been requested, the processing takes place exclusively on the basis of Article 6 (1) (a) GDPR; the consent can be revoked at any time.

3. General information and mandatory information

Privacy

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.

If you use this website, various personal data will be collected. Personal data is data with which you can be personally identified. This data protection declaration explains what data we collect and what we use it for. It also explains how and for what purpose this happens.

We would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. A complete protection of the data against access by third parties is not possible.

Note on the responsible body

The responsible body for data processing on this website is:

Together Commerce UG (haftungsbeschränkt)

Am Lichtweg 68

41470 Neuss

Phone: +49 (0)2137 1474718 Email: info@together-commerce.com

The responsible body is the natural or legal person who, alone or together with others, decides on the purposes and means of processing personal data (e.g. names, e-mail addresses, etc.).

Storage duration

Unless a specific storage period has been specified in this data protection declaration, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. tax or commercial law retention periods); in the latter case, the data will be deleted once these reasons have ceased to exist.

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke consent that you have already given at any time. The legality of the data processing that took place up until the revocation remains unaffected by the revocation.

Right to object to data collection in special cases and to direct advertising (Art. 21 GDPR)

IF THE DATA PROCESSING IS BASED ON ART. 6 ABS. 1 LIT. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH A PROCESSING IS BASED CAN BE FOUND IN THIS DATA PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR CONCERNED PERSONAL DATA UNLESS WE CAN PROVE COMPREHENSIVE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOM OBJECTION ACCORDING TO ARTICLE 21 (1) GDPR).

IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSES OF SUCH ADVERTISING; THIS ALSO APPLIES TO PROFILING TO THE EXTENT RELATED TO SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT ADVERTISING PURPOSES (OBJECTION ACCORDING TO ART. 21 (2) GDPR).

Right of appeal to the competent supervisory authority

In the event of violations of the GDPR, those affected have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged violation. The right to lodge a complaint is without prejudice to any other administrative or judicial remedy.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another person responsible, this will only be done to the extent that it is technically feasible.

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.

Information, deletion and correction

Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, its origin and recipient and the purpose of the data processing and, if necessary, a right to correction or deletion of this data at any time. You can contact us at any time if you have any further questions on the subject of personal data.

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. You can contact us at any time for this. The right to restriction of processing exists in the following cases:

If you dispute the accuracy of your personal data stored by us, we usually need time to check this. For the duration of the examination, you have the right to request that the processing of your personal data be restricted.

If the processing of your personal data happened/is happening unlawfully, you can request the restriction of data processing instead of deletion.

If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request that the processing of your personal data be restricted instead of being deleted.

If you have lodged an objection in accordance with Art. 21 (1) GDPR, your interests and ours must be weighed up. As long as it has not yet been determined whose interests prevail, you have the right to demand that the processing of your personal data be restricted.

If you have restricted the processing of your personal data, this data - apart from its storage - may only be used with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State are processed.

Objecting to Promotional Emails

We hereby object to the use of contact data published as part of the imprint obligation to send unsolicited advertising and information material. The site operators expressly reserve the right to take legal action in the event of unsolicited advertising being sent, such as spam e-mails.

4. Data collection on this website Cookies

Our website uses so-called "cookies". Cookies are small text files and do not cause any damage to your end device. They are stored on your end device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted after your visit. Permanent cookies remain stored on your end device until you delete them yourself or until they are automatically deleted by your web browser.

In some cases, cookies from third-party companies can also be stored on your end device when you enter our site (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for processing payment services).

Cookies have different functions. Numerous cookies are technically necessary because certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies are used to evaluate user behavior or to display advertising.

Cookies that are required to carry out the electronic communication process (necessary cookies) or to provide certain functions you want (functional cookies, e.g. for the shopping cart function) or to optimize the website (e.g. cookies for measuring web audience). are stored on the basis of Art. 6 Para. 1 lit. f GDPR, unless another legal basis is given. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies was requested, the relevant cookies are stored exclusively on the basis of this consent (Article 6 (1) (a) GDPR); the consent can be revoked at any time.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when the browser is closed. If cookies are deactivated, the functionality of this website may be restricted.

If cookies are used by third-party companies or for analysis purposes, we will inform you of this separately in this data protection declaration and, if necessary, ask for your consent.

Contact form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We do not pass on this data without your consent.

This data is processed on the basis of Article 6 (1) (b) GDPR if your request is related to the fulfillment of a contract or is necessary to carry out pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of inquiries addressed to us (Art. 6 Para. 1 lit. f GDPR) or on your consent (Art. 6 Para. 1 lit. a GDPR) if this was queried.

The data you enter in the contact form will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular retention periods - remain unaffected.

Inquiry by e-mail, telephone or fax

If you contact us by e-mail, telephone or fax, your inquiry including all resulting personal data (name, enquiry) will be stored and processed by us for the purpose of processing your request. We do not pass on this data without your consent.

The data you sent to us via contact requests will remain with us until you request deletion, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular statutory retention periods - remain unaffected.

5. Newsletter data

If you would like to receive the newsletter offered on the website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter . Further data is not collected or only collected on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.

The processing of the data entered in the newsletter registration form takes place exclusively on the basis of your consent (Art. 6 Para. 1 lit. a DSGVO). You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation.

The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you unsubscribe from the newsletter or after it no longer serves any purpose. We reserve the right to delete or block e-mail addresses from our newsletter distribution list at our own discretion within the scope of our legitimate interest in accordance with Art. 6 Para. 1 lit. f GDPR. Data stored by us for other purposes remain unaffected.

After you have been removed from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist if this is necessary to prevent future mailings. The data from the blacklist is only used for this purpose and is not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interests.

Source: https://www.e-recht24.de

When using our technologies and services via websites and online services of our clients

Together Commerce UG (haftungsbeschränkt) (together with its affiliates, “Together Commerce”, “we”, “us” or “our”) is committed to protecting the privacy and the security of the Personal Data provided to us via our Products, while continuing to provide shoppers of our Store-based Clients, at the written direction of our Store-based Clients (defined below), with a personalized shopping and advertising experience and with recommendations that are personal, meaningful, and dynamic, as well as to provide general market intelligence or analysis based on aggregated information (the “Purpose”). While we accept personal information regarding shoppers from our Store-based Clients, any output of that information provided to those Store-based Clients, or any other third-party, is limited to aggregated, non-identifying, and non-personal information and, moreover, Together Commerce will not sell, rent, lease, share or disclose any shoppers’ information, or the information of any Store-based Clients, except as permitted by this Privacy Policy. All capitalized terms used herein shall have the meaning as defined herein, or if not defined, the meaning as set forth in our Together Commerce Customer Terms of Service. The term “Shoppers” shall be used herein to mean those individuals that use our Store-based Clients’ webpages or other accessible platforms or portals and who may or may not provide their personal information.

This Privacy Policy is based on the following principles/requirements:

Transparency: Together Commerce, via its Store-based Clients, shall notify Shoppers that their data shall be processed by Together Commerce as described in this Privacy Policy;

Consent: Together Commerce shall require that its Store-based Clients, as part of its engagement therewith, obtain informed consent for the processing of Shoppers’ data by Together Commerce as described in this Privacy Policy;

Accountability: Together Commerce shall require that its Store-based Clients, as part of its engagement therewith, provide the means for Shoppers to inquire from Together Commerce, through the Store-based Clients, regarding their personal data, and to withdraw consent (including by deleting all identifying personal information), or to inquire from Together Commerce;

Security: Together Commerce shall provide a secure means in which to store data, as well as to transfer data to Together Commerce via the Products from the Store-based Client; and

Breaches: Together Commerce shall notify the applicable Store-based Client in the event of any breach of security or other unauthorized processing of any of their Shoppers’ information.

Our Relationship to Our Clients and Their Shoppers

Together Commerce provides its Services to help it's approved and contracted store-based clients (hereinafter “Store-based Clients”) to achieve the Purposes, as defined above. Together Commerce, at the written direction and authorization of our Store-based Clients, may obtain certain information regarding Shoppers as they use and provide information to our Store-based Clients. No matter who provides us with personal information, however, our commitment to privacy remains strong.

While Together Commerce ensures that any collection and subsequent disclosure to Together Commerce of any personal information via our Store-based Clients is in compliance with this Privacy Policy, we rely on and require our Store-based Clients to obtain Shoppers’ informed consent and to provide access to this policy.

In some cases, Shoppers using Together Commerce may enable or authorize their access to a Store-based Client’s e-Commerce platform, and/or Together Commerce Products operating therein, using a third-party tool or a social networking site (“Third-Party Platform”), such as Facebook or Google. Accordingly, a Shopper must read and accept the terms of service and privacy policy of that Third-Party Platform, and Together Commerce cannot assume liability for any Shopper’s failure to do so. Further, Together Commerce may also process data previously, independently, or concurrently provided to the applicable Store-based Client by a Shopper (e.g. Together Commerce may obtain data through a Store-Based Client’s CRM or another data repository, or from other third-parties with whom they interact in association with providing their services to a given Shopper). Together Commerce takes reasonable administrative efforts to ensure that Store-based Clients provide an opportunity for Shoppers to have access to, and be given an opportunity to consent to, this Privacy Policy. Shoppers should also read and accept the terms of service and privacy policy of the Store-based Client. In some cases, Together Commerce may use Cookies (as that term is defined below) in association with a Third-Party Platform (e.g. Facebook, Google) in order to provide information to a Shopper via such Third-Party Platforms, particularly in the form of advertising, the content of which is selectively determined by such Shopper’s interaction with the Third-Party Platform in question. None of such Shopper’s personal information is copied by or transferred to Together Commerce from any Third-Party Platform in this circumstance.

Together Commerce relies upon its Store-based Client to obtain informed consent regarding the use of Together Commerce Products on their e-Commerce Platforms, including providing access to this Privacy Policy prior to acquiring consent. Together Commerce is not responsible for any act or omission of a Store-Based Client if the client fails to acquire, or is deficient in any way in acquiring such informed consent. To the extent that the client’s collection, use, or disclosure of personal information provided to Together Commerce, prior to, independently of, or concurrently with the provision of Shopper data to Together Commerce fails to comply with this Privacy Policy or applicable data protection or other laws, Together Commerce has no ability to control, manage, or indeed identify such non-compliance. Any inquiries regarding independent acts or omissions involving a Shopper’s personal information by our Store-based Client must be directed to that Store-based Client.

How We Collect Shopper Information

Directly From a Store-based Client Site: Shoppers engage Together Commerce Products or Services when a Store-based Client installs one of our Plug-ins or other Product in association with its e-Commerce Platform. This incorporates functionality through the Together Commerce API Platform. Using the Together Commerce API, or other similarly installed Product, through a Shopper’s interaction with one of our Store-based Client’s e-commerce platforms, we collect certain information that is provided to such e-commerce platforms about Shoppers, Shoppers’ interest in product offerings, Shoppers’ historical and new orders, Shoppers’ details that are provided to the e-commerce platform, and Shoppers’ behavior and interactions while visiting the e-commerce platform. By engaging in any of the foregoing activities and/or providing consent to provide such information by accepting the terms of this Privacy Policy (as required by applicable law, and which should be incorporated into our Store-based Client’s privacy or data protection policies), Shoppers, by virtue of such engagement or consent, authorize Together Commerce to collect, store and use any such data that comprises personal information in accordance with this Privacy Policy.

Through a Third-Party Platform and/or Store CRM: In some cases, Shoppers may authenticate themselves within your Together Commerce-enabled store by signing on using a Third-Party Platform, or a Store-based Client may provide Together Commerce access to some other form of Shopper identification pursuant to such Store-based Client’s privacy policy (e.g. an eCommerce Platform’s customer management tools, external CRM, or Loyalty Program). This information is necessary to carry out the Purpose. This information may vary and may be affected by the privacy settings Shoppers establish with the applicable Third-Party Platform and/or the Store-based Client. Shoppers should be able to control and find out more about these settings at the Third-Party Platform used to access or use Together Commerce Products or Services, and/or through the terms and/or privacy policy of the applicable Store-Based Client or its CRM tool if there is one. By using or accessing any of our products or software through a Third-Party Platform login, and/or a store CRM, Shoppers, pursuant to the terms of the applicable Third-Party Platform and/or e-Commerce Platforms (including their CRM), authorize us to process such information in accordance with this Privacy Policy and the corresponding privacy terms and settings of the applicable Third-Party Platform and/or e-Commerce Platform.

The Types of Information We May Collect

We collect two types of information. Both types of information are required to provide the Together Commerce Purposes that are offered via a Together Commerce-enabled Store-based Client’s eCommerce platform, or through related channels (e.g. Emails, Messages, Advertising, etc.).

The first type of information is Personal Data (“Personally-Identifying Information” or “PII”). The other type of information is Non-Personally Identifying Information (“NPII”).

PII includes information that is uniquely associated with an identifiable Shopper, or that identifies a Shopper, and may specifically include age, gender, location, email address, phone number, and, in some cases, IP address.

NPII may include information that is collected directly from a Shopper, during a Shopper’s interaction with the site, or from information provided to a third-party, and which does not identify, or is not uniquely associated with, an identifiable Shopper. NPII includes, but is not limited to, a Store-based Client’s name and location, Store-based Client product and collections information, non-identifying order information, Store-based Client CRM/Loyalty programs, age range, association with a geographical or network area, Shoppers’ general interests as indicated by their interaction with an e-Commerce Platform (such as selections thereon), Shoppers’ shopping behavior, and Shoppers’ choices within Together Commerce enabled e-Commerce Platforms. NPII may also include information that is non-personally identifying but was generated from PII, such as by aggregation with other PII or anonymization.

How We Use and Disclose Information

We will not sell, rent, lease, share or otherwise disclose information provided to us, whether or not it constitutes PII or NPII, unless consent to such disclosure is provided in accordance with this Privacy Policy or other means, the information is rendered anonymous through aggregation, hashing or other means, or disclosure is required by law. By accepting this Privacy Policy, Shoppers, by virtue of Store-based Clients’ contractual obligations to obtain consent and to provide access to, and to comply with, this Privacy Policy, is deemed to have provided Together Commerce with a valid written consent to do the following:

Performance of Services. We may use Shoppers’ PII and NPII to fulfill the Purposes. We may also use Shoppers’ NPII in connection with other services and features we provide to third-parties or other Store-based Clients. This includes by assessing information relating to, and historical patterns associated with, Shoppers, and/or profiles or categories of classes of Shoppers, such as by observing shopping choices and activities of Shoppers (or Shoppers fitting characteristics relating to such profiles or categories, but not necessarily any information relating to an identifiable Shopper). We may also process Shoppers’ data in association or combination with information relating to that Shopper, or information relating to Shoppers belonging to the same profile or category, from other Store-based Clients. We will also use this information to improve the quality of our Products and Services.
Performance of Services Associated With Third-Party Platforms:

1. Advertising Customization: In order to provide personalized advertising on Third-Party Platforms, Together Commerce pushes certain NPII information relating to a Shopper (e.g. non-personally identifying shopping preferences profile information) to such Third-Party Platform which then selectively provides advertising. Except as provided below, none of a Shopper’s PII or NPII information is provided to Together Commerce from any Third-Party Platform.

2. Authentication: In some cases, Together Commerce uses authentication services provided by Third-Party Services to authenticate a Shopper with their Together Commerce data.

Third-Party Service Providers. Together Commerce may employ or engage other companies to perform tasks on our behalf and may need to share some of your information with them to provide products and services to you. Examples of this may include data storage and analysis. These third-parties have access to information needed to perform their functions but may not use it for any other purpose.
Business Transfer. As we continue to develop our business, we may purchase other businesses or companies, be acquired by another entity, merge or enter into a joint venture or other types of business combination with another entity, or sell all or substantially all of our assets to a third-party. In such transactions, Shopper information generally is one of the transferred business assets but remains subject to this Privacy Policy (unless the customer consents otherwise).

Granting us this permission not only allows us to provide our Products and Services as they exist today but also allows us to provide innovative features, products, software and services we may develop in the future that uses the information we receive about Shoppers in new ways.

Together Commerce owns the databases and all rights to our applications and software. While Store-based Clients and Shoppers allow us to process the information we receive, such Store-based Clients and Shoppers using Together Commerce enabled stores always own all of their own personally identifiable information.

How We Use Cookies and Other Technologies

Together Commerce Products, and our store customers may use “cookies” and other technologies such as pixel tags and web beacons in our Products. In some cases, these may also be incorporated into a store customer’s website, app, or platform, and/or they may be implemented by a Together Commerce Product specifically. These technologies help us better track and understand Shopper behavior, measure the effectiveness of advertisements, and generate recommendations, and generally carry out the Purpose. To the extent information is collected by cookies and/or other technologies includes personal information, it will be treated as such under this Privacy Policy. For example, to the extent that Internet Protocol (IP) addresses or similar identifiers are considered personal information by local law, we will also consider such information as personal information.

Together Commerce and its Store-based Clients may also use cookies and other technologies to remember personal information when Shoppers use Store-based Clients’ websites, online services, and apps, as well as to collect and store information related to such use. We may use this to make a Shopper’s experience with Together Commerce-enabled eCommerce platforms more convenient, personal, and useful. This may include combining such information across different stores in order to generate information related to the Purpose (though no PII collected from one store will ever be shared with another store). For example, knowing a Shopper’s country and language helps us provide a customized and more useful shopping experience. Knowing someone using a given Shopper’s computer or device has shopped for a certain product or used a particular service helps us and our Store-based Clients, including different Store-based Clients from those on whose website (or other eCommerce platform) a cookie or other technology was used to remember or collect information; or to make advertising, permitted email communications, or recommendations more relevant to your and other Shoppers’ interests. Lastly, we may use cookies or other such technology, and information collected therefrom, to improve our services.

How We Keep Your Information Secure

The security of Shopper information is important to us. We implement reasonable security measures to protect the security of your information both online and offline, and we are committed to the protection of Shopper information. Only those individuals at Together Commerce that have an obligation to maintain confidentiality may access Shopper PII.

When we handle Shopper information on the Internet we encrypt the transmission of that information using secure socket layer technology (“SSL”). Shopper information is pseudonymized and rendered as NPII. Together Commerce has redundant and distributed systems, and other system measures, that provide for ongoing confidentiality, integrity, availability, and resilience. Our systems are routinely tested or assessed for their measures to ensure the security of Shopper Data.

However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect Shopper information, we cannot guarantee that unauthorized access, hacking, data loss or other breaches will never occur.

We will notify the Store-based Client, who is ultimately the data controller, from whom we obtain information in the event of unauthorized access or disclosure of such information. We will take reasonable administrative steps, by making it a condition of our terms of services with them, to ensure that such Store-based Client takes steps to inform the affected Shopper to the extent that it is required under applicable law.

If you have any questions about how we strive to keep information secure, you can contact us at privacy@together-commerce.com.

Storage and Transfer of Your Information

We may transfer, store and process Shoppers’ information, both PII and NPII, to or on computers located in Europe. Accordingly, such information may be subject to the laws of the relevant jurisdictions.

There is no fixed period for storage of Shoppers’ PII. We will remove Shoppers’ PII upon any of the following:

A request from the Shopper via our Shopper Rights Access Portal (see below);
A request from the applicable Store-based Client from which the Shopper, whose data is being deleted, was obtained, or such Shopper notifies Together Commerce in writing that their consent has been withdrawn;
An objection from a Shopper, via a Shopper or an applicable Store-based Client, is received by Together Commerce in writing relating to the processing of any Shopper PII;
If Together Commerce learns that any PII has been collected unlawfully;
A request from any supervisory authority or legal authority (e.g. police, third-party having an applicable court order) having sufficient legal authorization or Together Commerce being made aware that PII should be deleted to ensure compliance with an applicable legal obligation.

The storage period for any NPII that does not relate to, or uniquely identify, a Shopper is indefinite.

Shoppers’ Rights

Together Commerce supports Shoppers’ rights in the following ways:

Transparency. Shoppers’ rights relating to transparency are supported through the full and clear disclosure of the processing and storage of Shopper’s information, and the Purposes thereof, in this Privacy Policy.
Accountability. While Together Commerce is not a controller of Shopper data, Together Commerce nevertheless encourages Shoppers to contact the Together Commerce (privacy@together-commerce.com) for issues relating to Shopper information that is collected or processed by Together Commerce via a Store-based Client (although Together Commerce reserves the right to take no action, and/or to forward Shopper’s concerns to the applicable Store-based Client, in cases where the issue relates to Shopper data collected or processed by the Store-based Client). Furthermore, the Shopper has the right to lodge a complaint about Together Commerce’s data protection with an applicable supervisory authority with jurisdiction to receive such a complaint.

Breaches. Together Commerce shall notify the Store-based Client that collected the information in the event of any breach or unauthorized access to Shoppers’ PII of the following information: the existence and nature of such breach, possible or likely consequences, and measures taken to address or, where possible, mitigate the breach. Our standard terms with our Store-based Clients require them to comply with this requirement, where required by applicable law.

Changes to this Privacy Policy

Our business practices change constantly and this Privacy Policy may change accordingly. We reserve the right to modify this Privacy Policy at any time. It is the responsibility of Store-based Clients, and/or Shoppers, to ensure that they are aware of the contents of this Privacy Policy, so it should be reviewed periodically. We may e-mail or post to Store-based Clients periodic reminders of our notices and conditions and any changes thereto, but are not required to so, and so we recommend that www.together-commerce.com/privacy-policy be referred to regularly. Unless stated otherwise, our current Privacy Policy applies to all PII that we have about Shoppers who use Together Commerce-enabled eCommerce platforms.

Questions and Concerns

This Privacy Policy, and any associated dispute is subject to the laws of the Federal State of Germany applicable therein. If a Store-based Client or a Shopper using a Together Commerce-enabled eCommerce platform has any concerns about privacy concerning Together Commerce, they may contact us at privacy@together-commerce.com with a thorough description and we will try to resolve them.

Any questions about this Privacy Policy should be addressed to privacy@together-commerce.com.

Login