Privacy Policy
Overview
This Privacy Policy describes how your personal information is collected, used, and shared when you visit or make a purchase from https://www.art.rotekita.com (the “Site”).
SECTION 1 – Personal information we collect
SECTION 1_1 – Device information
When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information.”
We collect Device Information using the following technologies:
– “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
– “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider,referring/exit pages, and date/time stamps.
– “Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Site.
SECTION 1_2 – Personal data
Among the types of Personal Data that this Application collects, by itself or through third parties, there are: first name, last name, gender, email address, date of birth, address, phone number, Cookies and Usage Data.
Complete details on each type of Personal Data collected are provided in the dedicated sections of this privacy policy or by specific explanation texts displayed prior to the Data collection.
Personal Data may be freely provided by the User, or, in case of Usage Data, collected automatically when using this Application.
Unless specified otherwise, all Data requested by this Application is mandatory and failure to provide this Data may make it impossible for this Application to provide its services. In cases where this Application specifically states that some Data is not mandatory, Users are free not to communicate this Data without consequences to the availability or the functioning of the Service.
Users who are uncertain about which Personal Data is mandatory are welcome to contact the Owner.
Any use of Cookies – or of other tracking tools – by this Application or by the owners of third-party services used by this Application serves the purpose of providing the Service required by the User, in addition to any other purposes described in the present document and in the Cookie Policy, if available.
Users are responsible for any third-party Personal Data obtained, published or shared through this Application and confirm that they have the third party’s consent to provide the Data to the Owner.
SECTION 1_3 – Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you login to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices.Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article,an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
SECTION 1_4 – Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: Gravatar Privacy Policy. After approval of your comment, your profile picture is visible to the public in the context of your comment.
SECTION 1_5 – Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
SECTION 1_6 – Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
SECTION 1_7 – Displaying content from external platforms
This type of service allows you to view content hosted on external platforms directly from the pages of this Application and interact with them.
This type of service might still collect web traffic data for the pages where the service is installed, even when Users do not use it.
YouTube video widget (Google LLC)
YouTube is a video content visualization service provided by Google LLC that allows this Application to incorporate content of this kind on its pages.
Personal Data collected: Cookies and Usage Data.
Place of processing: United States – Google Privacy Policy. Privacy Shield participant.
SECTION 1_8 – Contact forms
By filling in the contact form with their Data, the User authorizes this Application to use these details to reply to requests for information, quotes or any other kind of request as indicated by the form’s header.
Mailing list or newsletter
By registering on the mailing list or for the newsletter, the User’s email address will be added to the contact list of those who may receive email messages containing information of commercial or promotional nature concerning this Application. Your email address might also be added to this list as a result of signing up to this Application or after making a purchase.
Personal Data collected: Cookies, first name, last name, gender, email address, date of birth, address and phone number.
SECTION 1_9 – Managing contacts and sending messages
This type of service makes it possible to manage a database of email contacts, phone contacts or any other contact information to communicate with the User.
These services may also collect data concerning the date and time when the message was viewed by the User, as well as when the User interacted with it, such as by clicking on links included in the message.
MailChimp (The Rocket Science Group, LLC.)
MailChimp is an email address management and message sending service provided by The Rocket Science Group, LLC.
Personal Data collected: Cookies, first name, last name, gender, email address, date of birth, address and phone number.
Place of processing: United States.
Their Privacy Policy can be viewed at: Mailchimp Privacy Policy. Privacy Shield participant.
SECTION 1_10 – Interaction with external social networks and platforms
This type of service allows interaction with social networks or other external platforms directly from the pages of this Application.
The interaction and information obtained through this Application are always subject to the User’s privacy settings for each social network.
This type of service might still collect traffic data for the pages where the service is installed, even when Users do not use it.
SECTION 1_10_1 – Facebook Like button and social widgets (Facebook, Inc.)
The Facebook Like button and social widgets are services allowing interaction with the Facebook social network provided by Facebook, Inc.
Personal Data collected: Cookies and Usage Data.
Place of processing: United States.
Their Privacy Policy can be viewed at: Facebook Privacy Policy. Privacy Shield participant.
SECTION 1_10_2 – Twitter Tweet button and social widgets (Twitter, Inc.)
The Twitter Tweet button and social widgets are services allowing interaction with the Twitter social network provided by Twitter, Inc.
Personal Data collected: Cookies and Usage Data.
Place of processing: United States.
Their Privacy Policy can be viewed at: Twitter Privacy Policy. Privacy Shield participant.
SECTION 1_11 – Access to third-party accounts
This type of service allows this Application to access Data from your account on a third-party service and perform actions with it.
These services are not activated automatically, but require explicit authorization by the User.
Facebook account access
This service allows this Application to connect with the User’s account on the Facebook social network, provided by Facebook, Inc.
Permissions asked: Access Friend Lists, Likes and Share.
Place of processing: United States.
Their Privacy Policy can be viewed at: Facebook Privacy Policy. Privacy Shield participant.
SECTION 1_11_1 – Facebook permissions asked by this Application
This Application may ask for some Facebook permissions allowing it to perform actions with the User’s Facebook account and to retrieve information, including Personal Data, from it. This service allows this Application to connect with the User’s account on the Facebook social network, provided by Facebook Inc.
For more information about the following permissions, refer to the Facebook permissions documentation and to the Facebook privacy policy.
The permissions asked are the following:
SECTION 1_11_2 – Basic information
By default, this includes certain User’s Data such as id, name, picture, gender, and their locale. Certain connections of the User, such as the Friends, are also available. If the User has made more of their Data public, more information will be available.
SECTION 1_11_3 – Access Friend Lists
Provides access to any friend lists the User created.
SECTION 1_11_4 – Likes
Provides access to the list of all of the pages the User has liked.
SECTION 1_11_5 – Share
Share items on the User’s behalf.
SECTION 1_12 – Analytics
The services contained in this section enable the Owner to monitor and analyze web traffic and can be used to keep track of User behavior.
Google Analytics (Google LLC)
Google Analytics is a web analysis service provided by Google LLC (“Google”). Google utilizes the Data collected to track and examine the use of this Application, to prepare reports on its activities and share them with other Google services.
Google may use the Data collected to contextualize and personalize the ads of its own advertising network.
Personal Data collected: Cookies and Usage Data.
Place of processing: United States
Their Privacy Policy can be viewed at: Google Privacy Policy – Opt Out. Privacy Shield participant.
SECTION 1_13 – Order Information
Additionally when you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, shipping address, email address, and phone number. We refer to this information as “Order Information.”
SECTION 1_14 – Payment Processors
We may provide paid products and/or services within the Service. In that case, we use third-party services for payment processing. We refer to this information as “Payment Processors.”
We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.
The payment processors we work with are:
- Stripe: Their Privacy Policy can be viewed at: Stripe Privacy Policy
- PayPal or Braintree: Their Privacy Policy can be viewed at: Paypal Privacy Policy
- Sage Pay: Their policies can be viewed at: Sagepay Privacy Policy
SECTION 2 – Who we share your data with
We share your Personal Information with third parties to help us use your Personal Information, as described above. For example, we use Google Analytics to help us understand how our customers use the Site, you can read more about how Google uses your Personal Information here: Google Privacy Policy. You can also opt-out of Google Analytics here: Google Privacy Policy – Opt Out.
We may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.
SECTION 3 – How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
When you place an order through the Site, we will maintain your Order Information for our records unless and until you ask us to delete this information.
Personal Data shall be processed and stored for as long as required by the purpose they have been collected for.
Therefore:
- Personal Data collected for purposes related to the performance of a contract between the Owner and the User shall be retained until such contract has been fully performed.
- Personal Data collected for the purposes of the Owner’s legitimate interests shall be retained as long as needed to fulfill such purposes. Users may find specific information regarding the legitimate interests pursued by the Owner within the relevant sections of this document or by contacting the Owner.
The Owner may be allowed to retain Personal Data for a longer period whenever the User has given consent to such processing, as long as such consent is not withdrawn. Furthermore, the Owner may be obliged to retain Personal Data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.
Once the retention period expires, Personal Data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.
SECTION 4 – What rights you have over your data
If you have an account on this site, or have left comments, you have the right to access the personal data we hold about you, including any data you have provided to us. You can also request that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Users may exercise certain rights regarding their Data processed by the Owner.
In particular, Users have the right to do the following:
- Withdraw their consent at any time.Users have the right to withdraw consent where they have previously given their consent to the processing of their Personal Data.
- Object to processing of their Data.Users have the right to object to the processing of their Data if the processing is carried out on a legal basis other than consent. Further details are provided in the dedicated section below.
- Object to processing of their Data.Users have the right to learn if Data is being processed by the Owner, obtain disclosure regarding certain aspects of the processing and obtain a copy of the Data undergoing processing.
- Verify and seek rectification.Users have the right to verify the accuracy of their Data and ask for it to be updated or corrected.
- Restrict the processing of their Data.Users have the right, under certain circumstances, to restrict the processing of their Data. In this case, the Owner will not process their Data for any purpose other than storing it.
- Have their Personal Data deleted or otherwise removed.Users have the right, under certain circumstances, to obtain the erasure of their Data from the Owner.
- Receive their Data and have it transferred to another controller. Users have the right to receive their Data in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that the Data is processed by automated means and that the processing is based on the User’s consent, on a contract which the User is part of or on pre-contractual obligations thereof.
- Lodge a complaint.Users have the right to bring a claim before their competent data protection authority.
SECTION 4_1 – Details about the right to object to processing
Where Personal Data is processed for a public interest, in the exercise of an official authority vested in the Owner or for the purposes of the legitimate interests pursued by the Owner, Users may object to such processing by providing a ground related to their particular situation to justify the objection.
Users must know that, however, should their Personal Data be processed for direct marketing purposes, they can object to that processing at any time without providing any justification. To learn, whether the Owner is processing Personal Data for direct marketing purposes, Users may refer to the relevant sections of this document.
SECTION 4_2 – How to exercise these rights
Any requests to exercise User rights can be directed to the Owner through the contact details provided in this document. These requests can be exercised free of charge and will be addressed by the Owner as early as possible and always within one month.
SECTION 5 – Where we send your data
Visitor comments may be checked through an automated spam detection service.
Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.
SECTION 6 – How do we use your personal information?
The Data concerning the User is collected to allow the Owner to provide its Services, as well as for the following purposes: Contacting the User, Managing contacts and sending messages and Displaying content from external platforms, Access to third-party accounts, Interaction with external social networks and platforms and Analytics.
Users can find further detailed information about such purposes of processing and about the specific Personal Data used for each purpose in the respective sections of this document.
We use the Order Information that we collect generally to fulfill any orders placed through the Site (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations).
Additionally, we use this Order Information to:
Communicate with you;
Screen our orders for potential risk or fraud; and
When in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).
You can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.
SECTION 6_1 – WooCommerce
While you visit our site, we’ll track:
Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed.
Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping.
Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!
We’ll also use cookies to keep track of cart contents while you’re browsing our site.
When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:
Send you information about your account and order
Respond to your requests, including refunds and complaints
Process payments and prevent fraud
Set up your account for our store
Comply with any legal obligations we have, such as calculating taxes
Improve our store offerings
Send you marketing messages, if you choose to receive them
If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.
We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for 2 years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.
We will also store comments or reviews, if you choose to leave them.
SECTION 6_2 – Behavioral advertising
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
SECTION 7 – Contact us
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at rotekita.art@gmail.com or by mail using the details provided below:
Address: Kibbutz Dafna, Upper-Galilee, 1223500, Israel P.O.B. 200
SECTION 8 – Additional information
SECTION 8_1 – Additional information about Data collection and processing
SECTION 8_1_1 – Legal action
The User’s Personal Data may be used for legal purposes by the Owner in Court or in the stages leading to possible legal action arising from improper use of this Application or the related Services.
The User declares to be aware that the Owner may be required to reveal personal data upon request of public authorities.
SECTION 8_1_2 – Additional information about User’s Personal Data
In addition to the information contained in this privacy policy, this Application may provide the User with additional and contextual information concerning particular Services or the collection and processing of Personal Data upon request.
SECTION 8_1_3 – System logs and maintenance
For operation and maintenance purposes, this Application and any third-party services may collect files that record interaction with this Application (System logs) use other Personal Data (such as the IP Address) for this purpose.
SECTION 8_1_4 – Information not contained in this policy
More details concerning the collection or processing of Personal Data may be requested from the Owner at any time. Please see the contact information at the beginning and end of this document.
SECTION 8_1_5 – How “Do Not Track” requests are handled
This Application does not support “Do Not Track” requests.
To determine whether any of the third-party services it uses honor the “Do Not Track” requests, please read their privacy policies.
SECTION 8_2 – How we protect your data
SECTION 8_2_1 – Methods of processing
The Owner takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.
The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Owner, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of this Application (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Owner. The updated list of these parties may be requested from the Owner at any time.
SECTION 8_2_2 – Legal basis of processing
The Owner may process Personal Data relating to Users if one of the following applies:
- Users have given their consent for one or more specific purposes. Note: Under some legislations the Owner may be allowed to process Personal Data until the User objects to such processing (“opt-out”), without having to rely on consent or any other of the following legal bases. This, however, does not apply, whenever the processing of Personal Data is subject to European data protection law;
- provision of Data is necessary for the performance of an agreement with the User and/or for any pre-contractual obligations thereof;
- processing is necessary for compliance with a legal obligation to which the Owner is subject;
- processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Owner;
- processing is necessary for the purposes of the legitimate interests pursued by the Owner or by a third party.
In any case, the Owner will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
SECTION 8_3 – What data breach procedures we have in place
SECTION 8_4 – What third parties we receive data from
SECTION 8_5 – What automated decision making and/or profiling we do with user data
SECTION 8_6 – Industry regulatory disclosure requirements
SECTION 8_7 – Definitions and legal references
SECTION 8_7_1 – Personal Data (or Data)
Any information that directly, indirectly, or in connection with other information – including a personal identification number – allows for the identification or identifiability of a natural person.
SECTION 8_7_2 – Usage Data
Information collected automatically through this Application (or third-party services employed in this Application), which can include: the IP addresses or domain names of the computers utilized by the Users who use this Application, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User’s IT environment.
SECTION 8_7_3 – User
The individual using this Application who, unless otherwise specified, coincides with the Data Subject.
SECTION 8_7_4 – Data Subject
The natural person to whom the Personal Data refers.
SECTION 8_7_5 – Data Processor (or Data Supervisor)
The natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller, as described in this privacy policy.
SECTION 8_7_6 – Data Controller (or Owner)
The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of this Application. The Data Controller, unless otherwise specified, is the Owner of this Application.
SECTION 8_7_7 – This Application
The means by which the Personal Data of the User is collected and processed.
SECTION 8_7_8 – Service
The service provided by this Application as described in the relative terms (if available) and on this site/application.
SECTION 8_7_9 – European Union (or EU)
Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.
SECTION 8_7_10 – Cookies
Small sets of data stored in the User’s device.
SECTION 8_8 – Legal information
This privacy statement has been prepared based on provisions of multiple legislations, including Art. 13/14 of Regulation (EU) 2016/679 (General Data Protection Regulation).
This privacy policy relates solely to this Application, if not stated otherwise within this document.
SECTION 8_9 – Minors
The Site is not intended for individuals under the age of 18.
SECTION 9 – Changes to this privacy policy
The Owner reserves the right to make changes to this privacy policy at any time by giving notice to its Users on this page and possibly within this Application and/or – as far as technically and legally feasible – sending a notice to Users via any contact information available to the Owner. It is strongly recommended to check this page often, referring to the date of the last modification listed at the bottom.
Should the changes affect processing activities performed on the basis of the User’s consent, the Owner shall collect new consent from the User, where required.