Privacy Policy

Privacy Policy

Last Updated: March 29, 2019

Pusheen Corp. (“Pusheen”, “we”, “our”, or “us”) is committed to protecting your information and privacy. This Privacy Policy describes the types of information we may collect from you or that you may provide to us in connection with your access to and use of our website (www.pusheen.com), and the store and services made available at or through the website (collectively, the “Services”), and informs you about our practices concerning your information. If you have questions regarding this Privacy Policy, please contact us at http://pusheen.zendesk.com

Your use of our Services is also subject to the terms of our Terms of Service. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms of Service.

If you reside in the European Economic Area or Switzerland, please see Section 8 below titled “Supplemental Notice to EU Data Subjects.”

SECTION 1 – Information We Collect

1.1 Personal Information. The term “Personal Information” means information relating to a living person who is or can be identified from that information or from that information in conjunction with other information that is in, or comes into, our possession.

1.2 Cart and Billing Information. When you purchase something from our Services, as part of the buying and selling process, we collect the Personal Information you give us such as your name, address, email address, and billing address (“Billing Information”). In the event that you reach the checkout and fill out your Personal Information but decide to abandon your cart, your cart and Personal Information will still be stored in our system as an abandoned cart (collectively, “Abandoned Cart Information”). Abandoned Cart Information can be deleted at your request at any time. We may also send you an automated e-mail within 24 hours of abandoning your cart to remind you to complete your purchase.

1.3 Usage Information. When you browse our Services, we also automatically receive information, which may include Personal Information, regarding your access to and use of our Services. This information includes your computer’s internet protocol (IP) address, in order to provide us with information that helps us learn about your browser type, operating system, device type, language, referring website URLs, log files, pages on our website that you visit and links that you click on (collectively, “Usage Information”).

1.4 Payment Information. Our store is hosted by Shopify Inc. Shopify provides us with the online e-commerce platform that allows us to sell our products and services to you. When you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Shopify stores your purchase transaction data only as long as is necessary to complete your purchase transaction. After your purchase transaction is complete, Shopify deletes your purchase transaction data. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers. For more insight, you may also want to read Shopify’s Terms of Service here or Privacy Policy here.

SECTION 2 – Use of Information We Collect

2.1 Transaction and Billing. We use information you submit, including Personal Information, to process your transactions. We utilize Shopify applications to detect fraud, verify your credit card, provide shipping rates, prevent purchases in excess of applicable limits, process, ship and complete purchase orders.

2.2. Customer Service and Technical Support. We may contact you using the information you provide in order to respond to inquiries you send us, to communicate with you regarding our Services (e.g., updates about our store, including new products),
and to market our Services to you. If you do not wish to receive such emails, you can choose to opt-out of receipt using the unsubscribe link within each email. We utilize Shopify applications for these purposes and to assist customers with exchanges and returns. You may also opt-in to receive email notifications when products are back in stock.

2.3 Operation and Improvement of our Services. We use your information, including Personal Information, to operate our business and provide the Services to you. We use information to personalize the Services we provide to you. We may use your information to verify your identity, for fraud prevention, to enforce the Terms of Service, and to protect the integrity of our Services. We may also use your information to develop new Services and to improve the quality of our Services.

2.4 Upon Consent. Before we use your Personal Information for a purpose other than identified in this Privacy Policy, we will either ask you directly for your consent to such use or provide you with an opportunity to say no to us using your Personal Information for a secondary reason. If you change your mind, you may withdraw your consent at any time by contacting us at support@heychickadee.com.

SECTION 3 – Information Sharing and Disclosure

3.1 Service Providers. We may share your information, including Personal Information, with third-party services providers who assist us in providing the Services to you and operating our business. We use the following Shopify Apps to assist us in providing our Services to you and operating our business:

Advanced Shipping Rules – Uses customer’s shipping address and order content to calculate shipping rates.

Back in Stock – Allows us to collect customer email addresses so customers can be automatically notified when a product comes back into stock. Customers may opt-in to this service (and subsequently opt out).

Exchange It – Allows us to provide customers the option to exchange items in an order or to exchange items after they have received their order.

Fraud Filter – Allows us to block certain customers from placing orders or automatically cancels their orders if our fraud detector detects that possible fraud is occurring.

Intuit QuickBooks Online – Shares order data with QuickBooks to use for accounting.

Locksmith – Allows us to lock collections and product pages so they are accessible only to customers who meet certain parameters (are logged in to their Hey Chickadee account and also subscribed to the Hey Chickadee Newsletter).

Loyalty Points, VIP, Referral Programs by Smile.io – Uses customer data to offer loyalty, referral, and VIP rewards to customers.

MailChimp for Shopify – Exchanges data with Mailchimp.

OrderLogic – Prevents customers from placing orders for more of an item than we allow (ex: limit 2 per customer).

PageFly – Allows us to create more customizable collection pages and product pages within Shopify to improve user experience. Has access to email addresses, browser user agents, and IP addresses.

Parcelify – Uses customer data to provide shipping rates.

Returnly – Allows customers to return and exchange items purchased. Sends customers emails about their returns and PDF attachments with pre-paid shipping labels. This app does not process payments for customers.

Returns Management System – used to process returns.

SendOwl – Hosts and delivers digital content for purchase. Works with Shopify to securely deliver content to customers via emails with unique links.

ShipStation – Exchanges order data with Shopify to process and fulfill orders.

Shipping Calculator Adder – Uses order data to display shipping rate before customers place their order.

Shipping Rates Calculator Plus – Uses order data to display shipping rates to customers.

SimplyCost – Uses order data to calculate profits/losses.

Zendesk – Utilizes data from Shopify for the purpose of customer care. Customers also opt-in to submit their data when submitting a ticket through our Customer Care page.

The third-party service providers we use will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us. However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions. For these providers, we recommend that you read their privacy policies, so you can understand the manner in which your Personal Information will be handled by these providers in order for them to provide their services to us. In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. Therefore, if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located. As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.

Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service. When you click on links on our store, they may direct you away from our website. We are not responsible for the privacy practices of other websites and encourage you to read their privacy statements.

3.2 As Required By Law. We may disclose your information, including Personal Information, as required by law, such as in response to a court order, subpoena, lawful demand by a public authority, or similar legal process.

3.3. To Protect Our Business. We may disclose your information, including Personal Information, if we believe it is necessary to protect our property and/or rights, to protect the safety of the public or any person, in the event of a legal dispute, or to prevent or stop activity we believe may pose a risk of being illegal, unethical, or in violation of our Terms of Service.

3.4 Business Transfers. We may sell, assign, transfer, or otherwise share some or all of our assets in connection with a merger, acquisition, reorganization or sale of assets or in the event of bankruptcy. We may disclose or share your Personal Information in connection with such business transfers.

3.5 Google Analytics. Our Services use Google Analytics to help us learn about who visits our Services and what pages are being looked at in order to bring you a better experience and for marking and advertising purposes. We collect data using Google Analytics for the following reasons:

Display and search remarketing;
Advertising reporting;
Age, gender, and interest reporting; and
Cookies to store user-specific preferences
Read Google’s Privacy Policy for more information about how Google collects and uses your information and the privacy controls provided by Google.

SECTION 4 – Policy Regarding Children

Our Services are not intended for persons under 16 years of age. By using our Services, you represent that you are at least 16 years of age or the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given your consent to allow any of your minor dependents to use our Services. If you are a parent or guardian and believe that your minor dependent has provided us with Personal Information without your consent, please contact us at support@pusheen.com.

SECTION 5 – Security

We take reasonable precautions and follow generally accepted industry standards to protect the information we collect, including your Personal Information, against accidental or unlawful destruction, loss or alteration, unauthorized disclosure or access, misuse, and other unauthorized processing.

If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.

Shopify stores your information, including Personal Information, in its data storage, databases, and general Shopify application on a secure server behind a firewall.

We cannot, and do not, guarantee the security of any information you transmit to us or store on the Services, and you do so at your own risk. We also cannot, and do not, guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or administrative safeguards. If you believe your Personal Information has been compromised, please contact us at support@heychickadee.com.

SECTION 6 – Cookies and Similar Technologies

We utilize technologies to recognize you when you access or use our Services, track your interactions with our Services, personalize your experience, and market to you. These technologies include cookies, web beacons, pixels and similar devices. You maintain control over some of the information we collect through the use of such technologies through your browser setting preferences. If you choose not to accept cookies and similar devices, you may not be able to access all portions or functionality of the Services.

Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.

_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).

_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits.

_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.

cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.

_secure_session_id, unique token, sessional.

storefront_digest, unique token, indefinite, If the shop has a password, this is used to determine if the current visitor has access.

PREF, persistent for a very short period, Set by Google and tracks who visits the store and from where.

_ab, _orig_referrer, _secure_session_id, cart, cart_sig, cart_ts, cart_currency, checkout_token, Secret, storefront_digest, persistent for 2 weeks, necessary for functional use of store features, customer accounts, and user checkout

secure_customer_sig, persistent for 1 day, checks for a secure customer login.

__olAlertsForShop, sessional, tracks alert data for notifying users of store updates.

_landing_page, _orig_referrer, persistent for 2 weeks, used to track customer landing pages and referrer.

_shopify_fs, _shopify_s, _shopify_sa_p, _shopify_sa_t, _shopify_uniq, _shopify_visit, _shopify_y, _y, persistent for 2 weeks, used for tracking and reporting storefront analytics.

tracked_start_checkout, tracks storefront analytics related to the customer checkout process.


SECTION 7 – Your California Privacy Rights

We do not share your Personal Information with third parties for their direct marketing purposes without your consent.

SECTION 8 – EU DATA SUBJECT RIGHTS

8.1 Lawful Grounds. If you reside in the European Economic Area or Switzerland (collectively the “EU”), we rely on the following lawful grounds under the General Data Protection Regulation (“GDPR”) to process (collect, store, and use) your Personal Information: (a) it is necessary for the performance of a contract; (b) our or a third party’s legitimate business interest; or (c) your consent.

8.2 Data Transfer Notice. We are located in the United States and process all data in the United States. When you enter a contract with us, it is necessary for our performance of the contract to transfer and process your Personal Information in the United States. Section 3.1 provides additional information about processing by our third-party service providers.

8.3 Individual Rights. You may contact us at support@pusheen.com or heychickadee.zendesk.com to request access to, transfer of, and rectification or erasure of your Personal Information, or restriction of processing, or to object to processing of your Personal Information. Please specify the nature of your request and the information that is the subject of your request. We may require you to submit additional information necessary to verify your identity and status as an EU data subject. If you are a visitor or user of our Services, we will respond to your request directly within 30 days.

If we are processing your Personal Information based upon the lawful ground of your consent, you have the right to withdraw your consent for such processing at any time without affecting the lawfulness of processing based on consent before it is withdrawn. To withdraw consent, email us at support@pusheen.com or contact us at http://pusheen.zendesk.com.

8.4 Retention. At a minimum, we will retain your personal data for a long as necessary for the purpose in which it was collected such as to perform a contract, for our or a third party’s legitimate interest, or your consent.

SECTION 9 – Changes to this Privacy Policy

We may make changes to the Privacy Policy from time to time. Changes will take effect immediately upon their posting on our Services. You should review this Privacy Policy each time you access or use our Services. Your continued use of Services following posting of any changes constitutes your agreement to such changes.

SECTION 10 – Questions and Contact Information

If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information, please contact our Privacy Compliance Officer at http://pusheen.zendesk.com or email us at support@pusheen.com.