Last Updated March 15, 2018
shopjcavallo.com is certified Level 1 PCI DSS compliant. We are very serious about securely hosting our online store and have invested significant time and money to certify our solution is PCI compliant. From annual on-site assessments validating compliance to continuous risk management, we work really hard to ensure our shopping cart software and e-commerce hosting is secure.
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service or Privacy Statement
The Information We Collect
Personal Data. Personal Data is information that identifies you or can be used to identify or contact you (collectively, "Personal Data"). Such Personal Data my include your name, address, email address, telephone number, birthdate (primarily for eligibility purposes). When registering to become a member ("Member") on our Site, you will be required to provide us with Personal Data.
Billing Information. If you wish to purchase a produce or service through the Site, you will be required to provide certain information in addition to the Personal Data noted above. Such information my include a credit card number, PayPal account number, and similar information (collectively, "Billing Information").
Other Information and Cookies. In addition to the Personal Data and Billing Information noted above that you voluntarily provide to us, we may collect additional information (collectively, "Other Information"). Such Other Information my include (i) information that we automatically collect when you visit the Site, such as you IP address, internet service provider, browser type and language, referring and exit pages and URLs, date and time of your visit, amount of time spent on particular pages, what sections of the Site you visit, number of links you click while in the Site, and similar information concerning your use of the Site; and (ii) additional information that you voluntarily provide to us regarding you use and interest in our programs, offers, products, and services.
Here is a list of cookies that we use. We’ve listed them here so you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
The Information Collected by or Through Third-Party Companies
Behavioral Targeting / Re-Targeting
How We Use and Share Your Information:
Third Party Services:
J. Cavallo, like many businesses, sometimes hires other companies to perform certain business-related functions. For example, we may pass your Personal Data and Billing Information to our designated service providers in order to process payments, ship products, send mailings, and maintain databases. When we employ another company to perform a function of this nature, we provide the company only with the information they need to perform their specific function. These companies are authorized to use your personal data only as necessary to provide these services to us.
We may share your Personal Data and Other Information with our third-party promotional and marketing partners, including, without limitation, businesses participating in our various programs. If you do not want us to share your personal information with these companies, please contact us.
J. Cavallo may sponsor promotions or contests directly or through third parties, or J. Cavallo may enter into collaborative relationships with other third parties on the Site. If you participate in these activities or events, you may be asked to provide Personal Data or to answer questions that seek your personal data. Participation in these promotions or contests is completely voluntary and you therefore have a choice whether or not to disclose this information.
In an ongoing effort to better understand our users and our Site, we might analyze the Other Information in aggregate form in order to operate, maintain, manage, and improve the Site. This aggregate information does not identify you personally. We may share this aggregate data with our affiliates, agents, and business partners. We may also disclose aggregated user statistics in order to describe our products and the Site to current and prospective business partners and to other third parties for other lawful purposes.
J. Cavallo may disclose your Personal Data, Billing Information, and/or Other Information if required to do so by law or in the good-faith belief that such action is necessary to (a) comply with a subpoena or legal obligation (b) protect and defend the rights or property of J. Cavallo, (c) act in urgent circumstances to protect the personal safety of Members or other users of the Site or the public (d) protect against legal liability or (e) any third party with your prior consent.
As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, Personal Data, Billing Information, and Other Information may be part of the transferred assets. You will be notified via email and/or a prominent notice on our Site of any change in ownership or uses of your personal data, as well as any choices you may have regarding your personal data.
Information Posted On Public Forums
ANY INFORMATION (INCLUDING PERSONAL DATA) THAT YOU POST IN ANY PUBLIC FORUM ON OUR SITE IS PUBLIC INFORMATION AND MAY BE SEEN, COLLECTED, OR USED FOR ANY REASON BY ANYONE, INCLUDING THIRD PARTIES NOT AFFILIATED WITH J. CAVALLO. You should think carefully before disclosing any information in any Public Forum on our Site.
Accessing, Modifying and Deleting Personal Data and Communication Preferences:
You may access, review, delete, and/or make changes to Personal Data that you have provided to us by clicking on “My Account" on our Site or by emailing us at email@example.com. We will respond to your request to access personal data within 30 days. In addition, you may manage your receipt of marketing and non-transactional communications by clicking the “unsubscribe” link located at the bottom of any J. Cavallo marketing emails or by emailing your request to firstname.lastname@example.org. We will use commercially reasonable efforts to process such requests in a timely manner. You should be aware, however, that it is not always possible to completely remove or modify information in our subscription databases. You cannot opt out of receiving transactional emails related to your account with J. Cavallo.
We will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Important Notices to Non-U.S. Residents/Safe Harbor Certification:
J. Cavallo complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from European Union member countries and Switzerland. J. Cavallo has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view our certification, please visit http://www.export.gov/safeharbor/.
Under California Civil Code Section 1798.83, California residents who have an established business relationship with us may choose to opt out of our sharing your Personal Data with third parties for direct marketing purposes. If you are a California resident and you have already granted us this permission and (1) you now wish to opt out; or (2) you wish to request certain information regarding our disclosure of your Personal Data to third parties for direct marketing purposes, please contact us as described in the “How to Contact Us” section below.
A Special Note Regarding Children
The Site is not directed to children under the age of 13. We adhere to the Children’s Online Privacy Protection Act (“COPPA”) and will not knowingly register or otherwise collect Personal Data from any child under the age of 13. We ask that minors under the age of 13 not submit any Personal Data to us. If a child under the age of 13 has provided us with Personal Data, a parent or guardian of that child may contact us as described in the “How to Contact Us” section below and request that such information be deleted from our records.
Links to Other Websites
We have reasonable security measures in place intended to protect against the loss, misuse or alteration of Personal Data, Billing Information, and Other Information that we have collected from you at the Site. However, we are unable to guarantee that the security measures we take will not be penetrated or compromised, or that your Personal Data will remain secure under all circumstances.
When you enter sensitive information (such as a credit card number) on our order forms, we encrypt the transmission of that information using secure socket layer technology (SSL). If you have any questions about security on our Site, you can contact us at email@example.com.
How to Contact Us