Privacy Policy
SECTION 1 - WHAT DO WE DO WITH YOUR INFORMATION?
When you purchase something from our platform, as part of the transaction process, we gather the personal information you provide us such as your name, address, and email address.
When you browse our platform, we also automatically capture your computer’s internet protocol (IP) address, aiding us in acquiring insights about your browser and operating system.
Email promotions (if applicable): With your consent, we may send you emails regarding Hipi, our new offerings, and other news.
SECTION 2 - CONSENT
How do we obtain your consent?
When you supply us with personal details to finalize a deal, authenticate your credit card, place a request, or organize a delivery or return, we infer that you agree to us gathering and utilizing it for that specific purpose alone.
Should we need your personal data for another reason, such as for marketing, we'll either directly seek your explicit consent or grant you an opportunity to decline.
How can you retract your consent?
If you decide to opt-out post your initial agreement, you can retract your consent for us to get in touch with you or for the ongoing collection, use, or disclosure of your data, anytime, by reaching out to us at admin@hipi.co.nz.
SECTION 3 - DISCLOSURE
We might disclose your personal data if mandated by law or if you breach our Terms of Use.
SECTION 4 - SHOPIFY X
Hipi is hosted on Shopify Inc. This provides us the online commerce infrastructure enabling us to offer our products and services.
Your data is safeguarded within Shopify’s storage, databases, and the overarching Shopify application. They secure your data behind a fortified firewall.
Payment:
Should you opt for a direct payment gateway for your purchase, Shopify safeguards your credit card details. The data is encrypted as per the Payment Card Industry Data Security Standard (PCI-DSS). The details related to your purchase transaction are retained only until the completion of the transaction. Post this, the purchase transaction details are erased.
All direct payment gateways align with the standards set by PCI-DSS, regulated by the PCI Security Standards Council, involving brands like Visa, MasterCard, American Express, and Discover.
PCI-DSS guidelines assure the safe management of credit card data by Hipi and our service providers.
For a deeper understanding, consider reading Shopify’s Terms of Service or their Privacy Statement.
SECTION 5 - THIRD-PARTY SERVICES
Typically, the third-party providers we employ will only gather, use, and disclose your information as necessary for them to deliver their services to Hipi.
However, some third-party service providers, especially payment gateways and other payment transaction processors, have their distinct privacy policies concerning the information we need to provide for your transactions.
We advise you to read their privacy statements to grasp how your personal data will be managed by these providers.
Notably, some providers may be situated in or have operations in a different jurisdiction than you or us. If you proceed with a transaction involving a third-party service provider, your data might become subject to the laws of the jurisdiction(s) where that provider or its facilities are based.
Links
Clicking on links on Hipi might direct you away from our platform. We aren't accountable for the privacy practices of other sites and urge you to go through their privacy policies.
Google Analytics:
Hipi utilizes Google Analytics to help us understand our visitors and the pages they engage with.
SECTION 6 - SECURITY
We employ reasonable precautions and adhere to industry best practices to ensure your personal data is not wrongly lost, misused, accessed, disclosed, altered, or destroyed.
Providing us with your credit card details, the information undergoes encryption using secure socket layer technology (SSL) and is safeguarded with AES-256 encryption.
SECTION 7 - COOKIES
Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
PREF, persistent for a very short period, Set by Google and tracks who visits the store and from where.
SECTION 8 - AGE OF CONSENT
By using Hipi, you represent that you've attained the age of majority in your region or province, or that you are of age and have granted us consent to allow any of your minor dependents to utilize Hipi.
SECTION 9 - CHANGES TO THIS PRIVACY POLICY
We hold the right to alter this privacy policy, so we encourage regular reviews. Updates will be effective immediately upon their website upload. Significant changes to the policy will be highlighted here, ensuring you’re informed about our data collection, usage, and under what conditions, if any, we use and/or disclose it.
If Hipi undergoes acquisition or merger with another entity, your data might be transferred to the new owners to ensure continuity in offering products.
QUESTIONS AND CONTACT INFORMATION
If you wish to: access, rectify, amend, or erase any personal information we possess about you, raise a complaint, or simply require more details, contact our Privacy Compliance Officer at admin@hipi.co.nz.