1. Collection and Use of Personal Information
When you make a purchase from ComorStore, we collect personal information such as your name, address, and email address as part of the buying and selling process. Additionally, when you browse our website, we automatically receive your computer’s internet protocol (IP) address to understand your browser and operating system. With your consent, we may send you emails regarding our store, new products, and updates.
How do we obtain your consent?
By providing us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery, or process a return, you are deemed to have consented to our collection and use of that information for the specific purpose stated. In instances where we request your personal information for secondary purposes such as marketing, we will either seek your explicit consent or provide you with an opportunity to opt out.
How do you withdraw your consent?
If you change your mind after opting in, you may withdraw your consent for us to contact you or continue collecting, using, or disclosing your information at any time. Please contact us at [email protected] or mail us at [email protected] to withdraw your consent.
3. Disclosure of Personal Information
We may disclose your personal information if required by law or if you violate our Terms of Service.
4. Hosting and Payment Processing
Our store is hosted on ShopBase, which provides us with the online e-commerce platform for selling our products and services. Your data is stored through ShopBase’s data storage, databases, and general ShopBase application on a secure server protected by a firewall.
If you choose a direct payment gateway to complete your purchase, ShopBase stores your credit card data encrypted using the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as necessary to complete the transaction, after which your purchase information is deleted.
All direct payment gateways comply with PCI-DSS standards to ensure secure handling of credit card information by our store and its service providers.
5. Third-Party Services
In general, the third-party providers we use will only collect, use, and disclose your information to the extent necessary to perform the services they provide to us.
However, certain third-party service providers such as payment gateways and payment transaction processors have their own privacy policies regarding the information we must provide to complete your purchase-related transactions. We recommend reviewing their privacy policies to understand how your personal information will be handled, especially if they are located in a jurisdiction different from yours.
To protect your personal information, we take reasonable precautions and follow industry best practices to ensure it is not inappropriately lost, misused, accessed, disclosed, altered, or destroyed. Your credit card information is encrypted using secure socket layer technology (SSL) and stored with AES-256 encryption.
Access to your personal data is restricted to authorized employees, contractors, and service providers who require the information to perform their work and are bound by strict confidentiality obligations. We regularly monitor our systems for vulnerabilities and attacks, and update our security measures to enhance the protection of your personal data.
7. Data Retention
The criteria we use to determine our retention periods include:
The length of time you use our services
Whether there is a legal obligation to which we are subject
Whether retention is advisable considering our legal position (such as for statutes of limitations, litigation, or regulatory investigations)
After it is no longer necessary or relevant for us to retain your personal information, we dispose of it in a secure manner according to our data retention and deletion policies.
8. User Rights
You have certain rights with respect to your personal data, including:
- The right to request access, correction, updates, or deletion of your personal data
- The right to object to processing of your personal data
- The right to restrict processing of your personal data
- The right to data portability
- The right to withdraw consent for data processing at any time
If you wish to exercise any of these rights, please contact us using the contact information below. We will respond to requests in line with applicable laws
10. Contact Information
Email: [email protected]
Address: 428 Biltmore Ave, Asheville, NC 28801, USA
We will respond to reasonable requests as soon as possible and generally within one month as required by law. If we are unable to provide a response within one month, we will notify you of the reasons for the delay.