Privacy policy

**ARTICLE 1 - COLLECTION OF PERSONAL INFORMATION**

When you make a purchase on our store, as part of the buying and selling process, we collect the personal information you provide us, such as your name, address, and email address.

When you browse our store, we also automatically receive your computer's internet protocol (IP) address, which provides us with more details about the browser and operating system you are using.

Email Marketing (if applicable): With your permission, we may send you emails about our store, new products, and other updates.

**ARTICLE 2 - CONSENT**

How do you get my consent?

When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for delivery, or return a purchase, we assume you consent to us collecting your information and using it for that specific reason only.

If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your explicit consent or provide you with an opportunity to decline.

How do I withdraw my consent?

If after giving us your consent, you change your mind and no longer wish for us to contact you, collect your information, or disclose it, you can notify us by contacting us at info@cordesetgalop.com or by mail to Cordes & Galop: 286 Côte Sainte-Anne, Sainte-Anne-De-Beaupré (Québec) G0A 3C60 Canada.

**ARTICLE 3 - DISCLOSURE**

We may disclose your personal information if required by law or if you violate our Terms of Service.

**ARTICLE 4 - SHOPIFY**

Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.

Your data is stored in Shopify's data storage system and databases and in the general Shopify application. Your data is stored on a secure server protected by a firewall.

Payment: If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as necessary to complete your purchase. Once completed, your purchase transaction information is deleted.

All direct payment gateways adhere to PCI-DSS standards managed by the PCI Security Standards Council, which is a joint effort of companies like Visa, MasterCard, American Express, and Discover.

For more information, please refer to Shopify's Terms of Service here or Privacy Policy here.

**ARTICLE 5 - THIRD-PARTY SERVICES**

In general, the third-party providers we use will only collect, use, and disclose your information to the extent necessary to allow them to perform the services they provide to us.

However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies regarding the information we are required to provide for your purchase transactions.

We recommend that you read their privacy policies carefully to understand how they will handle your personal information.

Keep in mind that some providers may be located in or have facilities located in a different jurisdiction than either you or us. So, if you choose to proceed with a transaction involving a third-party service provider, your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.

**ARTICLE 6 - SECURITY**

To protect your personal information, we take reasonable precautions and follow industry best practices to ensure it is not lost, misused, accessed, disclosed, altered, or destroyed inappropriately.

If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.

**COOKIES**

Here is a list of cookies that we use. We've listed them here so you can choose whether to allow them or not.

_session_id: Unique session identifier used by Shopify to store session-related information (referrer, landing page, etc.).

_shopify_visit: No retained data, persists for 30 minutes from the last visit. Used by our website's provider internal tracking system to record the number of visits.

_shopify_uniq: No retained data, expires at midnight (visitor's location) the next day. Calculates the number of visits to a store by a unique customer.

cart: Unique identifier, persists for 2 weeks, stores information about your shopping cart.

_secure_session_id: Unique session identifier.

storefront_digest: Unique identifier, indefinite if the store has a password, used to determine if the current visitor has access.

**ARTICLE 7 - AGE OF CONSENT**

By using this site, you represent that you are at least the age of majority in your state or province of residence, and that you have given us your consent to allow any minor dependent on you to use this website.

**ARTICLE 8 - CHANGES TO THIS PRIVACY POLICY**

We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it.

If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.

**QUESTIONS AND CONTACT INFORMATION**

If you would like to: access, correct, amend, or delete any personal information we have about you, file a complaint, or simply want more information, contact our Privacy Compliance Officer at info@cordesetgalop.com or by mail to Cordes & Galop.

[Subject: Privacy Compliance Officer]