Our primary goals in collecting information are to provide and improve our Services, to administer your use of the Services (including your Account, if you are an Account holder), and to enable you to enjoy and easily navigate our Services.
We collect certain personally identifiable information that can be used to identify you ("PII"), in connection with your use of the Services. This PII may include: (i) your company's name (ii) your name, (iii) mailing address, (iv) telephone number, (v) email address, and, (vi) for those purchasing Products, credit card, billing and delivery information. If you create a Cima-Pak account ("Account"), we’ll also collect certain PII to populate your Account.
We also collect statistics about use of the Services and Products you Purchase through the Website. This information will be kept confidential, however, aggregate statistics that do not personally identify an individual will be kept by us and such aggregate statistics may be made available to other members or third parties.
Like many website owners and operators, we use automated data collection tools such as Cookies and Web Beacons to collect certain information.
"Web Beacons" (also known as Web bugs, pixel tags or clear GIFs) are tiny graphics with a unique identifier that may be included on our Services for several purposes, including to deliver or communicate with Cookies, to track and measure the performance of our Services, to monitor how many visitors view our Services, and to monitor the effectiveness of our advertising. Unlike Cookies, which are stored on the user’s hard drive, Web Beacons are typically embedded invisibly on web pages (or in an e-mail).
Our servers automatically record certain information about how a person uses our Services (we refer to this information as "Log Data"), including both Account holders and non-Account holders (either, a "User"). Log Data may include information such as a User’s Internet Protocol (IP) address, browser type, operating system, the web page that a User was visiting before accessing our Services, the pages or features of our Services to which a User browsed and the time spent on those pages or features, search terms, the links on our Services that a User clicked on and other statistics. We use Log Data to administer the Services and we analyze (and may engage third parties to analyze) Log Data to improve, customize and enhance our Services by expanding their features and functionality and tailoring them to our Users’ needs and preferences. We may use a person’s IP address to generate aggregate, non-identifying information about how our Services are used.
We collect certain information that your mobile device sends when you use our Services, like a device identifier, user settings and the operating system of your device, as well as information about your use of our Services.
When you use our Services, we may collect and store information about your location by converting your IP address into a rough geo-location or by accessing your mobile device’s GPS coordinates or coarse location if you enable location services on your device. We may use location information to improve and personalize our Services for you. If you do not want us to collect location information, you may disable that feature on your mobile device.
All online payments are processed via Stripe. Stripe stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is tokenized and stored to complete your transaction. After that your tokenized payment information is deleted from Stripe upon request. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers. For more insight, you may also want to read Stripe's Privacy Statement (https://stripe.com/en-ca/privacy).
We may disclose aggregated information about our users, and information that identifies no individual.
We may disclose personal information we collect or you provide:
We offer you choices regarding the collection, use and sharing of your PII and we’ll respect the choices you make. Please note that if you decide not to provide us with the PII that we request, you may not be able to access all of the features of the Services.
If you opt-in to receiving communications from us, we may periodically send you free newsletters and e-mails that directly promote our Services. When you receive such promotional communications from us, you will have the opportunity to unsubscribe "opt-out" (either through your Account, by contacting our marketing department at [email protected] or by following the unsubscribe instructions provided in the e-mail you receive).
You can access and modify the PII associated with your Account by contacting us at [email protected]. If you want us to delete your PII and your Account, please contact us at [email protected] with your request. We’ll take steps to delete your information as soon we can, but some information may remain in archived/backup copies for our records or as otherwise required by law.
Our Site does not have the capability to respond to "Do Not Track" signals received from various web browsers.
We take reasonable administrative, physical and electronic measures designed to protect the information that we collect from or about you (including your PII) from unauthorized access, use or disclosure. When you enter sensitive information on our forms, we encrypt this data using SSL encryption or other technologies. Please be aware, however, that no method of transmitting information over the Internet or storing information is completely secure. Accordingly, we cannot guarantee the absolute security of any information.
Your PII may be transferred to, and maintained on, servers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. For example, our servers are located in the Canada. If you’re located outside Canada and choose to provide your PII to us, we may transfer your PII to Canada and process it there. Accordingly, your PII may be available to government of Canada and their agencies, under lawful request, regardless of the mechanism we have put in place to protect your personal information.