Privacy Policy

Introduction

Welcome to ONA!

As part of our mission to help make commerce better for everyone, ONA Inc. and its affiliates collect and process a lot of information. This Privacy Policy is intended to help you better understand how we collect, use and store your personal information—that uses ONA’s products or services (together, the “Services”), or whether you’re simply visiting this website. By using any of ONA’s Services you are agreeing to the terms of this Privacy Policy and, as applicable, the ONA Terms of Service. We may update this Privacy Policy from time to time in order to reflect, for example, changes to our privacy practices or for other operational, legal, or regulatory reasons. If we make material changes to this Privacy Policy, we will give you notice of such changes by posting the revised policy on this Website, and where appropriate, by other means. By continuing to use this Website or the Support Service after these changes are posted, you agree to the revised policy.

Information from customers

What information do we collect from our customers and why?

  • We collect our customers’ name, email, shipping and billing address, payment details, company name, phone number,IP address, information about orders you initiate, and information about the device and browser you use.
    • We use this information to provide customers with the Services, including supporting and processing orders, risk and fraud screening, authentication, and payments. We also use this information to improve our Services.
  • We use some of the personal information you provide us to conduct some level of automated decision-making –for example, we use certain personal information (for example, IP addresses or payment information) to automatically block certain potentially fraudulent transactions for a short period of time.When do we collect this information?

When do we collect this information?

  • We collect this information when you use or access a store or a website that uses our Services, such as when you place an order or sign up for an account
  • Additionally, we partner with third parties who provide us information about our customers, for example to help us screen out potential fraud.

When and why do we share this information with third parties?

  • ONA works with a variety of third parties and service providers to help provide our merchants with the Services and we may share personal information with them to support these efforts.
  • We may also share your information in the following circumstances:
    • to prevent, investigate, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service or any other agreement related to the Services, or as otherwise required by law.
    • to conform to legal requirements, or to respond to lawful court orders, subpoenas, warrants, or other requests by public authorities (including to meet national security or law enforcement requirements).
  • Personal information may also be shared with a company that acquires our business, whether through merger,acquisition, bankruptcy, dissolution, reorganization, or other similar transaction or proceeding.

Information from cookies and similar tracking technologies

What is a cookie? A cookie is a small amount of data, which may include a unique identifier. Cookies are sent to your browser from a website and stored on your device. We assign a different cookie to each device that accesses ourwebsite.

Why does ONA use cookies and similar tracking technology?

  • We use cookies to recognize your device and provide you with a personalized experience on our websites, or otherwise through the Services. We also use cookies as part of the Services, for example to operate the shopping cart for our stores.
  • We also use cookies to serve targeted ads from Google, Facebook, Bing, and other third-party vendors.
  • Our third-party advertising partners use cookies to track your prior visits to our websites and elsewhere on the Internet in order to serve you targeted ads. For more information about targeted or behavioral advertising,please visit https://www.networkadvertising.org/understanding-online-advertising.
  • Opting out: You can opt out of targeted ads served via specific third party vendors by visiting the DigitalAdvertising Alliance’s Opt-Out page.
  • We may also use web beacons, software development kits, and other automated tracking methods on our websites,in communications with you, and in our products and services, to measure performance and engagement.
  • Please note that because there is no consistent industry understanding of how to respond to “Do Not Track”signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.

For how long do we retain your personal information?

  • In general, we keep your personal information throughout your relationship with us.
  • Once you terminate your relationship with us, we generally will continue to store archived copies of your personal information for legitimate business purposes such as to defend a contractual claim or for audit purposes and to comply with the law, except when we receive a valid erasure request.
  • We will continue to store anonymous or anonymized information, such as website visits, without identifiers, in order to improve our Services.

What we don’t do with your personal information

  • We do not and will never share, disclose, sell, rent, or otherwise provide personal information to other companies for the marketing of their own products or services.

How do we keep your personal information secure?

  • We follow industry standards on information security management to safeguard sensitive information, such as financial information, intellectual property, employee details and any other personal information entrusted tous. Our information security systems apply to people, processes and information technology systems on a risk management basis.
  • We perform annual audits to ensure our handling of your credit card information aligns with industry guidelines. We are certified as a PCI DSS Level 1 compliant service provider, which is the highest level of compliance available, and our platform is audited annually by a third-party qualified security assessor.
  • No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee the absolute security of your personal information.