Welcome to ONA!
Information from customers
What information do we collect from our customers and why?
- We collect our customers’ name, email, shipping and billing address, payment details, company name, phone number,IP address, information about orders you initiate, and information about the device and browser you use.
- We use this information to provide customers with the Services, including supporting and processing orders, risk and fraud screening, authentication, and payments. We also use this information to improve our Services.
- We use some of the personal information you provide us to conduct some level of automated decision-making –for example, we use certain personal information (for example, IP addresses or payment information) to automatically block certain potentially fraudulent transactions for a short period of time.When do we collect this information?
When do we collect this information?
- We collect this information when you use or access a store or a website that uses our Services, such as when you place an order or sign up for an account
- Additionally, we partner with third parties who provide us information about our customers, for example to help us screen out potential fraud.
When and why do we share this information with third parties?
- ONA works with a variety of third parties and service providers to help provide our merchants with the Services and we may share personal information with them to support these efforts.
- We may also share your information in the following circumstances:
- to prevent, investigate, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service or any other agreement related to the Services, or as otherwise required by law.
- to conform to legal requirements, or to respond to lawful court orders, subpoenas, warrants, or other requests by public authorities (including to meet national security or law enforcement requirements).
- Personal information may also be shared with a company that acquires our business, whether through merger,acquisition, bankruptcy, dissolution, reorganization, or other similar transaction or proceeding.
Information from cookies and similar tracking technologies
What is a cookie? A cookie is a small amount of data, which may include a unique identifier. Cookies are sent to your browser from a website and stored on your device. We assign a different cookie to each device that accesses ourwebsite.
- Opting out: You can opt out of targeted ads served via specific third party vendors by visiting the DigitalAdvertising Alliance’s Opt-Out page.
- We may also use web beacons, software development kits, and other automated tracking methods on our websites,in communications with you, and in our products and services, to measure performance and engagement.
- Please note that because there is no consistent industry understanding of how to respond to “Do Not Track”signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.
For how long do we retain your personal information?
- In general, we keep your personal information throughout your relationship with us.
- Once you terminate your relationship with us, we generally will continue to store archived copies of your personal information for legitimate business purposes such as to defend a contractual claim or for audit purposes and to comply with the law, except when we receive a valid erasure request.
- We will continue to store anonymous or anonymized information, such as website visits, without identifiers, in order to improve our Services.
What we don’t do with your personal information
- We do not and will never share, disclose, sell, rent, or otherwise provide personal information to other companies for the marketing of their own products or services.
How do we keep your personal information secure?
- We follow industry standards on information security management to safeguard sensitive information, such as financial information, intellectual property, employee details and any other personal information entrusted tous. Our information security systems apply to people, processes and information technology systems on a risk management basis.
- We perform annual audits to ensure our handling of your credit card information aligns with industry guidelines. We are certified as a PCI DSS Level 1 compliant service provider, which is the highest level of compliance available, and our platform is audited annually by a third-party qualified security assessor.
- No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee the absolute security of your personal information.