Privacy Policy

Security and protection of your personal data when visiting our website

Oloorì Athletics (referred to hereafter as "Oloorì Athletics" or "we" or "Oloorì" or "Oloori") takes the protection of your personal data very seriously and uses extreme care and the most advanced security standards to guarantee it.

We consider it our overriding responsibility to safeguard the confidentiality of the personal data provided by you and to protect them from unauthorized access.

 

Definitions

In order to ensure a transparent and easily understandable declaration regarding the processing of your personal data, we would like to inform you about the individual legal definitions used in this privacy policy:

  1. Personal data
    "Personal data" means any information relating to an identified or identifiable natural person (hereafter referred to as "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
  2. Processing
    "Processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
  3. Restriction of processing
    "Restrictions on processing" means the marking of stored personal data with the aim of limiting their processing in the future.
  4. Profiling
    "Profiling"  means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
  5. Pseudonymization
    "Pseudonymization" means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
  6. Filing system
    "File system" means any structured set of personal data which are accessible according to specific criteria, whether centralized, decentralized, or dispersed on a functional or geographical basis.
  7. Data controller
    "Data controller" means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
  8. Processor
    "Processor" means a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.
  9. Recipient
    "Recipient" means a natural or legal person, public authority, agency, or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
  10. Third-party
    "Third-party" means a natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
  11. Consent
    "Consent" of the data subject means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her. 

 

Lawfulness of processing

Processing shall be lawful only if there is a legal basis for processing data. Pursuant to Article 6 paragraph 1 points (a) – (f) GDPR such legal basis for processing data can be in particular:

  1. the data subject has given consent to the processing of his or her personal data for one or more specific purposes;
  2. processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
  3. processing is necessary for compliance with a legal obligation to which the controller is subject;
  4. processing is necessary in order to protect the vital interests of the data subject or of another natural person;
  5. processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
  6. processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child. 

 

CONSENT

How do you get my consent?

When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent or provide you with an opportunity to say no.

How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use, or disclosure of your information, at any time, by contacting us at support@oloori.com

 

RETENTION

When you place an order through the Site, we will retain your Personal Information for our records unless and until you ask us to erase this information. For more information on your right of erasure, please see the ‘Your rights’ section below.

 

GDPR

If you are a resident of the EEA, you have the right to access the Personal Information we hold about you, to port it to a new service, and to ask that your Personal Information be corrected, updated, or erased. If you would like to exercise these rights, please contact us through the contact information below

Your Personal Information will be initially processed in Ireland and then will be transferred outside of Europe for storage and further processing, including to Canada and the United States. For more information on how data transfers comply with the GDPR, see Shopify’s GDPR Whitepaper: https://help.shopify.com/en/manual/your-account/privacy/GDPR.

 

CCPA

The California Consumer Privacy Act (CCPA) provides you with rights regarding how your data or personal information is treated. Under the legislation, California residents can choose to opt-out of the “sale” of their personal information to third parties. Based on the CCPA definition, “sale” refers to data collection for the purpose of creating advertising and other communications. Learn more about CCPA and your privacy rights.

How to opt-out

By clicking on the link below, we will no longer collect or sell your personal information. This applies to both third-parties and the data we collect to help personalize your experience on our website or through other communications. For more information, view our privacy policy.

To be eligible to opt-out, you must be browsing from California.

 

Collection of personal data during a visit to our website

In case of a merely informative use of the website, i.e. if you do not register, buy something, or disclose to us data in other ways, we collect only those personal data which your browser transmits to our server. If you visit our website, we collect the data below which are technically necessary for us to show you our website and ensure its stability and security (the legal basis for this is Art. 6 paragraph 1 clause 1 point (f) GDPR):

  • IP address
  • Date and time of your inquiry
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (actual page)
  • Access status/HTTP status code
  • Transmitted data volume
  • The website from which the request is received
  • Browser
  • Operating system and its interface
  • Language and version of the browser software.

Information about the collection of personal data – (email, contact form, customer account, and online shop)

(1) In what follows we inform you about the collection of your personal data when you use our website (contact Us, customer account, and online shop)

If you contact us by email or via our Contact Us page, the data disclosed by you to us (email address, if necessary your name and your telephone number) are stored by us to allow us to answer your

questions. We erase the data collected in this context after storage is no longer necessary or if processing is restricted or of there exist legal retention obligations. 

(3) If you buy products via our website or if you open a customer account for the administration of your current or future orders, we collect for this purpose the data that we need for the performance of the contract. These can be seen in the respective input fields for registration (customer account) or the purchase order form. When you place an order, we need as a minimum the obligatory data marked with a star (*). We use these data pursuant to Art. 6 paragraph 1 clause 1 point (b) GDPR for the performance of the contract and for handling your inquiries. 

Our shop is hosted by Shopify Inc. Shopify offers us an e-commerce platform that allows us to sell our goods and services to you.

Your data are administered via data storage, a database, and generally the Shopify app. Shopify stores your data on a secure server behind a firewall.

 

MINORS

By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site. We do not intentionally collect Personal Information from children. If you are the parent or guardian and believe your child has provided us with Personal Information, please contact us at the address below to request deletion.

 

PAYMENT

If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).

 

THIRD-PARTY SERVICES

In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.

 

Links

When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
Google analytics:
Our store uses Google Analytics to help us learn about store visits and the pages being viewed.


Newsletter

(1) With your consent you may subscribe to our Newsletter in which we inform you about our current special offers. The promoted goods and services are described in the declaration of consent. The legal basis is Art. 6 paragraph 1 clause 1 point (a) GDPR.

(2) We use the so-called double-opt-in procedure for the application to our Newsletter, meaning that following your application we send you an email to the indicated email address in which we ask you to confirm that you requested a subscription to the Newsletter. If you do not confirm your application within 24 hours, your information will be blocked and erased automatically after one month. In addition, we store the IP addresses you used and the time of your application and confirmation. The purpose is to have proof of your application and if necessary to be able to clarify a possible misuse of your personal data.

(3) The only obligatory information for the subscription to our Newsletter is your email address. The provision of additional, separately marked data is voluntary and is used in addressing you personally. After your confirmation, we store your email address for the purpose of sending you the Newsletter.

(4) You may withdraw your consent to the subscription of the Newsletter at any time and you may cancel the Newsletter at any time. You may confirm the withdrawal by clicking on the link provided in each e-mailed Newsletter or by sending a message to the contact data indicated in the imprint.

 

Use of external tools on our website

We have integrated various tools from different companies with our website which allow us to analyze user behavior or establish links with other websites.

For this purpose, we work with the following service providers:

 

Google Analytics

The third-party data processor has integrated the component Google Analytics on this website (with anonymization function).

Google Analytics is a website analysis service. Website analysis refers to the collection, recording, and analysis of data regarding the behavior of visitors to the website. A website analysis service records e.g. data showing from which website a data subject has come to a website (so-called referrer), which subpages of the website were accessed, or how often and how long a subpage was viewed. Website analysis is used mainly for the optimization of a website and for a cost-benefit analysis of Internet adverting.

Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA, is the operator of the Google Analytics component.

Google Analytics uses cookies. The information about your use of our website generated by the Google Analytics cookie is normally transmitted to a Google server in the USA and stored there. Google might disclose these personal data collected via the technical procedure to third parties.

However, when you activate IP anonymization on our website, Google shortens your IP address within the Member States of the European Union or in other countries that are parties to the European Marketing Area Treaty. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. Google uses this information to analyze your use of the website in order to compile a report about your website activities and provide us with other services associated with your website and Internet use. The IP address of your browser transmitted by Google Analytics is not linked to any other Google data.

This website also uses the UserID functions of Analytics in order to be able to track interaction data. This User ID is also anonymized and encrypted and is not linked to other data.

You may prevent the storage of cookies by setting your browser software accordingly, but you might then not be able to fully use all functions of our website.

You may furthermore prevent the disclosure of the data generated by the cookie which refers to the use of the website (incl. your IP address) to Google as well as the processing of these data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

This browser add-on notifies Google Analytics via JavaScript that no data or information about website visitors may be transmitted to Google Analytics.

Besides, a cookie left behind by Google Analytics may be erased at any time via the Internet browser or other software programs.

Additional information and the applicable privacy policy of Google may be downloaded from https://policies.google.com/privacy?hl=de and from https://marketingplatform.google.com/about/analytics/terms/de/ . Google Analytics is explained in more detail under this link: https://marketingplatform.google.com/about/.

Our website also uses Google Analytics performance reports by demographic factors and interests as well as reports about impressions in the Google Display Network. You may deactivate Google Analytics for display advertising and set the displays in the Google Display Network by accessing the display settings under this link: https://www.google.de/ads/preferences?ac_tld=de&continue=aHR0cHM6Ly9hZHNzZXR0aW5ncy5nb29nbGUuZGUvYW5vbnltb3Vz.

 

Google Tag Manager

This website uses Google Tag Manager. This service allows you to administer so-called website tags centrally via an interface. Google Tag Manager implements only tags. No cookies are used and no personal data are collected.

Google has a suitable privacy policy for such data collection by third-party providers: https://marketingplatform.google.com/intl/de/about/analytics/tag-manager/use-policy/

However, Google Tag Manager does not access these data. If certain domains/websites or cookies were deactivated, it remains in place for all tracking tags provided that they are implemented using Google Tag Manager.

 

Facebook Tracking Pixel

With your consent, we will use Facebook's "tracking pixel". With the help of this pixel, the behavior of users can be tracked once they are linked by clicking to a Facebook or Instagram ad on our website. This allows us to record the effectiveness of the Facebook and Instagram ads for statistical and market research purposes and to take optimization measures if necessary. Users who clicked on a Facebook or Instagram ad on our website may be tracked for up to 180 days.

The data recorded in such manner are anonymous for us, i.e. we do not see the personal data of the individual users. These data are however stored and processed by Facebook, which we will bring to your attention as we become aware of it.

Facebook may link these data with the Facebook account and use them also for its own advertising purposes according to its own data use guidelines.

If you prefer to deactivate the cookie storage on behalf of Facebook, you may do so by adjusting your browser settings accordingly.

 

Facebook Communications Tools

We also use Facebook's Communications Tools, in particular, the product "Custom Audiences" and "Website Custom Audiences". In principle, this generates a non-reversible and non-personal checksum (hash value) of your user data which may be transmitted to Facebook for analysis and marketing purposes.

If you wish to object to the use of Facebook's Website Custom Audiences, you may do so under https://www.facebook.com/settings/?tab=ads.

In addition, we use Customer Match Lists in the context of our Facebook advertising activities, e.g. for "Lookalike Audiences" and remarketing. For the use of Customer Match, lists with encrypted user data are uploaded to Facebook. After uploading the data, the system checks which data are already known and assigns the users to a list. After the preparation of the Customer Match List, the encrypted customer data are again automatically erased. Facebook does not obtain any new addresses in this process (encryption).

 

Twitter

We use components of the service provider Twitter on our website. Twitter is a service offered by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA.

Whenever you access our website featuring this component, this component causes your browser to download the respective version of Twitter's component. This process also informs Twitter which page of our website is currently visited.

We have no control over the data collected by Twitter in this process, or over the range of the data collected by Twitter. As far as we know, Twitter records the URL of the respectively accessed website as well as the IP address of the user, but this information is not used for other purposes than for loading the respective version of the Twitter component. Additional information about this issue can be found in Twitter's privacy policy under https://twitter.com/de/privacy.

You may change your privacy settings in account settings under https://twitter.com/account/settings.

 

Pinterest

We use the services of Pinterest, Inc., 808 Brannan St, San Francisco, CA 94103, USA. on our website. The embedded "Pin it" button on the website informs Pinterest that you accessed the respective page of our website. If you are logged in with Pinterest, Pinterest is able to attribute this visit to our website to your Pinterest account and thus link the data. The data transmitted by clicking the "Pin it" button are stored by Pinterest. You may access further information about the purpose and range of the collected data, their processing, and use as well as about your rights and setting options for the protection of your privacy in the privacy policies of Pinterest: https://policy.pinterest.com/en/privacy-policy.

In order to prevent Pinterest from attributing your visit to our website to your Pinterest account, you must log out from your Pinterest account before visiting our website.

 

Cookies

Our website uses cookies. Cookies are small text files placed on your computer and stored by your browser. They serve the purpose of making our offer more user-friendly, efficient, and secure. Cookies also make it possible for our systems to recognize your browser and offer you the best possible configuration.

We store this information for the duration of 12 months.

This data processing is based on the principles of Art. 6 paragraph 1 point (f) GDPR for the protection of our legitimate interests, i.e. the optimization of our offer.

Here is a list of cookies that we use. We have listed them here so you can decide whether you would like to use cookies or not.

session_id, proprietary token, session-related, allowing Shopify to store information about your session (referrer, target website, etc.).

shopify_visit, no data storage, lasting for 30 minutes from your last visit, is used by the internal statistics tracker of our website provider to track the number of visitors.

shopify_uniq, no data storage, expires at midnight (relative to the visitor) of the next day, counts the number of shop visits by individual customers.

cart, proprietary token, lasting for 3 weeks, stores information about the content of your shopping cart.

secure_session_id, proprietary token, session-related

storefront_digest, proprietary token, unlimited duration, used if the shop has a password in order to determine whether the current customer has access.

 

DISCLOSURE

We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service

 

Change to this Privacy Policy

We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.

 

Status of the privacy and data security policy: November 4, 2021