Privacy Policy

This Privacy Policy describes how paygapstore.myshopify.com (the “Site” or “we”) collects, uses, and discloses your Personal Information when you visit or make a purchase from the Site.

Collecting Personal Information

When you visit the Site, we collect certain information about your device, your interaction with the Site, and information necessary to process your purchases. We may also collect additional information if you contact us for customer support. In this Privacy Policy, we refer to any information that can uniquely identify an individual (including the information below) as “Personal Information”. See the list below for more information about what Personal Information we collect and why.

Device information

  • Examples of Personal Information collected: version of web browser, IP address, time zone, cookie information, what sites or products you view, search terms, and how you interact with the Site.
  • Purpose of collection: to load the Site accurately for you, and to perform analytics on Site usage to optimize our Site.
  • Source of collection: Collected automatically when you access our Site using cookies, log files, web beacons, tags, or pixels. 
  • Disclosure for a business purpose: shared with our processor Shopify.

Order information

  • Examples of Personal Information collected: name, billing address, shipping address, payment information (including credit card numbers ] ), email address, gender, race/ethnicity and phone number.
  • Purpose of collection: to provide products or services to you to fulfill our contract, to process your payment information, arrange for shipping, and provide you with invoices and/or order confirmations, communicate with you, screen our orders for potential risk or fraud, and when in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
  • Source of collection: collected from you.
  • Disclosure for a business purpose: shared with our processor Shopify, Printful and Printify.

Customer support information

  • Examples of Personal Information collected: name, billing address, shipping address, email address, phone number, product SKU number reflecting size and gender/race.
  • Purpose of collection: to provide customer support.
  • Source of collection: collected from you.
  • Disclosure for a business purpose: IdeasUnlimited, Printify, Printful. 

Minors

The Site is not intended for individuals under the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.  

We do not intentionally collect Personal Information from children. If you are the parent or guardian and believe your child has provided us with Personal Information, please contact us at the address below to request deletion.

Sharing Personal Information

We share your Personal Information with service providers to help us provide our services and fulfill our contracts with you, as described above. For example:

  • We use Shopify to power our online store. You can read more about how Shopify uses your Personal Information here: https://www.shopify.com/legal/privacy.
  • We may share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.
  • Printful and Printify for order fulfillment.
  • IdeasUnlimited for order support and issue resolution.

Using Personal Information

We use your personal Information to provide our services to you, which includes: offering products for sale, processing payments, shipping and fulfillment of your order, and keeping you up to date on new products, services, and offers.

Lawful basis

Pursuant to the General Data Protection Regulation (“GDPR”), if you are a resident of the European Economic Area (“EEA”), we process your personal information under the following lawful bases:

  • Your consent;
  • The performance of the contract between you and the Site;
  • Compliance with our legal obligations;
  • To protect your vital interests;
  • To perform a task carried out in the public interest;
  • For our legitimate interests, which do not override your fundamental rights and freedoms.

Retention

When you place an order through the Site, we will retain your Personal Information for our records unless and until you ask us to erase this information. For more information on your right of erasure, please see the ‘Your rights’ section below. Please contact paygapstore@trusaic.com to begin this process.

Automatic decision-making

If you are a resident of the EEA, you have the right to object to processing based solely on automated decision-making (which includes profiling), when that decision-making has a legal effect on you or otherwise significantly affects you.

We DO NOT engage in fully automated decision-making that has a legal or otherwise significant effect using customer data.

Our processor Shopify uses limited automated decision-making to prevent fraud that does not have a legal or otherwise significant effect on you.

Services that include elements of automated decision-making include:

  • Temporary denylist of IP addresses associated with repeated failed transactions. This denylist persists for a small number of hours.
  • Temporary denylist of credit cards associated with denylisted IP addresses. This denylist persists for a small number of days.

We DO NOT sell Personal Information.  

Selling Personal Information

We do not sell Personal Information, as defined by the California Consumer Privacy Act of 2018 (“CCPA”).

Your rights

GDPR

If you are a resident of the EEA, you have the right to access the Personal Information we hold about you, to port it to a new service, and to ask that your Personal Information be corrected, updated, or erased. If you would like to exercise these rights, please contact us at paygapstore@trusaic.com to begin this process.

Your Personal Information will be initially processed in Ireland and then will be transferred outside of Europe for storage and further processing, including to Canada and the United States. For more information on how data transfers comply with the GDPR, see Shopify’s GDPR Whitepaper: https://help.shopify.com/en/manual/your-account/privacy/GDPR .

CCPA

If you are a resident of California, you have the right to access the Personal Information we hold about you (also known as the ‘Right to Know’), to port it to a new service, and to ask that your Personal Information be corrected, updated, or erased. If you would like to exercise these rights, please contact us at paygapstore@trusaic.com to begin this process.

Consumer Personal Information We Collect

We may collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer (“Consumer Personal Information”).  We have not collected any Consumer Personal Information within the last twelve (12) months but we anticipate potential collection of the following:

Category

Examples

Collected

A. Identifiers.

A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.

YES

B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.

YES

C. Protected classification characteristics under California or federal law.

Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).

YES

D. Commercial information.

Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

NO

E. Biometric information.

Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.

NO

F. Internet or other similar network activity.

Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.

YES

G. Geolocation data.

Physical location or movements.

YES

H. Sensory data.

Audio, electronic, visual, thermal, olfactory, or similar information.

NO

I. Professional or employment-related information.

Current or past job history or performance evaluations.

NO

J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. §1232g, 34 C.F.R. Part 99)).

Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.

NO

K. Inferences drawn from other personal information.

Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

NO

We obtain the categories of Consumer Personal Information listed above from you.

We will not collect additional categories of Consumer Personal Information or use such information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

Use of Consumer Personal Information

We may use Consumer Personal Information we collect for one or more of the purposes identified above.  

Sharing Consumer Personal Information

We do not sell and have not sold Consumer Personal Information.  

Unless prohibited by law or regulation, we may disclose your Consumer Personal Information to a third party solely to operate our business as needed to provide the Service, including product order fulfilment, to provide customer service and technical support, to protect our site from fraud and to protect your Consumer Personal Information.  Such third parties are our Service providers and Subcontractors that are needed to operate our business.  

We may share Your Consumer Personal Information with a court of law, law enforcement agency, or other government body when we have a good faith belief that we have a duty to disclose, are required or permitted to do so by law, including but not limited to, meeting national security or law enforcement requirements, protection of our company, or responding to a court order, subpoena, search warrant, or other law enforcement request.

We may share Your Consumer Personal Information when we believe it is appropriate to enforce or apply our Terms of Service and other agreements or to protect our rights and the rights of others.  

Other than as set forth above and to the extent the legal basis for sharing with third parties is consent, we will provide you with notice and the opportunity to choose to withdraw your consent.  You may withdraw your consent by contacting us.  

Your Rights and Choices

The CCPA provides California resident consumers with specific rights regarding their Consumer Personal Information. This subsection describes your rights and explains how to exercise those rights.

Access to Specific Information and Data Portability Rights

You have the right to request that we disclose certain information to you about our collection, use and disclosure of your Consumer Personal Information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:

  • The categories of Consumer Personal Information we collected about you.
  • The categories of sources for Consumer Personal Information we collected about you.
  • Our business or commercial purpose for collecting, using or sharing that Consumer Personal Information.
  • The categories of third parties with whom we share that Consumer Personal Information.
  • The specific pieces of Consumer Personal Information we collected about you (also called a data portability request).
  • If we disclosed your Consumer Personal Information for a business purpose, we will identify the Consumer Personal Information categories that each category of recipient obtained.

Deletion Request Rights

You have the right to request that we delete any of your Consumer Personal Information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your Consumer Personal Information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service providers to:

  1. Complete the transaction for which we collected the Consumer Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
  2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  3. Debug products to identify and repair errors that impair existing intended functionality.
  4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
  6. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  7. Comply with a legal obligation.
  8. Make other internal and lawful uses of that information that are compatible with the context in which it was provided.

Exercising Access, Data Portability, and Deletion Rights

To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by either (a) emailing us at legal@trusaic.com or (b) writing to us at Trusaic, Attention: Legal, at 3530 Wilshire Blvd., Suite 1460, Los Angeles CA 90010.

Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your Consumer Personal Information. You may also make a verifiable consumer request on behalf of your minor child.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Consumer Personal Information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with Consumer Personal Information if we cannot verify your identity or authority to make the request and confirm the Consumer Personal Information relates to you.  Making a verifiable consumer request does not require you to create an account with us.  We will only use Consumer Personal Information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.

Response Timing and Format

We endeavor to respond to a verifiable consumer request within 45 days of its receipt.  If we require more time (up to 90 days), we will inform you of the reason and extension period in writing.  If you have an account with us, we will deliver our written response to that account.  If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.  Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt.  The response we provide will also explain the reasons we cannot comply with a request, if applicable.  For data portability requests, we will select a format to provide your Consumer Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded.  If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

In calendar year 2020 and as of the date of this Privacy Policy, there have been 0 requests that are applicable to any of the rights listed above.

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not (a) Deny you goods or services; (b) Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties; (c) Provide you a different level or quality of goods or services; and/or (d) Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

Cookies

A cookie is a small amount of information that’s downloaded to your computer or device when you visit our Site. We use a number of different cookies, including functional, performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the site or browse from one page to another. Cookies also provide information on how people use the website, for instance whether it’s their first time visiting or if they are a frequent visitor.

We use the following cookies to optimize your experience on our Site and to provide our services.

Cookies Necessary for the Functioning of the Store

Name

Function

_ab

Used in connection with access to admin.

_secure_session_id

Used in connection with navigation through a storefront.

cart

Used in connection with shopping cart.

cart_sig

Used in connection with checkout.

cart_ts

Used in connection with checkout.

checkout_token

Used in connection with checkout.

secret

Used in connection with checkout.

secure_customer_sig

Used in connection with customer login.

storefront_digest

Used in connection with customer login.

_shopify_u

Used to facilitate updating customer account information.

Reporting and Analytics

Name

Function

_tracking_consent

Tracking preferences.

_landing_page

Track landing pages

_orig_referrer

Track landing pages

_s

Shopify analytics.

_shopify_s

Shopify analytics.

_shopify_sa_p

Shopify analytics relating to marketing & referrals.

_shopify_sa_t

Shopify analytics relating to marketing & referrals.

_shopify_y

Shopify analytics.

_y

Shopify analytics.

 

The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing and persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and will expire between 30 minutes and two years from the date they are downloaded to your device.

You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our website may no longer be fully accessible.

Most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu. For more information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser’s help file or through such sites as www.allaboutcookies.org .

Additionally, please note that blocking cookies may not completely prevent how we share information with third parties such as our advertising partners. To exercise your rights or opt-out of certain uses of your information by these parties, please follow the instructions in the “Behavioural Advertising” section above.

Do Not Track

Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.  For more information about “Do Not Track,” visit www.donottrack.us .

Changes

We may update this Privacy Policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal, or regulatory reasons.

Contact

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at legal@trusaic.com or by mail using the details provided below:

Trusaic, 3530 Wilshire Blvd Suite 1460, Los Angeles CA 90010, United States, Attn: Legal

Last updated: [December 3, 2021]

If you are not satisfied with our response to your complaint, you have the right to lodge your complaint with the relevant data protection authority. You can contact your local data protection authority, or our supervisory authority here:  To contact the EU Rep, please use the contact form on this link:   https://verasafe.com/public-resources/contact-data-protection-representative or via telephone at: +420 228 881 031.  To contact the UK Rep, please use the contact form on this link:  https://verasafe.com/public-resources/contact-data-protection-representative or via telephone at: +44 (20) 4532 2003.