Privacy policy

Privacy Policy

SECTION 1 - WHAT DO WE DO WITH YOUR INFORMATION?

When you purchase something from our store, as part of the buying and selling process, we collect personal information such as your name, address, and email address.

When you browse our store, we automatically receive your computer’s Internet Protocol (IP) address to provide us with information that helps us understand your browser and operating system.

Email Marketing (if applicable): With your permission, we may send you emails about our store, new products, and other updates.

SECTION 2 - CONSENT

How do you get my consent?
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery, or return a purchase, we imply your consent for collecting and using it for that specific purpose only.

If we ask for your personal information for secondary purposes, such as marketing, we will either ask for your explicit consent or provide you with an opportunity to decline.

How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you or to continue collecting, using, or disclosing your information at any time. To do so, contact us at support@coverstoryindia.com or mail us at:
Cover Story India

SECTION 3 - DISCLOSURE

We may disclose your personal information if required by law or if you violate our Terms of Service.

SECTION 4 - SHOPIFY

Our store is hosted on Shopify Inc., which provides the online e-commerce platform enabling us to sell our products and services.

Your data is stored through Shopify’s secure data storage, databases, and the Shopify application. They store your data on a secure server protected by a firewall.

Payment:
If you use a direct payment gateway to complete your purchase, Shopify stores your credit card data. It is encrypted via the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as necessary to complete your purchase. Afterward, your transaction information is deleted.

All direct payment gateways comply with PCI-DSS standards, managed by the PCI Security Standards Council (a collaboration of brands such as Visa, Mastercard, American Express, and Discover).

For more information, you can review Shopify’s Terms of Service and Privacy Policy.

SECTION 5 - THIRD-PARTY SERVICES

Third-party providers we use will collect, use, and disclose your information only to the extent necessary for them to perform their services.

However, certain providers, such as payment gateways and other payment transaction processors, have their own privacy policies regarding the information required for purchase-related transactions.

We encourage you to read their privacy policies to understand how your information will be managed by these providers.

If your transaction involves a service provider in another jurisdiction, your information may become subject to the laws of that jurisdiction (e.g., if located in the U.S., it may be subject to disclosure under U.S. laws, including the Patriot Act).

Once you leave our website or are redirected to a third-party website/application, this Privacy Policy no longer applies.

Links:
Our site may contain links to external sites. We are not responsible for their privacy practices and recommend you review their policies.

SECTION 6 - SECURITY

We take reasonable precautions and adhere to industry best practices to protect your personal information from unauthorized access, misuse, or alteration.

If you provide your credit card information, it is encrypted using Secure Socket Layer (SSL) technology and stored with AES-256 encryption. While no online transmission or storage method is 100% secure, we comply with PCI-DSS standards and additional industry guidelines.

SECTION 7 - COOKIES

We use cookies to enhance your experience on our site. Below is a list of cookies we use, which you can choose to opt-out of:

  • _session_id: Unique token, sessional; allows Shopify to store information about your session (e.g., referrer, landing page).
  • _shopify_visit: No data held; persistent for 30 minutes from the last visit, used by Shopify’s internal stats tracker.
  • _shopify_uniq: No data held; expires midnight (relative to the visitor) the next day; tracks number of visits by a single customer.
  • cart: Unique token, persistent for 2 weeks; stores information about your cart contents.
  • _secure_session_id: Unique token, sessional.
  • storefront_digest: Unique token, indefinite; determines visitor access if the store has a password.

SECTION 8 - AGE OF CONSENT

By using this site, you confirm you are at least the age of majority in your state/province of residence or that you have given consent for your minor dependents to use this site.

SECTION 9 - CHANGES TO THIS PRIVACY POLICY

We reserve the right to modify this Privacy Policy at any time. Changes will take effect immediately upon posting to the website. Material changes will be communicated, ensuring you understand what information we collect, how we use it, and under what circumstances we disclose it.

If our business is acquired or merged with another company, your information may be transferred to the new owners to continue providing services to you.

QUESTIONS AND CONTACT INFORMATION

To access, correct, amend, or delete your personal information, register a complaint, or seek additional information, contact our Privacy Compliance Officer at support@coverstoryindia.com or write to:
Cover Story India