This Privacy Policy was last updated on: March 20, 2024
This Privacy Policy describes how Nikati and Company (the “Site”, “we”, “us”, or “our”) collects, uses, and discloses your personal information when you visit, use our services, or make a purchase from https://nikatiandco.com or any of the nikatiandco.com sub-domains (the “Site”) or otherwise communicate with us (collectively, the “Services”). For purposes of this Privacy Policy, “you” and “your” means you as the user of the Services, whether you are a customer, website visitor, or another individual whose information we have collected pursuant to this Privacy Policy.
Please read this Privacy Policy carefully. By using and accessing any of the Services, you agree to the collection, use, and disclosure of your information as described in this Privacy Policy. If you do not agree to this Privacy Policy, please do not use or access any of the Services.
HOW WE COLLECT YOUR PERSONAL INFORMATION
**We do not store your credit card information on our own servers. All payment transactions initiated from our website are processed directly with the payment processing company.**
To provide the Services, we collect and have collected over the past 12 months personal information about you from a variety of sources, as set out below. The information that we collect and use varies depending on how you interact with us.
We collect information using the following technologies:
• “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit https://cookiepedia.co.uk/
**For more information about how we collect and use cookies, please see our COOKIE POLICY.
• “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
• “Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse the Site.
The types of personal information we obtain about you depends on how you interact with our Site and use our Services. When we use the term “personal information”, we are referring to information that identifies, relates to, describes or can be associated with you. The following sections describe the categories and specific types of personal information we collect.
Information that you directly submit to us through our Services may include:
• Basic contact details including your name, address, phone number, email.
• Order information including your name, billing address, shipping address, payment confirmation, email address, phone number.
• Account information including your username, password, security questions.
• Shopping information including the items you view, put in your cart or add to your wishlist.
• Customer support information including the information you choose to include in communications with us, for example, when sending a message through the Services.
Some features of the Services may require you to directly provide us with certain information about yourself. You may elect not to provide this information, but doing so may prevent you from using or accessing these features.
We also automatically collect certain information about your interaction with the Services (“Usage Data”). To do this, we may use cookies, pixels and similar technologies (“Cookies”): Usage Data may include information about how you access and use our Site and your account, including device information, browser information, information about your network connection, your IP address and other information regarding your interaction with the Services.
For more information about how we collect and use cookies, please see our COOKIE POLICY.
Finally, we may obtain information about you from third parties, including from vendors and service providers who may collect information on our behalf, such as:
• Companies who support our Site and Services, such as Shopify and FastSpring.
• Our payment processors, who collect payment information (e.g., bank account, credit or debit card information, billing address) to process your payment in order to fulfill your orders and provide you with products or services you have requested, in order to perform our contract with you.
• When you visit our Site, open or click on emails we send you, or interact with our Services or advertisements, we, or third parties we work with, may automatically collect certain information using online tracking technologies such as pixels, web beacons, software developer kits, third-party libraries, and cookies.
Any information we obtain from third parties will be treated in accordance with this Privacy Policy. We are not responsible or liable for the accuracy of the information provided to us by third parties and are not responsible for any third party’s policies or practices. For more information, see the section below, Third Party Websites and Links.
HOW WE USE YOUR PERSONAL INFORMATION
We use the Order Information that we collect generally to fulfill any orders placed through the Site (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations).
Additionally, we use this Order Information to:
• Communicate with you;
• Screen our orders for potential risk or fraud; and
• When in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
• Ask you to rate or provide feedback about our products and services.
• Add you to our email list and/or subscribe you to our newsletter (if you have given us your express consent to do so).
We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).
Pursuant to the General Data Protection Regulation (“GDPR”), if you are a resident of the European Economic Area (“EEA”), we process your personal information under the following lawful bases:
• Your consent;
• The performance of the contract between you and the Site;
• Compliance with our legal obligations;
• To protect your vital interests;
• To perform a task carried out in the public interest;
• For our legitimate interests, which do not override your fundamental rights and freedoms.
We do not engage in fully automated decision-making that has a legal or otherwise significant effect using customer data. Our resellers/payment processors use limited automated decision-making to prevent fraud that does not have a legal or otherwise significant effect on you.
Services that include elements of automated decision-making include:
• Temporary denylist of IP addresses associated with repeated failed transactions. This denylist persists for a small number of hours.
• Temporary denylist of credit cards associated with denylisted IP addresses. This denylist persists for a small number of days.
HOW WE DISCLOSE YOUR PERSONAL INFORMATION
In certain circumstances, we may disclose your personal information to third parties for legitimate purposes subject to this Privacy Policy.
Such circumstances may include:
• With vendors or other third parties who perform services on our behalf (e.g., IT management, payment processing, data analytics, customer support, cloud storage, fulfillment and shipping).
• With business and marketing partners, to provide services and advertise to you. Our business and marketing partners will use your information in accordance with their own privacy notices.
• When you direct, request us or otherwise consent to our disclosure of certain information to third parties, such as to ship you products or through your use of social media widgets or login integrations, with your consent.
• With our affiliates or otherwise within our corporate group, in our legitimate interests to run a successful business.
• In connection with a business transaction such as a sale, merger or bankruptcy, or to comply with any applicable legal obligations (including to respond to subpoenas, search warrants and similar requests), to enforce any applicable terms of service, and to protect or defend the Services, our rights, and the rights of our users or others.
We have in the past 12 months disclosed the following categories of personal information and sensitive personal information (denoted by *) about users for the purposes set out above in HOW WE COLLECT YOUR PERSONAL INFORMATION, HOW WE USE YOUR PERSONAL INFORMATION and HOW WE DISCLOSE YOUR PERSONAL INFORMATION:
Category:
• Identifiers such as basic contact details and certain order and account information
• Commercial information such as order information, shopping information and customer support information
• Internet or other similar network activity, such as Usage Data
Categories of Recipients:
• Vendors and third parties who perform services on our behalf (such as Internet service providers, payment processors, fulfillment partners, customer support partners and data analytics providers)
• Business and marketing partners
• Affiliates
For example, we use Kinsta, FastSpring, Shopify, Klaviyo, and Stripe to power our website, online galleries, online stores, appointment bookings, and mailing lists. You can read more about how Kinsta, Shopify, Klaviyo, and Stripe uses your Personal Information here: https://kinsta.com/legal/privacy-policy/ and https://fastspring.com/privacy/ and https://www.shopify.com/legal/privacy and https://www.klaviyo.com/legal/privacy-notice and https://stripe.com/privacy. You can read more about Kinsta’s legal policies here: https://kinsta.com/legal/. We use Protonmail as our encrypted nikatiandco.com email provider (eg. anyname@nikatiandco.com email addresses.) If you enter information into a contact form on our website (Contact Us, Custom Order Inquiry, etc.), that information is sent to our encrypted hello@nikatiandco.com Protonmail email address. You can read the Protonmail privacy policy here: https://proton.me/legal/privacy. We use Make (formerly Integromat) to integrate some of our application platforms and automate workflows, and we use Hookdeck to deliver our webhooks reliably and to authenticate both incoming and outgoing webhooks as an added security measure. Customer data is marked as “confidential” in our Make automations, which means no customer data is logged and customer data is not stored after it is processed. You can read the Make and Hookdeck privacy and/or trust policies here, https://www.make.com/en/privacy-notice, here https://trust.hookdeck.com/ and here: https://hookdeck.com/privacy. We use Crisp to power the chatbox feature on our website. You can read the Crisp privacy policy and how Crisp uses cookies here: https://crisp.chat/en/privacy/.
If you send us an email via the Crisp chatbox on our website, that email will be sent to us via the Crisp email servers. If you prefer to reach out to our customer support team via an encrypted Protonmail email address, please send your email to support@nikatiandco.com.
**We do not use or disclose sensitive personal information for the purposes of inferring characteristics about you.
We have “sold” and “shared” (as those terms are defined in applicable law) personal information over the preceding 12 months for the purpose of engaging in advertising and marketing activities, as follows:
Category of Personal Information
• Identifiers such as basic contact details and certain order and account information
• Commercial information such as records of products or services purchased and shopping information
• Internet or other similar network activity, such as Usage Data
Categories of Recipients
• Business and marketing partners
For example, use Google Analytics to help us understand how our customers use the Site. You can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout. We use the Pinterest tag to track customers that interact with our website. You can read more about how Pinterest uses your personal information here: https://policy.pinterest.com/en/privacy-policy.
BEHAVIORAL ADVERTISING
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
You can opt out of targeted advertising by using the links below:
• Pinterest: Opt out through your Pinterest personalization settings or the AdChoices website optout.aboutads.info.
• Facebook: https://www.facebook.com/settings/?tab=ads
• Google: https://www.google.com/settings/ads/anonymous
• Bing: https://privacy.microsoft.com/en-us/privacystatement
You may also opt out of targeting advertising for most advertising networks via these websites:
• Digital Advertising Alliance
• Digital Advertising Alliance of Canada
• European Interactive Digital Advertising Alliance
USER GENERATED CONTENT
The Services may enable you to post product reviews and other user-generated content. If you choose to submit user generated content to any public area of the Services, this content will be public and accessible by anyone.
We do not control who will have access to the information that you choose to make available to others, and cannot ensure that parties who have access to such information will respect your privacy or keep it secure. We are not responsible for the privacy or security of any information that you make publicly available, or for the accuracy, use or misuse of any information that you disclose or receive from third parties.
THIRD-PARTY WEBSITES AND LINKS
Our Site may provide links to websites or other online platforms operated by third parties. If you follow links to sites not affiliated or controlled by us, you should review their privacy and security policies and other terms and conditions. We do not guarantee and are not responsible for the privacy or security of such sites, including the accuracy, completeness, or reliability of information found on these sites. Information you provide on public or semi-public venues, including information you share on third-party social networking platforms may also be viewable by other users of the Services and/or users of those third-party platforms without limitation as to its use by us or by a third party. Our inclusion of such links does not, by itself, imply any endorsement of the content on such platforms or of their owners or operators, except as disclosed on the Services.
AFFILIATE LINKS
Some of the pages on this site contain affiliate links, including Amazon Associate Program affiliate links. If you click on one of these links and make a purchase, we may receive a small commission. Please know that we are very picky about the products and services we choose to share with you, and only share products that we own and use ourselves, or products that we have researched thoroughly and feel comfortable sharing. We do not accept money up front or free products or services in exchange for recommending a product or service. We do our very best to make sure that all affiliate links are disclosed according to FTC requirements.
DO NOT TRACK AND OPT-OUT PREFERENCE SIGNALS (Global Privacy Control)
Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser. However, we do honor Global Privacy Control (GPC) opt-out preference signals until we receive explicit opt-in consent. A notification that the GPC opt-out preference signal has been honored appears in our cookie banner Preference Management Center, which you can access by clicking on the green cookie icon in the lower left corner of your browser window.
CHILDREN’S DATA
The Services are not intended to be used by children, and we do not knowingly collect any personal information about children. If you are the parent or guardian of a child who has provided us with their personal information, you may contact us using the contact details set out below to request that it be deleted.
As of the Effective Date of this Privacy Policy, we do not have actual knowledge that we “share” or “sell” (as those terms are defined in applicable law) personal information of individuals under 16 years of age.
SECURITY AND RETENTION OF YOUR INFORMATION
Please be aware that no security measures are perfect or impenetrable, and we cannot guarantee “perfect security.” In addition, any information you send to us may not be secure while in transit. We recommend that you do not use unsecured channels to communicate sensitive or confidential information to us.
How long we retain your personal information depends on different factors, such as whether we need the information to maintain your account, to provide the Services, comply with legal obligations, resolve disputes or enforce other applicable contracts and policies.
YOUR RIGHTS
Depending on where you live, you may have some or all of the rights listed below in relation to your personal information. However, these rights are not absolute, may apply only in certain circumstances and, in certain cases, we may decline your request as permitted by law.
• Right to Access / Know. You may have a right to request access to personal information that we hold about you, including details relating to the ways in which we use and share your information.
• Right to Delete. You may have a right to request that we delete personal information we maintain about you.
• Right to Correct. You may have a right to request that we correct inaccurate personal information we maintain about you.
• Right of Portability. You may have a right to receive a copy of the personal information we hold about you and to request that we transfer it to a third party, in certain circumstances and with certain exceptions.
• Right to Opt out of Sale or Sharing or Targeted Advertising. You may have a right to direct us not to “sell” or “share” your personal information or to opt out of the processing of your personal information for purposes considered to be “targeted advertising”, as defined in applicable privacy laws.
**Please note that if you visit our Site with the Global Privacy Control opt-out preference signal enabled, we honor opt-out preference signals until we receive explicit opt-in consent. A notification that the opt-out preference signal has been honored appears on our cookie banner and in the Preference Management Center, which you can access by clicking on the green cookie icon in the lower left corner of your browser window.
• Right to Limit and/or Opt out of Use and Disclosure of Sensitive Personal Information. You may have a right to direct us to limit our use and/or disclosure of sensitive personal information to only what is necessary to perform the Services or provide the goods reasonably expected by an average individual.
• Restriction of Processing: You may have the right to ask us to stop or restrict our processing of personal information.
• Withdrawal of Consent: Where we rely on consent to process your personal information, you may have the right to withdraw this consent.
• Appeal: You may have a right to appeal our decision if we decline to process your request. You can do so by replying directly to our denial.
• Managing Communication Preferences: We may send you promotional emails, and you may opt out of receiving these at any time by using the unsubscribe option displayed in our emails to you. If you opt out, we may still send you non-promotional emails, such as those about your account or orders that you have made.
You may exercise any of these rights where indicated on our Site or by contacting us using the contact details provided below.
We will not discriminate against you for exercising any of these rights. We may need to collect information from you to verify your identity, such as your email address or account information, before providing a substantive response to the request. In accordance with applicable laws, You may designate an authorized agent to make requests on your behalf to exercise your rights. Before accepting such a request from an agent, we will require that the agent provide proof you have authorized them to act on your behalf, and we may need you to verify your identity directly with us. We will respond to your request in a timely manner as required under applicable law.
CALIFORNIA RESIDENTS ONLY
To exercise your CCPA right to opt out of the sale or sharing of your personal information, please visit https://www.nikatiandco.com/ccpa-opt-out/ to send us your opt-out request via a website form. You may also submit an opt-out request by emailing us at privacy@nikatiandco.com. Please include “CCPA Opt-Out Request” in the email subject line.
COMPLAINTS
If you have complaints about how we process your personal information, please contact us using the contact details provided below. If you are not satisfied with our response to your complaint, depending on where you live you may have the right to appeal our decision by contacting us using the contact details set out below, or lodge your complaint with your local data protection authority.
INTERNATIONAL USERS
Please note that we may transfer, store and process your personal information outside the country you live in, including the United States. Your personal information is also processed by staff and third party service providers and partners in these countries.
If we transfer your personal information out of Europe, we will rely on recognized transfer mechanisms like the European Commission’s Standard Contractual Clauses, or any equivalent contracts issued by the relevant competent authority of the UK, as relevant, unless the data transfer is to a country that has been determined to provide an adequate level of protection.
CHANGES
We may update this privacy policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons. When we do, we will post a notice on our website with the updated policy effective date and a link to the updated privacy policy. The web address of our privacy policy is: https://www.nikatiandco.com/privacy-policy/.
CONTACT US
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e‑mail at privacy@nikatiandco.com or by mail using the details provided below:
Nikati and Company
ATTN: Privacy and Compliance
PO Box 380, Pegram TN 37143, United States
For the purpose of applicable data protection laws, we are the data controller of your personal information.