As part of our mission to help make commerce better for everyone, IderaOS collect and process a lot of information. This Privacy Policy is intended to help you better understand how we collect, use and store your personal information, whether you are a merchant or end user that uses our products, applications or services (together, the “Services”), a customer that shops at a store using our technology or whether you’re simply visiting this website. By using any of IderaOS’s Services, or by dealing with a merchant using IderaOS’s Services, you are agreeing to the terms of this Privacy Policy We may update this Privacy Policy from time to time in order to reflect, for example, changes to our privacy practices or for other operational, legal, or regulatory reasons. If we make material changes to this Privacy Policy, we will give you notice of such changes by posting the revised policy on this Website, and where appropriate, by other means. By continuing to use this Website or the Support Service after these changes are posted, you agree to the revised policy.
Privacy matters! If you are a merchant, your customers need to understand how you (and how IderaOs) collects and processes their personal information as the data controller. Accordingly, if you use the Services, you agree to post an up-to-date and accurate privacy policy on your storefront that complies with the laws applicable to your business. You also agree to obtain consent from your customers for the use and access of their personal information by IderaOS and other third parties. In addition, if you are collecting any sensitive personal information from your customers (including information relating to medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or sexuality), you agree to obtain affirmative, express consent from your customers for the use and access of sensitive personal information by IderaOS and other third parties..
Partners are individuals or businesses that have agreed to the terms of the to work with IderaOS to promote the Services by (a) referring clients to IderaOS; (b)developing IderaOS store themes for merchant use; or (c) developing apps using the IderaOS Application Interface (API) for merchant use.
We collect this information when you sign up for a partner account, when you sign up one of your customers for our Services, or when your customers sign up themselves. We also collect any additional information that you might provide to us.
We collect this information when you visit the IderaOS websites, use Services offered on our websites or engage with us either by email, web form, instant message, phone, or post content on or through our websites (including forums, blogs and via any Messaging Feature). We also collect any additional information that you might provide to us.
What is a cookie? A cookie is a small amount of data, which may include a unique identifier. Cookies are sent to your browser from a website and stored on your device. We assign a different cookie to each device that accesses our website.
IderaOS’s platform allows merchants to connect their stores with third party applications to alter or provide new functionalities in their store. Unless listed as “Made by IderaOS,” IderaOS is not responsible for and has no control over how these apps function. Merchants ultimately can control which apps they choose to use with their stores, and are responsible for making sure that they do so in compliance with relevant privacy and data protection requirements.
IderaOS works with merchants and users around the world, including in the EEA. If you are located in the EEA, your personal information is processed by IderaOS’s Irish affiliate, IderaOS International Ltd. As part of our service, we may transfer your personal information to other regions, including to Canada and the United States. In order to ensure that your information is protected when transferred out of the EEA, IderaOS relies on the EU-U.S. Privacy Shield (described in more detail below), as well as inter-company agreements between our various affiliates that may process your information on behalf of IderaOS International Ltd.
If you are located in the EEA, you have certain rights under European law with respect to your personal data, including the right to request access to, correct, amend, delete, port to another service provider, or object to certain uses of your personal data. If you are a merchant, a partner, a visitor of IderaOS’s websites, or a user of IderaOS’s support services and wish to exercise these rights, please reach out to us using the contact information below. If you are a customer of a merchant who uses IderaOS’s platform and wish to exercise these rights, please contact the merchants you interacted with directly -- we serve as a processor on their behalf, and can only forward your request to them to allow them to respond.
If you are unhappy with the response that you receive from us we hope that you would contact us to resolve the issue but you also have the right to lodge a complaint with the relevant data protection authority in your jurisdiction at any time.
Additionally, if you are located in the EEA, we note that we are generally processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above, unless we are required by law to obtain your consent for a particular processing operation. In particular we process your personal data to pursue the following legitimate interests, either for ourselves, our merchants, our partners, or other third parties (including our merchants’ customers):
When we process personal information to pursue these legitimate interests, we do so where we believe the nature of the processing, the information being processed, and the technical and organisational measures employed to protect that information can help mitigate the risks to the data subject.
While IderaOS. is a Canadian company, we provide services to individuals and our technology processes data from users around the world. Accordingly, IderaOS may transmit your personal information outside of the country, state, or province in which you are located.
IderaOS complies with the EU-U.S. Privacy Shield Framework, regarding the collection, use, and retention of personal information from data subjects in the European Economic Area (“EEA”), and with the Swiss-U.S. Privacy Shield Framework regarding the collection, use and retention of personal information from data subjects in Switzerland. In this regard, we have certified that we adhere to the Privacy Shield Principles of notice, choice, accountability for onward transfers, security, data integrity and purpose limitation, access, recourse, enforcement and liability.
If you are located in the EEA or in Switzerland, and believe that your personal information has been used in a manner that is not consistent with the relevant privacy policies listed above, please contact us using the information below. If your complaint or dispute remains unresolved, you may also contact the International Centre for Dispute Resolution®, the international division of the American Arbitration Association® (ICDR/AAA). This organization provides independent dispute resolution services, at no charge to you. ICDR/AAA can be contacted at http://go.adr.org/privacyshield.html.
If, after attempting to resolve a dispute through ICDR/AAA, you feel that your concerns about the use of your personal information have not been resolved, you may seek resolution of the issue through binding arbitration. For more information about the binding arbitration process, please visit http://www.privacyshield.gov.
By participating in the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework, IderaOS’s participating U.S. entities are subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission. For more information about the EU-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield, please visit https://www.privacyshield.gov.
In the course of offering our services, IderaOS uses a number of machine learning algorithms and forms of automated decision-making. For example, we use automated decision-making: to prevent risk and fraud by merchants; to help merchants avoid fraudulent transactions from their customers; to personalize merchants’ experience when they use our admin and app store; and to determine eligibility for certain services (like IderaOS Capital).
Most of these algorithms (excluding the personalization features and a subset of customer risk/fraud screening, discussed in more detail below) are not fully automated and include some human intervention (for example, customer risk and fraud scores are provided to merchants, who must intentionally decide how to act on them). Our personalization algorithms are fully automated, but only affect display features like how apps in the app store are presented to you. Similarly, we have a small subset of fully automated fraud screening blacklists, which, if we believe a transaction was made using stolen or fraudulent payment information, may stop a customer from completing a transaction--but only for a period of between a few hours and a few days.
IderaOS understands that you have rights over your personal information, and takes reasonable steps to allow you to access, correct, amend, delete, port, or limit the use of your personal information. If you are a merchant or a partner, you can update many types of personal information, such as payment or contact information, directly within your account settings. If you are unable to change your personal information within your account settings, or if you are concerned about data collected as you visit IderaOS’s websites or use our support services, please contact us to make the required changes. If you are a merchant’s customer and wish to exercise these rights, please contact the merchants you interacted with directly -- we serve as a processor on their behalf, and can only forward your request to them to allow them to respond. It’s important to remember that if you delete or limit the use of your personal information, the Services may not function properly
If you have any questions about your personal information or this policy, or if you would like to make a complaint about how IderaOS processes your personal data, please contact IderaOS by email at support@IderaOS.com, or by using the contact details below.
If you would like to make a legal request, or serve a subpoena or similar document seeking information about our merchants, their stores, or other parties whose data we process, please contact
IderaOS.
Quadry Olalekan
6 Barone court
Providence, RI 02904
United States