This privacy notice discloses the privacy practices for Rare Things Gallery and www.rarethingsgallery.com This privacy notice applies solely to information collected by this website. It will notify you of the following:
- What personally identifiable information is collected from you through the website, how it is used and with whom it may be shared.
- What choices are available to you regarding the use of your data.
- The security procedures in place to protect the misuse of your information.
- How you can correct any inaccuracies in the information.
Information Collection, Use, and Sharing
We are the sole owners of the information collected on this site. We only have access to/collect information that you voluntarily give us via email or other direct contact from you. We will not sell or rent this information to anyone.
We will use your information to respond to you, regarding the reason you contacted us. We will not share your information with any third party outside of our organization, other than as necessary to fulfill your request, e.g. to ship an order.
Your Access to and Control Over Information
You may opt out of any future contacts from us at any time. You can do the following at any time by contacting us via the email address or phone number given on our website:
- See what data we have about you, if any.
- Change/correct any data we have about you.
- Have us delete any data we have about you.
- Express any concern you have about our use of your data.
We take precautions to protect your information. When you submit sensitive information via the website, your information is protected both online and offline.
Wherever we collect sensitive information (such as credit card data), that information is encrypted and transmitted to us in a secure way. You can verify this by looking for a lock icon in the address bar and looking for "https" at the beginning of the address of the Web page.
While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example, billing or customer service) are granted access to personally identifiable information. The computers/servers in which we store personally identifiable information are kept in a secure environment.
In order to use this website, a user must first complete the registration form. During registration a user is required to give certain information (such as name and email address). This information is used to contact you about the products/services on our site in which you have expressed interest. At your option, you may also provide demographic information (such as gender or age) about yourself, but it is not required.
We request information from you on our order form. To buy from us, you must provide contact information (like name and shipping address) and financial information (like credit card number, expiration date). This information is used for billing purposes and to fill your orders. If we have trouble processing an order, we'll use this information to contact you.
We use "cookies" on this site. A cookie is a piece of data stored on a site visitor's hard drive to help us improve your access to our site and identify repeat visitors to our site. For instance, when we use a cookie to identify you, you would not have to log in a password more than once, thereby saving time while on our site. Cookies can also enable us to track and target the interests of our users to enhance the experience on our site. Usage of a cookie is in no way linked to any personally identifiable information on our site.
Joomla Core Capabilities
All requests to a Joomla website start a session which stores the IP address in the session data and creates a session cookie in the user's browser. The IP address is used as a security measure to help protect against potential session hijacking attacks and this information is deleted once the session has expired and its data purged. The session cookie's name is based on a randomly generated hash and therefore does not have a constant identifier. The session cookie is destroyed once the session has expired or the user has exited their browser.
When a network connection is available, a Joomla installation will attempt to communicate with the joomla.org servers for various capabilities, to include:
- Checking for updates for the Joomla application
- Help screens for core Joomla extensions
- The Install from Web service (opt-in)
- The statistics collection server (opt-in)
Authentication - Cookie
In conjunction with a plugin which supports a "Remember Me" feature, such as the "System - Remember Me" plugin, this plugin creates a cookie on the user's client if a "Remember Me" checkbox is selected when logging into the website. This cookie can be identified with the prefix `joomla_remember_me` and is used to automatically log users into the website when they visit and are not already logged in.
CAPTCHA - Invisible reCAPTCHA
The Invisible reCAPTCHA plugin integrates with Google's reCAPTCHA system as a spam protection service. As part of this service, the IP address of the user answering the captcha challenge is transmitted to Google.
CAPTCHA - reCAPTCHA
The reCAPTCHA plugin integrates with Google's reCAPTCHA system as a spam protection service. As part of this service, the IP address of the user answering the captcha challenge is transmitted to Google.
HikaShop stores by default the IP address when someone posts a vote or a comment on a product, when someone adds something to their cart, when someone registers on the website through HikaShop, and when someone places an order through HikaShop. HikaShop has options in its configuration to deactivate these separately. You should first make sure which ones are necessary for your country's administration, and which ones cannot be collected due to the privacy laws in your country.
HikaShop stores the addresses the customer uses for his carts / orders. If you don't need some of the information requested by default by HikaShop for the addresses, you can go in the menu Display>Custom fields of HikaShop to disable the ones you don't need.
In order to process information requests, information about the user must be collected and logged for the purposes of retaining an audit log. The request system is based on an individual's email address which will be used to link the request to an existing site user if able.