Baby’s Planet is proud to offer you certified security that meets the highest industry standards.
Our website features a dedicated Network Solutions Secure Link SSL certificate which enables all transactions to be processed in a secure and confidential environment.
What does SSL stand for?
SSL stands for Secure Sockets Layer. This is the standard security technology for creating an encrypted link between a web server and a browser. Our Secure Link SSL certificate provides an AES-256 encryption and we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
What is your Personal Information Protection Policy?
We manage your personal information in accordance with the United States Personal Information Protection Act and other applicable laws. This policy outlines the principles and practices we follow in protecting your personal information. Baby’s Planet is committed to safeguarding the personal information entrusted to us by our customers.
What is personal information?
Personal information means information about an identifiable individual. This includes an individual’s name, home address and phone number, email address, an identifying number, financial information, etc.
What personal information do we collect?
We collect only the personal information that we need for the purposes of providing services to our customers, including personal information needed to:
- open an account
- deliver requested products and services
- enroll a client in a program
- follow up with clients to determine satisfaction with products and services
- notify clients of upcoming events of interest
- meet regulatory requirements
We inform our clients, before or at the time of collecting personal information, of the purposes for which we are collecting the information. The only time we don't provide this notification is when a client volunteers information for an obvious purpose (for example, providing credit card information for an online purchase when the information will be used only to process the payment).
What do you mean by Consent?
We ask for consent to collect, use or disclose client personal information, except in specific circumstances where collection, use or disclosure without consent is authorized or required by law. We may assume your consent in cases where you volunteer information for an obvious purpose.
We ask for your express consent for some purposes and may not be able to provide certain services if you are unwilling to provide consent to the collection, use or disclosure of certain personal information. Where express consent is needed, we will normally ask clients to provide their consent orally in writing by signing a consent form, by checking a box on a form, or electronically by clicking a button.
A client may withdraw consent to the use and disclosure of personal information at any time, unless the personal information is necessary for us to fulfill our legal obligations. We will respect your decision, but we may not be able to provide you with certain products and services if we do not have the necessary personal information.
We may collect, use or disclose client personal information without consent only as authorized by law. For example, we may not request consent when the collection, use or disclosure is reasonable for an investigation or legal proceeding, to collect a debt owed to our organization, in an emergency that threatens life, health or safety, or when the personal information is from a public telephone directory.
How do we use and disclose personal information?
We use and disclose client personal information only for the purposes for which the information was collected, except as authorized by law. For example, we may use client contact information to deliver goods. The law also allows us to use contact information for the purpose of collecting a debt owed to our organization, should that be necessary.
If we wish to use or disclose your personal information for any new business purpose, we will ask for your consent.
How do we safeguard personal information?
We make every reasonable effort to ensure that client information is accurate and complete. We rely on our clients to notify us if there is a change to their personal information that may affect their relationship with our organization. If you are aware of an error in our information about you, please let us know and we will correct it on request wherever possible. In some cases, we may ask for a written request for correction.
We protect client personal information in a manner appropriate for the sensitivity of the information. We make every reasonable effort to prevent any loss, misuse, disclosure or modification of personal information, as well as any unauthorized access to personal information.
We use appropriate security measures when destroying client personal information, including shredding paper records and permanently deleting electronic records.
We retain client personal information only as long as is reasonable to fulfill the purposes for which the information was collected or for legal or business purposes.
Do you allow access to records containing personal information?
Subject to some exceptions, customers of Baby’s Planet have a right of access to their own personal information in a record that is in our custody or under our control. For example, organizations are required under the Personal Information Protection Act to refuse to provide access to information that would reveal personal information about another individual. Organizations are authorized under the Act to refuse access to personal information if disclosure would reveal confidential business information. Access may also be refused if the information is privileged or contained in mediation records.
If we refuse a request in whole or in part, we will provide the reasons for the refusal. In some cases where exceptions to access apply, we may withhold that information and provide you with the remainder of the record.
You may make a request for access to your personal information by writing to our Customer Care center or by sending us an email. You must provide sufficient information in your request to allow us to identify the information you are seeking.
You may also request information about our use of your personal information and any disclosure of that information to people outside our organization. You may also request a correction of an error or omission in your personal information.
We will respond to your request within 45 calendar days, unless an extension is granted. We may charge a reasonable fee to provide information, but not to make a correction. We will advise you of any fees that may apply before beginning to process your request.
How does Shopify handles data and payment information?
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.