This Privacy Policy offers you information on how our service StorMe (StorMe is the product of Innovation Technology Incubator GmbH, Heinz-Nixdorf-Strasse 6, 74172 Neckarsulm, Germany and is referred to in the following text as “StorMe”, “we/us/our”) deal with your personal and non-personal data whether you visit our website, located at https://www.StorMe.store and our Shopify app (the "StorMe App").
Privacy Policy
1. Controller and Data Protection Officer
Controller in the meaning of data protection law:
Innovation Technology Incubator GmbH

Data Protection Officer
Should you have any questions about our data protection measures, the processing of your data or the protection of your rights as a data subject, you can contact us and our data protection officer as follows.
If you have any questions or concerns regarding your information, please contact:
data-support@StorMe.store

2. Definitions

2.1 Personal data
“Personal data” means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

2.2 Technical data
“Technical data” means any information that cannot be related to your identity, like e.g. information on browser types, operating systems, domain names, access dates and times, referring website addresses, online transactions and browsing and search activity.

2.3 Processing
“Processing” means any operation or set of operations which is performed on data such as collection, recording, organizing, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

3. Collecting and processing of personal data
The scope of how we collect and process personal and non-personal data on you or other information depends on the way you get in touch with us or our technologies and services:
· as a visitor of www.StorMe.store;
· StorMe App users as a brand in the role of supplier, retailer, or both.
With this Privacy Policy, we want to keep you informed which information we receive and use on every stage.
We use personal data only for administering and providing our technologies and services. We store personal and any other kind of data strictly in compliance with applicable data protection and privacy legislation and our contractual duties, and will prevent unauthorized access to data to the best of our abilities.

 4. Collecting and processing of website visitors personal data.
If you visit the StorMe.store website, we log the following data to facilitate the use of our website and to ensure its security and stability our web servers:
·    the IP address of the requesting device;
·    the date and time of your visit;
·    the data specifications of your browser and operating system; 
·    the website you were referred from to our website (so-called Referer URL). 
This information is stored in a log file until it is automatically deleted.

4.1 Cookies
We use cookies to improve and optimize the usability of our website. Cookies do not cause damage to your device, do not contain viruses, trojans or other malicious software. The cookie stores information, which is linked to the respective device used. We use "Web beacons" to know when you complete certain actions on our site and Service, such as submitting a form. Web beacons are electronic files used for tracking these actions. This does not mean, however, that we store personal information about you or are aware of your identity.Visiting and surfing on our website is possible without cookies. Most browsers accept cookies automatically. You may alter the security settings of your web browser in order to stop your device receiving and storing cookies, to allow receiving and storing cookies from selected websites only, or to be notified before receiving cookies. Please note, however, that these settings may have negative effects on the usability and user guidance of websites and other online services. You may delete cookies stored in your browser at any time. Information stored in such cookies will be removed from your device.
 
Below you can see OPT-OUT for different browsers 

4.2 The personal data in «contact details» form.
For the purpose of receiving feedback or any questions you might have we may collect next information about you that might have included:
– email
– name
–phone number
–your contact in messengers (Whatsapp, Telegram)
– monthly Sales Revenue
– any additional information that you might put in email or comment.
You provide this information to us by using the «Web» form or by the email you send.
To provide advice, support, answer any questions you may have. Your data after filling out the form can be processed in mailing systems in accordance with paragraph 6

4.3 We may use the Personal Information we collect for a range of reasons, including:
  • Through website cookies, which you may manage through our cookie banner, we share your information with third-party marketing platforms (e.g. Google Ads, Facebook Ads, LinkedIn) to provide tailored advertising on our Websites and other websites that you may visit
  • To market our products and/or services to you
  • To analyze Website usage and improve the services offered
  • For market research, project planning, troubleshooting problems
  • For detecting and protecting against error, fraud or other criminal activity
  • To enforce compliance with our Terms and applicable law, and to protect the rights and safety of our Brands and third parties, as well as our own. This may include developing tools and algorithms that help us monitor the use of our Services and prevent violations.
4.3 We may use the Personal Information we collect for a range of reasons, including:
  • Through website cookies, which you may manage through our cookie banner, we share your information with third-party marketing platforms (e.g. Google Ads, Facebook Ads, LinkedIn) to provide tailored advertising on our Websites and other websites that you may visit
  • To market our products and/or services to you
  • To analyze Website usage and improve the services offered
  • For market research, project planning, troubleshooting problems
  • For detecting and protecting against error, fraud or other criminal activity
  • To enforce compliance with our Terms and applicable law, and to protect the rights and safety of our Brands and third parties, as well as our own. This may include developing tools and algorithms that help us monitor the use of our Services and prevent violations.
4.4 Website visitors as a brand in the role of supplier, retailer, or both.
To provide advice, support, answer any questions you may have. Your data after filling out the form can be processed in mailing systems in accordance with paragraph 6

5. Collecting and processing of StorMe App users personal data.
This Privacy Policy describes how personal information is collected, used, and shared when you install or use the StorMe App in connection with your Shopify-supported store.
When you install the StorMe App, we are automatically able to access certain types of information from your Shopify account:

5.1 API Scope list:
API scopes:
- write_products - receiving products from suppliers and creating necessary products for retailers
- write_inventory -synchronization of inventory between supplier and retailer stores- write_orders - receiving retailer orders and creating suppliers orders
- write_draft_orders - receiving retailer draft orders and creating suppliers draft orders
- read_locations - obtaining information about warehouses
- read_assigned_fulfillment_orders - to create a delivery from the warehouse of the retailer from which the stock was originally debited
- write_fulfillments - retailer order status update
 
5.2 We collect the following types of personal information from you once you have installed the StorMe App:
Identifiers: first name, last name, email, phone number;
Commercial information: revenue amount, shop domain, orders information, billing information
This information may be collected directly by us or through Shopify, Inc. and sent to us when you install our StorMe App. 

5.3 Retailers' customer data
Retailers' customer data is processed and transmitted via the application to the supplier.
Data List:
-name;
-order id;
-order price;
-delivery address;
- any other information on the order (which is in the orders card);
 
5.4 Purpose to processing your data - authorization, authentication, analytics, orders history, providing services in StorMe App.
We do not use this data for advertising and marketing purposes.
There are no marketing or advertising related services in StorMe App.
We do not process data from customers of retailer for purposes other than facilitating the interaction between the supplier and the retailer in order to deliver the order to the end customer.

5.5 Data processing period:
  - If the data subject is a brand - until the brand deletes their account from our application.
    -Unless and until the data subject ask us to delete this information.
  - Data is stored no longer than is necessary to comply with the terms of use and legal requirements.

5.6 Location of storing and processing information:
5.6.1
For the purposes of processing the data of users of the application, we use only providers in Europe.
List of providers:
Data center:
-Fornex Hosting S.L.
Edificio Altair - Office 212 Urb. Saladillo 214 29680 Estepona (Málaga), Spain
- AWS Europe - Amazon Web Services EMEA SARL, Luxembourg-based AWS entity
 
5.6.2 For the purpose: billing between retailers and suppliers.
For the billing purpose we use Stripe, Inc, that may store your bank account and/or credit card details (referred to as "Payment Information"). We connect with those third parties to bill you for payments associated with using the Service. We do not store or process payment information, such as your credit or debit card number or your bank account number.
 
Stripe, Inc privacy https://stripe.com/en-in/privacy
 
5.7 For all questions and requests related to the security of your information, please contact us and our privacy officers data-support@StorMe.store
 
6. Newsletters and business communication
With the following information, we will inform you about the contents of our newsletter as well as the registration, dispatch, statistical evaluation procedure and your right of objection. By subscribing to our newsletter, you agree to the receipt of the newsletter and the procedures described.
We send out newsletters, e-mails and other electronic notifications with promotional information (hereinafter “Newsletter”) subject to the consent of the recipient or a legal permission.
The newsletters and business communication can be sent by StorMe itself via corporate Gmail account.
For conversation with our web site visitors we used a third-party service named amoCRM.
amoCRM is a multifunctional CRM that using for the conversation with our customers.
amoCRM does not use the data of our newsletter recipients to contact them independently or transfer data to third parties except in cases prescribed by amoCRM personal data policy (https://www.amocrm.com/privacy/).

7. Legal Basis
We base the processing of your data on the following legal bases:
  • Your consent, if you have given us such consent (Art. 6 para. 1 lit. a) GDPR)
  • The initiation or execution of a contract with you (Art. 6 para. 1 lit. b) GDPR) 
  • The fulfilment of legal obligations (Art. 6 para. 1 lit. c) GDPR)
  • The implementation of our legitimate interests (Art. 6 para. 1 lit. f) GDPR) 

8. Data protection and transmitting to third parties
We takes all technical and organizational security measures required to protect your personal data from loss, unauthorized disclosure or other forms of misuse. Data is stored in a safe environment that is not open to public access. Your personal data may be encrypted before transmission in certain cases (e.g. processing your login data). This means that – support by your browser provided – communication between your device and our servers will include recognized encryption measures.
Our staff has been trained in privacy matters and in dealing with data and information, which they gain access to in a responsible manner.
Please be aware that should you contact us via email, confidentiality of information therein may not be ensured. Third persons may have access to the contents of emails.
StorMe may transmit your data to:
-Service providers — to assist or facilitate in the services we provide to our clients, but only if we contractually assigned these to process data on our behalf and, both ourselves and the subcontracted service providers comply with all requirements of commissioned data processing regulations; 
-For website visitors: Social media platforms and third-party providers whose cookies and other codes are embedded on our website;
-Companies that we control and subsidiaries of such to fulfill our contractual obligations provided that these companies are subject to this Privacy Policy or privacy guidelines ensuring at least equal protection for your data;·       
-State institutions on the basis of mandatory national legislation;
-Banks and payment systems used by StorMe for the billing process. 

9. Transfer to Third Countries
Any data that you provide to us may be accessed, shared or processed by our offices, located in the European Economic Area, and service providers located in the European Economic Area and United States and abroad, if such data transfer is necessary for the specific purpose for which you submitted your data (such as the provision of goods or services under a written contract). This may entail a transfer of your Personal Information across international borders, including, but not limited to, transfers from within the United States to the European Economic Area (the “EEA”). The data protections standards may differ and be lower than the standards enforced in your jurisdiction. We only transfer personal data to third countries where the EU Commission has confirmed an adequate level of protection or where we can ensure the careful handling of personal data by means of contractual agreements or other suitable guarantees, such as certifications or proven compliance with international security standards.

10. User rights
You have the following rights concerning our processing of your personal data:
·    Right to access;
·    Right to rectification;
·    Right to erasure;
·    Right to the restriction of processing;
·    Right to data portability;
·    Right to object (on grounds relating your particular situation) in case of processing of your personal data based on our legitimate interest;  
·    Right to withdraw your consent at any time in case of any consent-based processing of your personal data without affecting the lawfulness of processing based on consent before your withdrawal; and
·    Right to lodge a complaint with a supervisory authority.
10.1 California Residents
We do not sell your data on the open market. However, under California’s new privacy law, the California Consumer Privacy Act, some of the ways we share information may constitute a “sale.”
Third Party Marketing. California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your Personal Information to third parties for the third parties’ direct marketing purposes. 
To make such a request, please contact us at the Contact Information below.
California Consumer Privacy Act. If you are a California consumer, you have the following rights beginning on January 1, 2020:
-The right to know what Personal Information is being collected about you.
-The right to know whether your Personal Information is sold or disclosed and to whom.
-The right to say no to the sale of Personal Information.
-The right to access your Personal Information.
-The right, in certain circumstances, to delete the information you have provided to us.
-The right to equal service and price, even if you exercise your privacy rights, unless the difference in service and/or price is reasonably related to the value provided to the you by your Personal Information.
Requests for Deletion and Information. In certain circumstances, California consumers have the right to request that we delete their information.
In addition, California consumers have the right to request, up to twice in a 12-month period, that a business that collects Personal Information about the consumer disclose to the consumer the information listed below for the preceding 12 months.
We have the right to request verification of your identity for all requests for information.
(1) The categories of Personal Information it has collected about that consumer.
(2) The categories of sources from which the Personal Information is collected.
(3) The business or commercial purpose for collecting or selling Personal Information.
(4) The categories of third parties with whom the business shares Personal Information.
(5) The categories of Personal Information that the business sold about the consumer and the categories of third parties to whom the Personal Information was sold, by category or categories of Personal Information for each third party to whom the Personal Information was sold.
(6) The categories of Personal Information that the business disclosed about the consumer for a business purpose.
(7) The specific pieces of Personal Information it has collected about that consumer.
To make such a request, please contact us at the contact information below.|
To remove your profile from StorMe, or to make a privacy request, please contact us at the contact information below or submit a request online.
If you are a website visitor, we use third party cookies on our website in order to serve you relevant ads on other websites. You may opt out of such cookies through our cookie banner or through your browser settings.
10.2 Contact for exercise your legal rights
You may exercise your legal rights by contacting us via email to data-support@StorMe.store In case you registered as a brand the role of supplier, retailer, or bothas on our website, you may delete your account by contacting us via email.
In case you a brand the role of supplier, retailer, or bothas in our StorMe App, you may delete your account via StorMe App or by contacting us via email.
While observing applicable privacy legislation we will erase your data without any action required by you, if retention of your data is no longer necessary for the purpose pursued or retention is no longer allowed for any legal reason.
We may restrict processing instead of erasing your data where legally not allowed to erase (e.g. legal obligations to maintain your personal data).

11. Amendments
We may modify this Privacy Policy and our data security provisions at any time, in particular, if new laws and regulations need to be adopted or we regard amendments reasonable.

12. Questions / Contact
For all questions and requests related to the security of your information, please contact us and our privacy officers data-support@StorMe.store