We abide by and are compliant with the Data Protection Act 1998 (DPA) and the General Data Protection Regulation (GDPR) which comes into effect on May 25, 2018.
We are committed to keeping buyers’ personal information secure and confidential.
The GDPR is a new legal framework from the European Union (EU) that updates data protection regulations. The law is designed to solidify data protection privacy laws throughout the EU and enhance the rights of EU citizens to protect their personal data.
The GDPR applies to any business that offers products or services to EU citizens or collects personal information from EU citizens.
Whereas the previous framework regarding data protection applied to Data Controllers, the new framework applies to both Data Controllers and Data Processors (including subprocessors).
Data Controllers are responsible for deciding what personal data is collected and the purpose of that collection. Additional security is now required around obtaining and maintaining consent of use for personal data.
Data Processors have the obligation to keep records of personal data utilized and increase security measures around this use. Notification of security breaches is required to the Data Controllers and to customers.
For additional information on GDPR, click here.
For the purposes of GDPR, we are the Data Controller when selling on BraceAbility.com and process all personal data legally, fairly and in a transparent manner.
Under Article 6 of GDPR, the lawful basis on which we process personal data received from customers is that of “Contract” - whereby processing is necessary in order to fulfill buyer orders and enquiries.
We retain information provided by customers, such as transaction information for internal financial accounting purposes. It is a legal requirement to retain this information for a period of 7 years.
BraceAbility.com utilizes Shopify as a web platform and Data Processor. Shopify processes personal data according to documented instructions provided by BraceAbility. Shopify also acts as an intermediary for payment processing for BraceAbility and transmits data to the payment processor, Stripe, according to agreed to instructions.
In order to fulfill the instructions provided by BraceAbility in relation to customer orders, Shopify may use a number of subprocessors to:
Shopify ensures that subprocessors of information have updated standards to comply with GDPR.
For more information on Shopify GDPR compliance, visit Shopify’s GDPR Whitepaper.
BraceAbility utilizes multiple data processors in order to process and fulfill customer orders and provide customer service support. BraceAbility ensures all data processors using personal data comply with GDPR regulations.
We receive personally identifiable information via BraceAbility.com from customers only when it is voluntarily submitted by buyers when placing an online order. The data we receive includes: name, billing address, delivery name, delivery address, e-mail address, telephone number, date of order, items ordered, value of items ordered, chosen method of delivery.
We do not sell or rent personally identifiable information to any third party for any purpose.
We may use any personal buyer information provided by customers to:
We treat all information we hold about buyers as private and confidential. We will not reveal any personal details or details concerning buyers’ orders to anyone not connected with us, unless:
We may share buyer personal information with our suppliers, service providers and other contractors only to fulfil orders buyers place with us on BraceAbility.com.
Under GDPR, buyers are entitled to obtain from us, the Data Controller for the purposes of GDPR, when selling on BraceAbility.com, a copy of the data held concerning them and to have any inaccuracies in the data rectified. We are obliged to provide this data to within one calendar month of the request and free of charge, unless the nature of the request is complex, then the data will be provided within the reasonable time frame determined.
However, we have the right to refuse or charge for requests that are manifestly unfounded or excessive and repetitive.
Our customer support team is available Monday - Friday from 8:30 a.m. to 5:00 p.m. Central time.
Give Us a Call
Send Us an Email
Use our contact form to submit an email to customer support team. Click the “Support” icon on the bottom right of any page on our website. We typically respond within one business day (or faster).
BraceAbility.com is closed on the following United States holidays. This may affect your shipping time and they will be accounted for in the estimated ship date listed on each product page.
New Year's Day