Privacy policy
PRIVACY POLICY
Last updated: October 27th 2025
This Privacy Policy describes how OUT OF LINE THREADS INC. (“we,” “us,” “our,” or the “Site”) collects, uses, and discloses your personal information when you visit, use our services, or make a purchase from outoflinethreads.com
If you have questions, or would like to exercise your privacy rights, contact our Privacy Compliance Officer at hnidywork@gmail.com or by mail: Unit 302-143 Stephen dr.
1) WHAT INFORMATION WE COLLECT & WHY
Device Information
-
Examples: browser version, IP address, time zone, cookie identifiers, pages/products viewed, search terms, on-site interactions.
-
Purpose: to load the Site accurately, maintain security, prevent fraud, and perform analytics to improve the Site and our services.
-
Source: automatically collected via cookies, log files, web beacons, tags, or pixels.
-
Disclosure for a business purpose: shared with our processor Shopify and (as applicable) analytics/advertising vendors you see listed below.
Order Information
-
Examples: name, billing/shipping address, contact info (email, phone), payment information (e.g., card details processed by Shopify), order details.
-
Purpose: to process payments, fulfill and deliver orders, provide invoices/confirmations, communicate with you, and screen for fraud.
-
Source: collected from you.
-
Disclosure for a business purpose: shared with Shopify and service providers involved in payment processing, shipping, fulfillment, and customer communications (see 5).
Customer Support Information
-
Examples: messages, attachments, and any additional details you choose to provide.
-
Purpose: to provide support and resolve issues.
-
Source: collected from you.
-
Disclosure for a business purpose: shared with our support tools/providers as needed to assist you.
We may also send you emails about our store, new products, and updates if you opt in (see 2).
2) CONSENT
When you provide personal information to complete a transaction, place an order, arrange delivery, or return a purchase, you consent to our collecting and using it for that specific purpose. If we ask for your information for a secondary purpose (e.g., marketing), we will either ask you directly for consent or provide an opportunity to decline.
Withdraw consent: you may opt out of marketing at any time (e.g., by using “unsubscribe” links or emailing [PRIMARY CONTACT EMAIL]).
3) DISCLOSURE
We may disclose personal information if required by law, court order, or to enforce our Terms of Service, or to protect our rights, property, or safety.
4) SHOPIFY (OUR E-COMMERCE HOST)
Our store is hosted on Shopify Inc. Your data is stored through Shopify’s secure infrastructure. If you complete a purchase using a payment method offered at checkout, your payment data is processed and encrypted by Shopify’s Payment Card Industry Data Security Standard (PCI-DSS) compliant services. After completion, payment transaction data is retained only as long as necessary to complete the transaction and then deleted per Shopify’s policies.
Learn more about Shopify privacy here: shopify.com/legal/privacy.
5) THIRD-PARTY SERVICES
We use service providers to help deliver our services (e.g., payments, shipping, fulfillment, analytics, advertising, customer support). These providers receive only the information necessary to perform their functions and are expected to protect it. If a provider is located in another country, your information may be subject to the laws of that jurisdiction.
Examples of providers we may use:
-
E-commerce/checkout: Shopify
-
Payments: Shopify Payments and/or other methods listed at checkout
-
Shipping & fulfillment: carriers and apps necessary to deliver your order
-
Customer support/communications: email service tools
-
Analytics/ads (if enabled): Google Analytics; advertising platforms referenced below
6) SECURITY
We follow industry-standard practices to protect your personal information against loss, misuse, unauthorized access, disclosure, alteration, or destruction, including encryption where appropriate. No method of transmission or storage is 100% secure.
7) AGE OF CONSENT
By using this Site, you represent that you are at least the age of majority in your jurisdiction, or you are the age of majority and have given us your consent to allow any minor dependents to use this Site.
8) COOKIES
Cookies are small files placed on your device. We use functional, performance, analytics, advertising, and social/content cookies to operate the Site, remember your preferences, prevent fraud, and understand how the Site is used.
Cookies necessary for the store to function (examples):
-
_ab(admin access) -
_secure_session_id(storefront navigation) -
cart,cart_sig,cart_ts,checkout_token,secret(checkout) -
secure_customer_sig,storefront_digest,_shopify_u(customer login)
Reporting & analytics (Shopify):
-
_tracking_consent,_landing_page,_orig_referrer,_s,_shopify_s,_shopify_sa_p,_shopify_sa_t,_shopify_y,_y
Duration: session cookies last until you stop browsing; persistent cookies usually last 30 minutes to 2 years.
Controls: most browsers accept cookies by default. You can block or delete cookies in your browser settings; some features may not work if you do.
9) BEHAVIOURAL ADVERTISING (IF ENABLED)
We may use information about your interactions on the Site to provide targeted advertisements or marketing communications we believe may interest you.
-
Google Analytics: learn more at policies.google.com/privacy; opt out: tools.google.com/dlpage/gaoptout
-
Advertising partners: we may share limited data (e.g., pages viewed, purchases, ad interactions) via cookies or similar technologies.
Opt out of interest-based ads:
-
Facebook: facebook.com/settings/?tab=ads
-
Google: google.com/settings/ads/anonymous
-
Bing: advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads
-
US: aboutads.info/choices | Canada: youradchoices.ca | EU: youronlinechoices.eu
Do Not Track: because there is no consistent industry standard, we do not alter our data practices when a browser sends a DNT signal.
10) USING YOUR PERSONAL INFORMATION
We use your information to: offer and improve products/services; process payments; fulfill and ship orders; provide invoices/confirmations; communicate with you; screen for risk/fraud; and, if you opt in, send marketing about products, services, and offers.
11) REGION-SPECIFIC INFORMATION & RIGHTS
We serve customers in Canada, the United States, the United Kingdom, and the European Union/EEA. Depending on your location, you may have certain rights.
A) European Union / EEA (GDPR) & UK (UK GDPR)
-
Lawful bases: your consent; contract performance; legal obligations; vital interests; public interest; and our legitimate interests (not overridden by your rights).
-
Transfers: your data may be processed in Ireland by Shopify and transferred outside Europe (e.g., Canada, US) for storage/processing. See Shopify’s GDPR resources: help.shopify.com/en/manual/your-account/privacy/GDPR.
-
Your rights: access, rectification, erasure, restriction, portability, and objection; the right to withdraw consent; and the right to lodge a complaint with your supervisory authority.
-
Automated decision-making: We do not engage in fully automated decisions producing legal or similarly significant effects using customer data. Shopify may use limited automated tools to prevent fraud (e.g., temporary deny-lists for failed transactions/IPs/cards).
Exercise your rights: email hnidywork@gmail.com with your request.
B) California, United States (CCPA/CPRA)
-
Rights: to know/access categories and specific pieces of personal information; to correct; to delete; to portability; to non-discrimination.
-
Selling/Sharing: Our Site [DOES / DOES NOT] “sell” or “share” personal information as defined by the CCPA/CPRA (for cross-context behavioural advertising). If applicable, you may opt out via the “Do Not Sell or Share My Personal Information” link (where provided) or by emailing us.
-
Authorized agents: you may designate an agent to make requests on your behalf.
Submit requests: email hnidywork@gmail.com
C) Canada (PIPEDA and provincial equivalents)
-
Rights: access to personal information, correction, and information about our practices and third-party transfers.
-
Transfers: service providers may process information outside Canada (e.g., US, EU) and it may be subject to foreign laws.
-
Questions/complaints: contact us at hnidywork@gmail.com; you may also contact the Office of the Privacy Commissioner of Canada or your provincial commissioner.
12) RETENTION
We retain personal information for as long as necessary to fulfill the purposes described above (e.g., to provide services, comply with legal obligations, resolve disputes). For orders, we keep records unless and until you ask us to erase them, subject to legal/operational requirements.
13) ACCESS, CORRECTION, ERASURE & PORTABILITY
You can request access to the personal information we hold about you and ask that it be corrected, updated, erased, or transferred. To submit a request, email hnidywork@gmail.com We may ask for information to verify your identity before acting on a request.
14) CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy from time to time to reflect changes to our practices or for legal/operational reasons. Changes take effect when posted on this page. If we are acquired or merge with another company, your information may be transferred to the new owner so we may continue to sell products to you.
15) QUESTIONS & CONTACT INFORMATION
For more information about our privacy practices, or to make a request or complaint, contact our Privacy Compliance Officer:
Email: hnidywork@gmail.com
Mail: 302-143 Stephen dr Etobicoke ON
If you are not satisfied with our response, you may lodge a complaint with your local data protection authority. Examples:
-
UK (ICO): ico.org.uk/make-a-complaint
-
EU: edpb.europa.eu/about-edpb/board/members
-
Canada (OPC): priv.gc.ca/en/contact-the-opc
-
California (CPPA/AG): oag.ca.gov/privacy
OPTIONAL: SERVICE PROVIDERS YOU CAN LIST (IF USED)
-
Analytics: Google Analytics
-