Privacy Policy




When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address.
When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
Email marketing (if applicable): With your permission, we may send you emails about our store, new products and other updates.


How do you get my consent?
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.

How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at or mailing us at:
Jack & Winn Apparel Co.


We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.


Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.

If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service ( or Privacy Statement (


In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.

When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.


To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.


Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.


By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.


We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.


SECTION 10 - Your California Privacy Rights under the California Consumer Privacy Act (CCPA)

If you are an individual who is a resident of California (a California “consumer”), you have the following rights under the California Consumer Privacy Act, which went into effect on January 1, 2020, with respect to your “personal information” (as defined by CCPA):

 Right to Know.  You have the right to request that we disclose to you, following your “verifiable consumer request”:
  • The categories of personal information we have collected about you
  • The categories of sources from which the personal information is collected
  • The business or commercial purpose for collecting personal information
  • The categories of third parties with which we share personal information
  • The specific pieces of personal information we have collected about you
  • The categories of personal information about you that we disclosed for a business purpose
  • If we sell your personal information (to our knowledge, we do not sell personal information of California consumers – see below in this section under the heading “Disclosure of Personal Information”):
  • The categories of personal information that we sold about you
  • The categories of third parties to which your personal information was sold, by category or categories of personal information for each category of third parties to which the personal information was sold
  • The business or commercial purpose for selling personal information 
 Right to Delete.  You have the right to request that we delete, following your “verifiable consumer request”, the specific pieces of personal information we have collected about you.
  • Categories of personal information we collect
  • Specific pieces of personal information we have collected about you
  • Categories of sources from which we collect personal information
Right to Non-Discrimination.  We may not discriminate against you because you exercise any of your rights under CCPA, including by:
  • Denying goods or services to you
  • Charging you different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties
  • Providing a different level or quality of goods or services to you
  • Suggesting that you will receive a different price or rate for goods or services or a different level or quality of goods or services

Methods of Submitting Requests

If you are a California consumer, you may submit requests to exercise your “right to know” or your “right to delete” via either of the following methods:

 By email, to:


If you experience difficulty in accessing any part of our services or this Privacy Policy, please feel free to email us at


CCPA Personal Information 

We collect (and during the last 12 months have collected) the following categories of personal information, from the following categories of sources, and for the following business or commercial purposes:  

Categories of Personal Information

Categories of Sources

Business/Commercial Purposes

Identifiers (such as a real name, postal address, email address, an online identifier, or an internet protocol address)

We receive such informationdirectly from consumers (such as when they complete a purchase on our Website) and/or from third-party vendors (such as vendors that use cookies and other online tracking technologies on our Website and in third-party services (including in emails and advertisements) and third-party data providers)

For our operational and commercial purposes, including to manage, perform, and administer our contracts and relationships with consumers,to contact consumers, and/or to send information (including marketing information about our products) to consumers, and to engage in tailored advertising

Commercial information (such as records of the products a consumer purchased)

We receive such information directly from consumers (based on the purchase activities of those consumers on our Website) and/or from third-party vendors (such third-party data providers

For our operational and commercial purposes, including to manage, perform, and administer our contracts and relationships with consumers, to engage in tailored advertising, and to manage our supply chain (including with respect to buying decisions)

Internet or other electronic network activity information (such as browsing history, search history, and information regarding interactions with our Website and our advertising)

We receive such information from third-party vendors, including ad platforms and vendors that use cookies and other online tracking technologies on our Website and in third-party services (including in emails and advertisements)

For our operational and commercial purposes, including to engage in tailored advertising and to manage our supply chain (including with respect to buying decisions)

Geolocation data

We receive such information directly from consumers (such as when they complete a purchase on our Website) or from third-party vendors (such as third-party data providers)

For our operational and commercial purposes, including to manage, perform, and administer our contracts and relationships with consumers,to contact consumers and/or to send information (including marketing information about our products) to consumers

Inferences (drawn from any of the other categories of personal information of the information to create a profile about a consumer reflecting, for example, aconsumer’s product preferences)

We receive such information from third-party vendors, including vendors that perform analytics and remarketing services for us

For our operational and commercial purposes, including to engage in tailored advertising


Disclosure of Personal Information

We disclose (and during the last 12 months have disclosed) each of the above categories of personal information for a business purpose with our authorized service providers that perform certain services on our behalf, including fulfillment, shipping, and handling providers, payment service providers, data analytics providers, technology service providers, and advertising and marketing service providers and platforms. These services may include fulfilling orders, processing credit card payments, providing customer service and marketing assistance, performing business and sales analysis, supporting our Website functionality and supporting other features offered through our Website, and providing advertising and marketing services (including delivering tailored advertising and email marketing campaigns, and analyzing and improving the effectiveness of our advertising and marketing).

To our knowledge, we do not sell personal information of California consumers.  Prior to January 1, 2020 (including during the 12 months prior to January 1, 2020), we shared the personal information (in particular, identifiers, commercial information, Internet or other electronic network activity information, and geolocation data) of California consumers with third-party data resellers in connection with our use of their data cooperative and data provision, enrichment, verification, and analytics services, but we ceased that sharing practice with respect to California consumersprior to January 1, 2020.

Your California Privacy Rights under “Shine the Light”

California’s “Shine The Light” law permits certain individuals who are California residents to annually request and obtain information free of charge about what personal information is disclosed to third parties for direct marketing purposes in the preceding calendar year. We do not distribute your personal information to outside parties for their direct marketing without your consent, except as provided for in this Privacy Policy. 

For more information, please email us at with “California Shine the Light Privacy Request” in the subject line, and your full name, email address, postal address and specific services you have used in the body of your email.

Your Data Protection Rights Under the European General Data Protection Regulation (GDPR)

Data protection laws in Europe require a “lawful basis” for processing personal data” (as defined by GDPR). If you are in the European Economic Area (EEA), Jack & Winn’s legal basis for collecting, using, and disclosing the personal information described in this Privacy Policy will depend on the personal data we collect and the specific context in which we collect it.

If you are in the EEA and certain requirements are fulfilled, you have the following data protection rights:

  • The right to access, update or to delete your personal data. Whenever made possible, you can access, update or request deletion of your personal data directly within your account settings section. If you are unable to perform these actions yourself, please contact us to assist you.
  • The right of rectification. You have the right to have your personal data rectified if that information is inaccurate or incomplete.
  • The right to object. You have the right to object to our processing of your personal data if we have no legitimate reasons to do so, and to direct marketing.
  • The right of restriction. You have the right to request that we restrict the processing of your personal data (i.e., we would need to secure and retain the personal data for your benefit but not otherwise use it).
  • The right to data portability. You have the right to be provided with a copy of your personal data in a structured, machine-readable and commonly used format (or have this transferred to a third party).
  • The right to withdraw consent. You also have the right to withdraw your consent at any time where Jack & Winn relied on your consent to process your personal data.
If you wish to exercise one of the above-mentioned rights, please send us your request via email to: Please note that we may ask you to verify your identity before responding to such requests.

You also have the right to complain to a data protection authority about our collection and use of your personal data. We would, however, appreciate the opportunity to address your concerns before you approach a data protection authority, and would welcome you directing an inquiry first to us at:

Links to Third-Party Websites and Third Party Features

There are a number of places on our Website where you may click on a link to access another party’s website that does not operate under this Privacy Policy. For example, if you click on an advertisement or a search result on our Website, you may be taken to a third party website that we have no ownership or control. These third-party websites may independently solicit and collect from you and in some instances provide us with information about your activities on those websites. We strongly advise you to review the privacy policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services. 

We may allow you to connect our Website to a third-party service or offer portions of our Website through a third-party service (“Third Party Features”). If you use a Third Party Feature, both we and the applicable third party may have access to and use information associated with your use of the Third Party Feature, and you should carefully review the third party’s privacy policy and terms of use. Some examples of Third Party Features include the following: 

  • Liking, Sharing, and Logging-In. We may embed a pixel or SDK on our Website that allows you to “like” or “share” content on, or log-in to your Jack & Winn's account through, third-party services, including social networks such as Facebook. If you choose to engage with such a third-party service through our Website, we may collect any information you have authorized the third-party service to share with us (such as your user ID, billing information, public profile information, email address, birthday, friends list, and other account and profile data). Likewise, if you choose to engage with such a third-party service through our Website or visit our Website while logged in to that third-party service on your device or through our Website, the third-party may receive information about your activities on our Website and be able to associate that information with information the third-party already has about you. 
  • Brand Pages and Chatbots. We may offer our content on social networks such as a Facebook and Twitter. Any information you provide to us when you engage with our content (such as through our brand page or via our chatbot on Facebook Messenger) is treated in accordance with this Privacy Policy. Also, if you publicly reference our Website on a third-party service (e.g., by using a hashtag associated with Jack & Winn in a tweet or post), we may use your reference on or in connection with our Website.
  • Voice-Activated Skills. We may offer skills through Alexa and other voice-activated platforms, and use the voice processing and other technologies discussed in the section entitled “Automatic Data Collection and Tracking” above. Any information you provide to us when you engage with our skills is treated in accordance with this Privacy Policy.

Children's Privacy

Our Website is not intended for children under the age of 13.

We do not knowingly collect personal information from anyone under the age of 13. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us. If we become aware that we have collected personal information from children without verification of parental consent, we will take steps to remove that personal information from our servers.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

We will let you know via a prominent notice on our Website, prior to the change becoming effective, and update the "Effective Date" at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

To Contact Us

If you have any questions about this Privacy Policy or our information-handling practices, or if you would like to request information about our disclosure of information to third parties, please contact us by email, Jack & Winn is the controller responsible for your personal data.  As the controller, we determine the purposes for which and the manner in which any personal data are, or are to be, processed with respect to the Website.  If you have questions regarding this Privacy Policy or our Website privacy and data protection practices, or if you would like to contact our data protection representative our email address is info@jackandwinn.comFor specific California privacy inquiries, please see the contact information set forth above under “Your California Privacy Rights under the California Consumer Privacy Act (CCPA)” and Your California Privacy Rights under Shine the Light.




If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at or by mail at
Jack & Winn Apparel Co.
[Re: Privacy Compliance Officer]