Privacy Policy

Last Updated: January 7, 2020

This Privacy Policy describes how we collect and use your personal information in connection with this website (“website”), or other websites operated by us (collectively, the “websites”) and the applications, products, services offered by us (the “Services”) to our merchants. The website is operated by AirTank, Inc. dba ZiftrShop, which does business as ZiftrShop (“ZiftrShop”, “we”, “us”, “our”).

We may make changes to this Privacy Policy at any time, in our sole discretion. Generally, any changes will go into effect on the date they are posted. Should we make a material changes to this Privacy Policy, they will go into effect within a reasonable time period from the time they are posted to the website. In our discretion, we may also provide additional reasonable notice through other means, such as through emailed notice.

  1. The information we collect and how we may use it

    We collect information in two ways: first, we collect data from merchants who sign up for and use our Services and second, we automatically collect information when visitors interact with our websites.

    1. Information we collect from merchants

      We collect certain information directly from you, including when you establish an account with us, purchase certain Services from us or otherwise communicate with us:

      • In order to establish an account, you may be required to provide certain information that identifies you as an individual, including your name, address,telephone number,date of birth, and other information relating to the foregoing.

      • To use certain Services, you may be required to provide your business address, business type, business ID number, credit card information, bank account information, financial statements and government-issued identification, such as Social Security Number.

      • Where we need to verify your identity, you may be required to provide us with your government-issued identification information.

      • If you provide comments or suggestions to us, we will keep those, and if you contact our customer service or other departments, we will maintain those communications and your contact details.

      • We may also collect information from you when we communicate with you in phone calls, emails or other “offline” settings.

    2. Information we collect from visitors to this website

      We also collect information by automated means through cookies, web beacons and similar technologies when you visit our website, interact with our ads on other websites or open an email that we send. Cookies are small files that contain a short line of text that can identify and track a browser’s movements. A web beacon, also known as a web pixel tag, links web pages to web servers and their cookies, and may be used to transmit information collected through cookies back to a web server.

      We use cookies and web beacons on our website to identify you as you move from page to page and to collect information to keep track of your visit (or your email “opens”). When aggregated, this type of information helps us to understand and adjust to the needs and desires of our website visitors.

      We may use our own proprietary cookies (set from our own web domain), as well as cookies hosted by third party vendors such as ad or analytics vendors and partners. Third party cookies generally employ unique identifiers (often randomly generated) to help advertisers customize users’ web experiences, based on the users’ likely interests. They may be used to tailor ad content on websites you visit. They may collect data such as your browser type, your operating system, webpages visited, time of visits, content viewed, and other clickstream data. We use these cookies to retarget information and offers to you about our services: for instance, if you view a page on our website regarding an event or conference we are hosting, we might use a third party ad partner to send you an ad about the event when you visit another website.

      When you visit our websites or open an email you have received from us, we or one of our ad partners may place or recognize a unique cookie on your browser. These cookies enable us to send you ads about our services, customize our services and gather analytics about our web traffic. Additionally, emails we send to you may contain a web beacon that helps us understand the time and date when a user opened an email sent by us, and when he/she has used a link within the email to visit our website, thus allowing us to collect analytics about our traffic, customize our Services, and send better ads about our Services. These electronic images also may help us measure how effective our email campaigns are by, for instance, counting the number of individuals who visit our website or open an email we send. For example, the Google Analytics service on this website provides reports to us about how many users came to the website, and what links they may have used to get here. (To opt out of Google Analytics, please go here.)

      You can often disable our web beacons by turning images "off" in your email client (e.g., Outlook, Outlook Express). Please see your email client settings for more information.

      Your browser likewise may permit you to reject or delete cookies, but this may prevent proper working of our website. How we use the information we collect and receive

      Generally, we use the information we collect and receive to operate and improve our websites and Services. We also use it to send you offers and promotions and to market to you as described in Section 1.

      More specifically, we use the information for the purposes below to:

      • Evaluate, operate and improve our website and Services.

      • Process credit card transactions.

      • Verify your identity.

      • Help us screen merchant accounts for risk or fraud concerns.

      • Send you newsletters by email;

      • Market to existing merchants and potential customers, including by direct mail, email, display media and other channels, such as social media. When we market through display media, we use cookies and other technologies as described in Section 1.

      • Measure or analyze how visitors use our website or engage with our advertising (and to measure advertising performance):

      • Protect, analyze and secure the website and Services.

      • As otherwise necessary or appropriate to provide Services you request.

  2. We may also share information with third parties

    We share information that we collect or that you provide to us with various third parties.

    1. Service Providers. We work with a variety of service providers to deliver our Services and may share your information to provide, improve and operate the Services. These service providers may, for instance, receive information for purposes of tech support, customer support, network and hosting services and billing and collections.

    2. Third Party Service Providers. We also work with a variety of third parties and service providers whose services we make accessible through our Services. We share your information with these third parties so that you may use their services.

    3. Marketing Service Providers. In order to effectively market our Services, we share information with third parties that provide services pertaining to marketing (including email, display and direct mail marketing), data enhancement, email delivery, printing, data and marketing analytics, and campaign creation and analytics.

    4. Use by Affiliates. We share Information with affiliated companies. For instance, if we believe that you would be interested in receiving offers or discounts from one of our affiliated companies, we might share your contact information with that affiliate.

    5. Disclosure for Legal Process. We may share any Information when we believe in good faith that disclosure is necessary to protect our rights and/or to comply with a judicial or administrative proceeding, court or governmental order, or legal process served on us. We also may share information when we have a good faith belief it is necessary to prevent fraud or other illegal activity, to prevent imminent bodily harm, or to prevent harm to us, the website, our customers, or any other person or entity. This may include sharing information with other companies, lawyers, courts, or other government entities.

    6. Corporate Asset Transactions. We may sell, buy, merge or partner with other companies or businesses, or sell some or all of our assets. In such transactions, any Information we hold may be among the transferred assets, and may be shared during due diligence leading up to any transfer.

    7. Consent. We may share information about you in any other circumstances where we have your consent or in order to provide a requested service.

    In addition, we may share with third parties and/or service providers de-identified information about visitors to our website, which may include actual or inferred demographics, interests, and other online habits.

  3. Children's Privacy

    If you are under 13, please do not provide us with any information. We do not knowingly collect personal information about children. Our systems are not designed for use by children under the age of 13. If we learn we have collected or obtained personal information of someone under 13, we will delete that information from our database absent an important and permissible reason to keep it. If you believe that this has occurred, please contact us at

  4. Data Security

    We take seriously the security of the data we maintain. We take precautions to protect against unauthorized access to our systems and to prevent data from being disclosed to unauthorized parties. However, no security precautions are 100 percent foolproof: we therefore cannot guarantee unconditionally the protection of all information that you provide will always be safe from breach or hacking.

  5. Links on our websites

    We may sometimes display links on our website that put you in touch with third parties, such as through co-marketing programs or to provide other information on behalf of third parties. When you communicate with these third parties, such as clicking on the link or the third party’s ad, content, form or if you leave our website, we are not responsible for those third parties’ information practices, which are governed by their own privacy policies.

  6. Information for residents of the eea, switzerland and uk only

    ZiftrShop is located in the United States, and stores the data it owns, collects and receives in the United States. If you are accessing this website from outside of the United States, please be aware that any information that you provide or that we collect may be subject to less restrictive national (and state) privacy laws than those in your own country.

    When merchants (or potential customers) in the EU or the EEA provide us with personal data about themselves (e.g., their contact information, such as their email addresses), we usually process it either (a) pursuant to our contractual relationship with the merchant, (b) to serve the legitimate interest of operating our business and providing customers and potential customers with services and information; (c) for legal compliance purposes, or (d) pursuant to your consent. If you have provided us with personal data and want us to delete it from our active database, please contact us at the contact information in Section 8 below. We retain that personal data for as long as is necessary to fulfill the purposes for which it was collected (for instance, to provide prospective customers with information about our services).

    On the other hand, when our customers provide us with personal data about their own European customers, contact or clients, we act only as a “processor” of that data. European data protection law makes a distinction between organizations that process personal data for their own purposes (known as “data controllers”) and organizations that process personal data on behalf of other organizations (known as “data processors”). If you have a question, complaint or request regarding how your personal data is handled, these should always be directed to the relevant data controller since they are the ones with primary responsibility for your personal data.

  7. Your choices

    You have certain rights and choices with respect to your information such as:

    Marketing Communications: You can decline promotional communications at the point information is requested or, by following the unsubscribe instructions on communications sent to you. You can also contact us as described in the “Contact Information” section below. Your Legal Rights Under Local Law: Your local laws (e.g., laws of the E.U.) may permit you to request that we:

    • provide access to and/or a copy of certain information we hold about you;

    • prevent the processing of your information for direct-marketing purposes; (including any direct marketing processing based on profiling)

    • update information which is out of date or incorrect;

    • delete certain information that we are holding about you;

    • restrict the way that we process and disclose certain of your information;

    • transfer your information to a third-party provider of services; and

    • revoke your consent for the processing of your information.

    • Please note, however, that certain information may be exempt from such requests in some circumstances, which may include needing to continue processing your information for our legitimate interests or to comply with a legal obligation. We may request you provide us with information necessary to confirm your identity before responding to your request. Please note that we are a data controller with respect to information we collect from our website. We are a data processor of information we collect from merchants. To the extent you seek to exercise rights with respect to data we receive from merchants, you should contact the relevant merchant that acts as a data controller. To exercise any of these rights, please contact us as described in the “Contact Information” section below. In addition to those rights, you have the right to lodge a complaint with the relevant supervisory authority. However, we encourage you to contact us first, and we will do our very best to resolve your concern.

  8. Privacy Shield

    ZiftrShop complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. ZiftrShop has certified to the Department of Commerce that it adheres to the Privacy Shield Principles and that it complies with the EU-U.S. Privacy Shield Framework. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. Our self-certification is currently under review for approval by the Department of Commerce. If approved, our Privacy Shield certification will be available at ZiftrShop’s participation in the Privacy Shield applies to all personal data that is subject to the ZiftrShop Privacy Policy and is received from the European Union, European Economic Area, and Switzerland. ZiftrShop will comply with the Privacy Shield Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement in respect of such personal data. ZiftrShop’s accountability for personal data that it receives under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, ZiftrShop remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf (1) do so in a manner inconsistent with the Principles and (2) ZiftrShop is responsible for the event giving rise to the damage. We encourage you to contact us should you have a Privacy Shield-related (or general privacy-related) complaint. If you are a resident of the European Union and are dissatisfied with the manner in which we have addressed your concerns about our privacy practices, you may seek further assistance, at no cost to you, from our designated Privacy Shield independent recourse mechanism: The American Arbitration Association. As further explained in the Privacy Shield Principles, a binding arbitration option will also be made available to you in order to address residual complaints not resolved by any other means. Prior to initiating such arbitration, you must: (1) contact us and afford us the opportunity to resolve the issue; (2) seek assistance from our designated independent recourse mechanism; and (3) contact the U.S. Department of Commerce (either directly or through a European Data Protection Authority) and afford the Department of Commerce time to attempt to resolve the issue. Each party shall be responsible for its own attorney’s fees. Please be advised that, pursuant to the Privacy Shield, the arbitrator(s) may only impose individual-specific, non-monetary, equitable relief necessary to remedy any violation of the Privacy Shield Principles with respect to the individual. ZiftrShop is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).

    In compliance with the Privacy Shield Principles, Ziftrshop commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact (your organization name) at:

    Privacy Administrator
    AirTank, Inc.
    45 Main St, Suite 316
    Peterborough, NH 03458

    Ziftrshop has further committed to refer unresolved Privacy Shield complaints to, The American Arbitration Association, an alternative dispute resolution provider located in the United States of America. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit for more information or to file a complaint. The services of The American Arbitration Association are provided at no cost to you.

  9. Contact Information

    If you have questions about this Privacy Policy or about our privacy practices, please e-mail our privacy administrator at or contact us at:

    Privacy Administrator
    AirTank, Inc.
    45 Main St, Suite 316
    Peterborough, NH 03458