Privacy Policy

Date of Last Revision: January 1, 2025

We are BigCommerce (“BigCommerce,” “we,” “our,” “us”), a leading open SaaS and composable ecommerce platform that empowers brands and retailers of all sizes to build, innovate and grow their businesses online. We want to help you better understand how we collect, use, protect, share, and otherwise Process your Personal Data. This Privacy Policy is designed to help you understand your privacy choices when you visit our site, access our Mobile App, use our services, or otherwise interact with us. It does not apply to websites or services that we do not control, including those linked or connected through our website, Mobile App, or services. It also does not apply to the websites or services of BigCommerce users.



This Privacy Policy is incorporated into, and forms an integral part of, the BigCommerce Website Terms of Use. Capitalized terms have the meanings ascribed to them in the Definitions section or our Website Terms of Use. Please note that our services may vary by region. We encourage you to read this Privacy Policy carefully and take the time to get to know our practices. If you have questions about this Privacy Policy or our privacy practices, please contact us at privacy@BigCommerce.com.

  1. Definitions.
    1. Information Types.
      • “Account Information” means data about how and when a BigCommerce account is accessed and the features used, including Store Information.
      • “Browser Information” means provided by a browser, including the IP address, the website visited, network connection, device information, and other data, including Cookies.
      • “Contact Information” means basic personal and business information, such as first and last name, company name, email address, postal address, phone number, and may include social media account information.
      • “Device Information” means information about your device, such as device ID number, model, and manufacturer, version of your operating system and geographical region, collected from any devices when accessing our website, using the Mobile App, or any of our services.
      • “Payment Information” means, for example, credit card, ACH or other payment information. In some jurisdictions, Payment Information is considered Sensitive Information and where required by law we treat this data accordingly.
      • “Security Information” means user ID, password and password hints, and other security information used for authentication and account access.
      • “Store Information” means information about your store, its products, and its architecture.
      • “Support Information” includes information about your hardware and software, authentication data, chat session contents, error reports, performance data, and other communication or technical information and may, with express permission, include remote access to facilitate troubleshooting.
      • “Transaction Information” means the data related to transactions that occur on our platform, including product, order, shipping information, Contact Information, and Payment Information.
      • “Usage Information” means information collected when you interact with the BigCommerce website, Mobile App or any of our services, including functionalities accessed, pages visited, and other interaction data.
    2. “Automated Decision Making” means a decision made solely by automated means without human involvement.
    3. “BigCommerce Family of Companies” means entities operated and controlled by BigCommerce and includes any subsidiaries and affiliates. These entities include companies with the names and marks of BigCommerce, Feedonomics, and Makeswift, such as BigCommerce, Inc., a Texas corporation in the United States; BigCommerce UK Ltd., a United Kingdom limited company, BigCommerce Software Ireland Ltd., an Irish limited company, BigCommerce Pty. Ltd., an Australia proprietary limited company, BigCommerce Pty. Ltd., an Australia proprietary limited company, Feedonomics Holdings LLC, a Delaware corporation in the United States, and Makeswift, Inc., a Delaware Corporation in the United States.
    4. “Controller” means an entity that determines the purposes and means of the Processing of Personal Data.
    5. “Cookie” means a small file that resides on your computer’s hard drive that often contains an anonymous unique identifier that is accessible by the website that placed it there, but is not accessible by other sites.
    6. “Merchant” means an entity that has used or is using the services for ecommerce.
    7. “Mobile App” means the BigCommerce mobile application available through third-party app stores for mobile devices.
    8. “Partner” means a separate legal entity that is a participant in our Agency Partner Program, our Technology Partner Program or other third-party technology integration with the BigCommerce platform, a theme designer, reseller, or referrer of the services.
    9. “Personal Data” means information that (i) relates to an identified or identifiable natural person, or (ii) identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.
    10. “Process” or “Processing” means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, including, but not limited to, alteration, collection, organization, recording, retrieval, storage, transmission, and use.
    11. “Processor” means the entity which Processes Personal Data on behalf of the Controller.
    12. “Sensitive Personal Data” means any data that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, or data concerning health or a natural person’s sex life and/or sexual orientation.
    13. “Shopper” means an entity or natural person that interacts with the ecommerce offering of a Merchant through the BigCommerce platform.
    14. “Third-Party Product Provider” means the provider of Third-Party Products you engage with or enable.
    15. “Third-Party Service Provider” means the provider of a Service Controlled by BigCommerce or the BigCommerce Family of Companies for the enablement of our business and the services we provide.
    16. “Visitor” means a person who engages with BigCommerce or our website.
  2. Merchants/ Prospective Merchants.
    3. Information Collected.
      • When a Merchant or prospective Merchant interacts with us or our Website, for example, by signing up for a trial, a subscription, or a newsletter or other content, or performing transactions, BigCommerce may collect and control information such as Account Information, Browser Information, Contact Information, Payment Information, Support Information, Device Information, Security Information, Transaction Information, Usage Information and set a Cookie.
      • When a Merchant or prospective Merchant interacts with our Mobile App, BigCommerce may collect and control information such as Account Information, Contact Information, Device Information, Usage Information and Security Information.
    4. Information Usage. We use this information as a Controller to provide Merchants with, support, and improve our services, confirm identities, detect and resolve fraud, compliance, or security issues, for advertising and marketing, for invoicing, to resolve incidents related to the use of our Website and services, to improve and personalize our services, such as push notifications regarding your store activities, to comply with legal or contractual obligations, and in other cases with your consent. At times we use Automated Decision Making to assist or facilitate these activities, such as the detection of fraudulent account creation when signing up for our services.
    5. Information Sharing. Subject, where applicable, to confidentiality obligations, we may disclose certain information, including Account Information, Contact Information, Support Information and Transaction Information, to Partners that refer Merchants to us or may be engaged by a Merchant to provide services, apps or products relating to the Merchant’s store(s) or use of our Website and services, or to confirm identities and improve and personalize our interactions and services. We may share information with Third-Party Service Providers to assist in fulfilling our business activities and obligations for which they are contracted to assist us with or with Third-Party Product Providers when you enable features and functionality we do not control. We may share Contact Information within the BigCommerce Family of Companies. We may also share information as identified in Section 8 below.
  3. Partners/ Prospective Partners.
    1. Information Collected. When a Partner or prospective Partner signs up for a Partner account or refers a Merchant to us, or otherwise interacts with us. BigCommerce may collect and control information such as Account Information, Browser Information, Contact Information, Payment Information, Support Information, Security Information, and Usage Information.
    2. Information Usage. We use this information as a Controller to provide Partners support and improve our services, confirm identities, detect and resolve fraud, compliance, or security issues, for advertising and marketing, for invoicing, to resolve incidents related to the use of our Website and services, to improve and personalize our services, to comply with legal or contractual obligations, and in other cases with your consent. At times we use automated decision making to assist or facilitate these activities, such as the detection of fraud.
    3. Information Sharing. Subject, where applicable, to confidentiality obligations, we may disclose certain information, including Account Information, Contact Information, Support Information and Transaction Information. We may share information with Third-Party Service Providers to assist in fulfilling our business activities and obligations for which they are contracted to assist us with and with Third-Party Product Providers when you enable features and functionality we do not control. We may share Contact Information within the BigCommerce Family of Companies. We may also share information as identified in Section 8 below.
  4. Visitors.
    1. Information Collected. When Visitors browse our Website, or engage in communications with us online or offline, we may collect and control, as applicable, Browser Information, Support Information, Contact Information, and Usage Information submitted or communicated to us.
    2. Information Usage. We use this information as a Controller to provide our services, and improve and personalize communications, interactions, our services, and provide support if needed. We may use this information in other cases as consented.
    3. Information Sharing. Subject, where applicable, to confidentiality obligations, we may disclose certain information, including Account Information, Contact Information, Support Information and Transaction Information. We may share information with Third-Party Service Providers to assist in fulfilling our business activities and obligations for which they are contracted to assist us with and with Third-Party Product Providers when you enable features and functionality we do not Control. We may share Contact Information within the BigCommerce Family of Companies. We may also share information as identified in Section 8 below.
  5. Shoppers.
    1. Information Collected. When Shoppers interact with a Merchant’s ecommerce offering through the BigCommerce platform, we may collect and Process Contact Information, Browser Information, Security Information and Transaction Information of the Shopper on behalf of the Merchant.
    2. Information Usage. We use this information as a Processor to provide our services to Merchants, support and Process orders, and manage risk and fraud. The Merchant is the Controller of this information and Shoppers who have questions about our use of this information should contact the Merchant. We may also use certain information as a Controller to improve and personalize our services, and manage risk and fraud.
    9. Merchant Privacy Policies. Merchants are responsible to provide their Shoppers:
      • required privacy notices and policies outlining their privacy practices and how the Merchant, BigCommerce and relevant third parties collect and Process Shoppers’ Personal Data;
      • post an accurate privacy policy on their storefront that complies with all applicable laws and regulations;
      • Process Personal Data in accordance with applicable laws and, to the extent required under such laws, provide notice to and obtain informed consent from Shoppers for the use and access of their Personal Data by BigCommerce and other third parties; and
      • if the Merchant is collecting any Sensitive Personal Data from Shoppers, obtain affirmative, explicit, and informed consent and allow such Shoppers to revoke their consent to the use and access of Sensitive Personal Data at any time.
  6. Legal Basis for Processing (EEA Residents).
    1. Lawful Basis. We generally Process Personal Data from you where (i) we need the Personal Data to perform a contract with you, (ii) the Processing is in our legitimate interests and not overridden by your rights, or (iii) we have your consent to do so. In some cases, we may also have a legal obligation to Process Personal Data from you or may otherwise need the Personal Data to protect your vital interests or those of another person.
    2. Notice. If we ask you to provide Personal Data to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your Personal Data is mandatory or not, as well as of the possible consequences if you do not provide your Personal Data.
    3. Legitimate Interest. If we Process your Personal Data in reliance on our legitimate interests (or those of any third party). For instance, we may rely on our legitimate interests when responding to your queries, improving and personalizing our platform, undertaking marketing, or for the purposes of detecting or preventing illegal activities (e.g. checking your identity, fraud prevention).
    4. Questions. If you have questions about or need further information concerning the legal basis on which we collect and use your Personal Data, please contact us using the contact details provided below.
  7. Communications.
    1. Promotional. BigCommerce and the BigCommerce Family of Companies may send promotional communications to existing and prospective Merchants, Partners, and Visitors, by email, phone, and other channels, such as LinkedIn. For example, we may provide special offers or market to the recipient or invite the recipient to participate in a survey or attend an event. You can opt-out of receiving promotional communications from us at any time. For information about managing email subscriptions and promotional communications, please go to our email preferences page.
    2. Account. We send certain required communications, such as account notices or information, to users of our services. You may not opt out of receiving these communications if you have an active account with BigCommerce.
  8. Information Sharing. Our Services are possible because of a variety of Third-Party Service Providers and Third-Party Product Providers. Sometimes it is necessary for us to share Personal Data with Third-Party Service Providers to support our Services and provide you with the core functionality of our Services. You may also choose interactions and engagements to enable the experience and functionality you request by interacting or engaging with Third-Party Product Providers. We may also provide access to, transfer, disclose, and/or retain Personal Data with consent, at your request, by contract, or in the circumstances described below.
    1. Compliance. If we have a good faith belief that doing so is necessary to: (i) comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies; or (ii) protect the rights or property of BigCommerce, including enforcing the terms governing the use of the services.
    2. Protection. If we have a good faith belief that doing so is necessary to: (i) protect Merchants, Prospects, Partners, Shoppers, Visitors, or others; for example, to prevent spam or attempts to defraud us or users of our services, or in response to threats of safety or harm of any person; or (ii) operate and maintain the security of our products, including to prevent or stop an attack on our computer systems or networks.
    3. Affiliates. We share Personal Data among the BigCommerce Family of Companies for the purposes described in this Privacy Policy.
    4. Third- Party Service Providers. BigCommerce works with Third-Party Service Providers including: data processors, contractors, and other businesses to assist us in providing, supporting, and improving our Services and operating our business as described in this Privacy Policy.
    5. SDKs and APIs. BigCommerce may include third-party libraries such as Software Development Kits (SDKs) or Application Interfaces (APIs) within our applications (including the Mobile App) for the purposes described in this Privacy Policy, including the following:
      1. Functional SDKs: these are software libraries we use to enhance the end user experience and functionality within the application, such as graphics and display of images within the app, and in-app notifications according to preferences.
      2. Analytics SDKs: these are external third-party sub processors’ libraries we use in collecting device and usage data for application performance monitoring.
    6. Payment Processing. We share payment data with banks and other entities that Process payment transactions and Payment Information or provide other financial services, and for fraud prevention and credit risk reduction.
    7. Your Interaction with Third-parties. When interacting with our Services you may be able to link or engage Third-Party Products such as third-party websites, services, scripts, social media networks, applications, or other third-party features. Enabling Third-Party Products may allow Third-Party Product Providers to access or Process your Personal Data or enable BigCommerce to access data including Personal Data from those Third-Parties Product Providers. BigCommerce does not have control over, nor do we endorse, these Third-Party Products and we are not responsible for the privacy or security of any information you provide to Third-Parties Product Providers or request BigCommerce provide to Third-Parties Product Providers. For example, when you request an integration, such as the installation of an application, we share the information requested by the application as part of the integration you requested. We do not verify the application or its security or privacy practices. When interacting with Third-Party Product Providers, their respective privacy policy and other terms apply. We encourage you to review the privacy policies of Third-Party Product Providers before engagement.
    8. Change of Control. We may share Personal Data with actual or prospective acquirers, their representatives and other relevant participants in, or during negotiations of a corporate transaction including: sale, merger, acquisition, restructuring, bankruptcy or similar proceedings, or change in control involving any portion of BigCommerce or the BigCommerce Family of Companies.
  9. Automated Decision-Making. Some Personal Data may be used in Automated Decision Making to help us screen accounts for risk, fraud, or abuse concerns. You can object to profiling, including profiling for marketing purposes, or contest or dispute such decisions by contacting us here. Subject to applicable law, we may provide you with details underlying the automated decision-making review and rectification of any inaccuracies.
  10. Cookies.
    1. Usage. BigCommerce and its Third-Party Service Providers use Cookies, web beacons, and similar tracking technologies (“Cookie”) to recognize you when you visit our website, remember your preferences, and give you a personalized experience. When you visit our websites, we, or an authorized third party, may place a Cookie on your device that collects information, including Personal Data, about your online activities over time and across different sites. Cookies allow us to track use, infer browsing preferences, and improve and customize your browsing experience.
    2. Persistence. We use both session-based and persistent Cookies on our websites. Persistent Cookies remain on your computer when you have gone offline, while session Cookies are deleted as soon as you close your web browser. A website may set a Cookie if the browser’s preferences allow it. A browser only permits a website to access the Cookies that it has set, not those set by other websites.
    19. Types.
      • Essential. These Cookies are necessary for our website to work as intended. 
      • Functional. These Cookies enable enhanced functionality, like videos and live chat. Without these Cookies, certain functions may become unavailable.
      • Analytics. These Cookies provide statistical information on site usage. For example, these Cookies enable web analytics that allow us to improve our website over time.
      • Targeting and Advertising. These Cookies are used to create profiles or personalize content to enhance your experience.
    28. Control. BigCommerce utilizes Global Privacy Controls. Additionally, you can access your cookie settings by utilizing the link for Cookie Settings at the bottom of the webpage. It is also possible to disable Cookies through your device or browser settings. Disabling cookies may affect your ability to use our website. For instance, we may not be able to recognize your computer or mobile device and you may need to log in every time you visit our website. The method for disabling Cookies may vary by device and browser, but can usually be found in preferences or security settings. Please use the following links for further instructions:
    29. Other Resources. To find out more about Cookies, including how to see what Cookies have been set and how to manage and delete them, visit allaboutcookies.org, or aboutcookies.org.
  11. Third Party Application Stores. Third party application stores, such as Apple’s App Store or Google’s Google Play, might collect additional information and share them with us. Please refer to the application store’s Privacy Policy to better understand how they Process any of the Personal Data they collect and share with app publishers like ourselves.
  12. Information Protection and Retention.
    1. Information Protection. We maintain administrative, technical, and physical security measures designed to provide reasonable protection for Personal Data against unauthorized access, disclosure, alteration, loss, and misuse. These security measures include access controls, encryption, and firewalls. We are certified as a PCI DSS Level 1 compliant service provider, which is the highest level of compliance available, and our platform is audited annually by independent third-party qualified security assessors against the ISO 27001 security standard. Unfortunately, no method of Internet use, data transmission, or electronic storage is completely secure, so we cannot guarantee the absolute security of Personal Data.
    2. Your Responsibilities. While we are dedicated to securing our Website and Services, you are responsible for securing and maintaining the privacy of your passwords and Account Information. We are not responsible for protecting Personal Data shared with a third-party based on an account connection that you have authorized.
    3. Retention. We use and retain your Personal Data, as long as, necessary, and for the purpose for which it was provided, including any purposes set for in this Privacy Policy (for example, for services, products, or interactions that you have requested or initiated; for communications with you; for invoicing, advertising, and marketing; for improving user experience, such as troubleshooting, optimization, and personalization; and to comply with legal, contractual, and regulatory obligations). We may also use and retain information for other purposes where you have given consent, such as in response to a pricing or hiring inquiry, or where a legitimate commercial interest exists.
  13. Accountability and Safeguards for Onward Transfer.
    1. Data Transfer. We provide services around the world. To provide our services, it may be necessary to transmit Personal Data outside of the country, state, or province where the data was collected/received, including to the United States. Such international data transfers may involve the flow of data from certain countries or regions to others that have different, and potentially less protective, privacy laws. To account for this, BigCommerce strives to maintain appropriate internal and external data protections, including (i) relying on legally or contractually adequate mechanisms to lawfully transfer data across borders in accordance with applicable laws; and (ii) obligating third parties, including applicable Processors and vendors, to provide at least the same level of data protection and use restriction as maintained by BigCommerce and required by applicable laws.
    2. Standard Contractual Clauses. For third-country transfers outside of the EU/EEA we also use the Standard Contractual Clauses adopted by the EU Commission in Commission Implementing Decision (EU) 2021/914 of 4 June 2021 as a transfer mechanism and implement additional safeguards as required. We use these Standard Contractual Clauses as modified by the UK International Data Transfer Addendum for data transfers outside of the UK. If you require further information on our transfer mechanisms, please use the information in Section 16.
    3. Remedial Measures. If we learn Personal Data is not protected according to our contract, or is being Processed beyond the legal basis for Processing, we will take reasonable steps to protect your information and/or cease its illegitimate Processing.
  14. Data Privacy Framework. BigCommerce has certified the following entities for compliance with the Data Privacy Frameworks: 1) BigCommerce, Inc. 2) BigCommerce Holdings, Inc. As part of the Data Privacy Frameworks, BigCommerce complies with, and is a member of, the EU-U.S. (including the U.K. extension) and Swiss-U.S. Data Privacy Frameworks as set forth by the U.S. Department of Commerce (collectively the “Data Privacy Frameworks”) regarding the collection, use, retention, and onward transfer of Personal Data transferred from the European Union, the United Kingdom, and Switzerland to the United States. If there is any conflict between the terms in this Privacy Policy and the Data Privacy Frameworks , the Data Privacy Frameworks shall govern. To learn more about the Data Privacy Frameworks, and to view our certification, please visit the U.S. Department of Commerce site at https://www.dataprivacyframework.gov/. In accordance with the Data Privacy Frameworks, BigCommerce: (i) is subject to the investigatory and enforcement powers of the Federal Trade Commission; (ii) may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements; and (iii) may be liable in cases of onward transfers to third parties. BigCommerce also commits to periodically reviewing and verifying the accuracy of this Privacy Policy and the company’s compliance with the Data Privacy Frameworks, and remedying issues identified. All employees of BigCommerce that have access to Personal Data covered by this Privacy Policy are responsible for conducting themselves in accordance with this Privacy Policy. Failure of a BigCommerce employee to comply with this Privacy Policy may result in disciplinary action. For additional information on how to contact BigCommerce or initiate a Data Privacy Framework complaint for third-party dispute resolution, please refer to Section 16. If your complaint is not resolved through these channels, under certain conditions a binding arbitration option may be available before a Data Privacy Framework panel. For additional information, please visit Data Privacy Framework.
  15. Data Subject Rights.
    21. Generally. Under applicable law and dependant upon your jurisdiction, you may have the ability to exercise certain rights over your Personal Data. Because BigCommerce values your Privacy, we strive to provide reasonable steps to allow you to access, rectify, erase, port, and restrict or object to the use of your Personal Data. When collection is based on your consent, we provide you with notice at collection and the right to withdraw consent at any time, without affecting the lawfulness of Processing based on consent before its withdrawal by applicable law. If permitted by applicable law, you may also have the right to lodge a complaint with a supervisory or regulatory authority if you believe that the Processing of your Personal Data infringes your rights. Exercise of certain rights, including requests for deletion of Personal Data, may be limited in certain circumstances and may adversely affect our ability to serve you. Several jurisdictions have enacted privacy laws to codify certain rights. The goals and requirements of these laws are consistent with our longstanding commitment to data protection and transparency, including the general principles, disclosures, and data subject rights articulated in this Privacy Policy. Depending on the jurisdiction, these laws provide individuals with rights to: 
      • Access or know about their information
      • Correct their information, if inaccurate
      • Delete or erase their information 
      • Opt-out of the sale of their Personal Data
      • Opt-out of Cross Contextual Behavioral Advertising or Targeted Advertising
      • Opt-out of the use of Personal Data for profiling
      • Control how a business uses their Sensitive Information
      • Be notified about a business’s data practices
      • Restrict or object to certain types of Processing
      • Nondiscrimination for exercising privacy rights
      • Contact BigCommerce’s privacy team or external DPO
      • Appeal or complain if a business refuses to delete, correct, or provide their information
    22. Universal Opt-Out Mechanisms, Global Privacy Control and Do Not Track. BigCommerce honors requests for Global Privacy Controls also known as Universal Opt-Out Mechanisms when they are enabled. ‘Do Not Track’ are not honored unless they fit into an existing Global Privacy Control because there is no common understanding around what a 'Do Not Track' signal is supposed to mean or how it should be interpreted.
    23. Sale of Data. BigCommerce does not “sell” Personal Data as defined by law.
    24. Profiling. BigCommerce does not Profile as defined by law.
    25. Targeted Advertising. BigCommerce may use targeted advertising, as defined by law, as part of our advertising efforts. We target individuals we believe are interested in our products and services, including existing and prospective Merchants, Partners, and Visitors. Where required by law we provide the means to opt-in to or consent to these practices or opt-out of these practices. BigCommerce does not Process Sensitive Information for the purposes of targeting an individual for advertising purposes.
    26. Merchants, Partners, and Visitors. Merchants and Partners are able to update and control many types of Personal Data collected by BigCommerce directly within their accounts. Please contact us if you are a Visitor or otherwise unable to access or otherwise change your Personal Data within your account.
    27. Shoppers. We serve as a Processor or Service Provider for our Merchants. Shoppers should contact Merchants directly regarding their Personal Data, as Merchants act as Controllers and Business over such Personal Data and BigCommerce cannot act on a request without authorization from the Merchant. When appropriately identified, we can forward Shopper requests to Merchants, but we are unable to action the request.
    28. How to Exercise Your Rights. To exercise your rights under this provision or submit a request to delete your Personal Data, please click here.
    29. Authentication. To protect your Personal Data, we may need to verify your identity by a method appropriate to the type of request you are making. We may also request that your authorized agent have appropriate written permission from you to make requests on your behalf, and we may also need to verify your authorized agent's identity to protect your Personal Data. We reserve any and all rights to decline requests to the extent permitted by applicable law.
  16. Contact Information; Enforcement; Recourse.
    1. Contact Information. BigCommerce commits to resolve complaints about our collection or use of your Personal Data in accordance with applicable law. Individuals with inquiries or complaints regarding our Privacy Policy or practices should first contact BigCommerce at: privacy@bigcommerce.com: or BigCommerce, Inc. 11305 Four Points Austin, TX 78726 Attention: Legal Department or our Article 27 EU Representative: BigCommerce Software Ireland Ltd. 32 Merrion Street Upper Dublin 2 D02KW80, Ireland or our UK representative: BigCommerce UK Ltd 34-37 Liverpool Street London EC2M 7PP United Kingdom Inquiries will be reviewed by BigCommerce’s internal privacy function and escalated to BigCommerce’s external Data Protection Officer (DPO) where appropriate. BigCommerce will respond to any such inquiries or complaints without undue delay and in accordance with applicable law.
    2. Enforcement; Recourse. We urge you to contact us to find a solution for any concern you may have about our data practices; however, applicable law may permit you to lodge a complaint with your competent data protection authority (i.e., the authority of your place of habitual residence, place of work or place of alleged infringement). You can click here for contact details for data protection authorities in the EEA and in the United Kingdom.
    3. Data Privacy Framework Dispute Resolution. In compliance with the Data Privacy Frameworks, BigCommerce commits to refer unresolved complaints concerning our handling of Personal Data received in reliance on the Data Privacy Frameworks to ANA DPF Dispute Resolution, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your Data Privacy Framework related complaint from us, or if we have not addressed your Data Privacy Framework related complaint to your satisfaction, please visit ANA DPF Dispute Resolution for more information or to file a complaint at: https://ana.net/dpf-consumers. The services of ANA DPF Dispute Resolution are provided at no cost to you.
  17. California Disclosures (California Residents).
    19. CCPA Rights. The CCPA provides certain rights to California consumers, including the following:
      • Notice at Collection: At or before the time of collection, you have the right to receive notice of our Personal Data practices and, where applicable, notice that your data may be collected;
      • Right to Know: You have the right to request that we disclose certain details to you about the Personal Data we collect, use, or disclose, as well as about our data practices, including the categories of Personal Data have collected from you in the past twelve (12) months and categories of third parties with whom we have shared it;
      • Right to Request Deletion: You have the right to request that we delete certain Personal Data that we have collected from you;
      • Right to Non-Discrimination: We will not discriminate against you for exercising any of these rights. These rights are not absolute, and there may be cases when we decline your request as permitted by law. Further, if you are a California resident and a Merchant, Partner, or Visitor, we generally only collect and Process Personal Data about you as a result of your business dealings with us. This may limit the extent to which consumer rights under the CCPA apply to you. If you are a California resident and a Shopper, BigCommerce only Processes your Personal Data as a service provider acting on behalf of a Merchant. You should contact the Merchant to exercise any rights under the CCPA.
    20. Selling or Sharing. BigCommerce does not “sell” or “Share” Personal Data as defined by California law.In accordance with this Privacy Policy, we may share Personal Data with authorized Third-Party Service Providers or business Partners who, where necessary based on the nature of the sharing and purpose for which the Personal Data was provided, have agreed to contractual limitations as to their retention, use, and disclosure of such Personal Data. We may also share Personal Data if you use our services to interact with third parties or direct or otherwise authorize us to disclose your Personal Data to third parties.
    43. Information Collected. As set forth in this Privacy Policy, we collect the following types of information from you, your device(s), or from third parties:
      • identifiers, such as Browser Information, Device Information, and Security Information;
      • commercial information, such as Account Information, Contact Information, Transaction Information, and Usage Information;
      • internet or network information, such as Browser Information and Device Information;
      • geolocation data, such as Browser Information and Device Information;
      • financial information, such as Payment Information;
      • other Personal Data, such as Support Information; and
      • information derived from other categories, which could include your preferences, interests, and other information used to personalize your experience. We may disclose this Personal Data to the categories of third parties and for the business purposes described in this Privacy Policy, such as disclosures to service providers that assist us with securing our services or marketing our products.
    44. Shine the Light Disclosures. California law permits you to request information regarding the disclosure of your personal information to third parties for the third parties’ direct marketing purposes. Feedonomics does not share information with unaffiliated third parties for their marketing benefit. For additional information, California residents may contact us at the address below using the reference “Shine the Light Disclosure.”
    45. Exercising Your Rights. To exercise your rights under the CCPA, please refer to Section 16 and use this form or contact us at privacy@bigcommerce.com.
  18. Children. Our Services and website are not targeted toward children or those under the age of majority under any applicable law. We do not knowingly collect the Personal Data of children, or use it in a manner not permitted by the U.S. Children’s Privacy Protection Act (COPPA). If you are a parent or guardian and you believe we have collected information from your child in a manner not permitted by law, please submit a data subject request under Section 16 or contact us at privacy@bigcommerce.com. We will remove the data to the extent required by applicable laws.
  19. Updates. We may update this Privacy Policy from time to time in response to changing legal, technical or business developments. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. If there is a material change to this Privacy Policy we will notify you and obtain your consent where it is required by applicable data protection laws to do so. You can see when this Privacy Policy was last updated by checking the “Date of Last Revision” date displayed at the top of this Privacy Policy.