Last updated: October 2, 2018
Who I am
This website is run by me, Evelyn. I do not have any employees or assistants.
What Personal Data I Collect and Why I Collect It
Information collected via contact form is used only by me to communicate with you regarding your inquiries. No one else receives this information.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
When you sign up for my mailing list, your name and email are kept by my mailing list provider for the purpose of sending newsletters via email.
I collect your email address only if you voluntarily provide it to me. This may occur, for example, if you sign up to receive an email newsletter, posts by email, leave a comment, or enter a promotion. I will use your email address only for the purpose for which you provided it to me. You may opt out of such email communications at any time by clicking the “unsubscribe” button at the bottom of the email.
If you are a resident of a country in the European Economic Area (EEA), please refer to the section below entitled “Additional Rights of EEA Residents.”
Shop / Woocommerce
While you visit the shop, it will track:
- Products you’ve viewed: I’ll use this to, for example, show you products you’ve recently viewed
- Location, IP address and browser type: I’ll use this for purposes like estimating taxes and shipping
- Shipping address: I’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order
When you make a purchase, I’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. I’ll use this information for purposes, such as, to:
- Send you information about your account and order
- Respond to your requests
- Process payments and prevent fraud
- Set up your account for the store
- Comply with any legal obligations I have, such as calculating taxes
- Improve store offerings
- Send you marketing messages, if you choose to receive them
If you create an account, I will store your name, address, email and phone number, which will be used to populate the checkout for future orders.
The site will generally store information about you for as long as I need the information for the purposes for which I collect and use it, and I am not legally required to continue to keep it. For example, I will store order information for at least 5 years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.
I will also store comments or reviews, if you choose to leave them.
The IP address of visitors, user ID of logged in users, and username of login attempts are conditionally logged to check for malicious activity and to protect the site from specific kinds of attacks. Examples of conditions when logging occurs include login attempts, log out requests, requests for suspicious URLs, changes to site content, and password updates. This information is retained for 14 days.
Cookies are used by various plugins and scripts on my site in order to give me information about website visitors (analytics), to keep track of cookie consent/denial, by advertisers to monitor visitor behavior, and by various social media sites when I embed content from them.
If you leave a comment on the site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account (for the shop) and you log in to this site, it will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, the site will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
By using this site, you consent to the use of such cookies and the sharing of data captured by such cookies and our other third-party partners.
Embedded Content from other sites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can, however, obtain up-to-date information about blocking and deleting cookies via these links:
(a) https://support.google.com/chrome/answer/95647?hl=en (Chrome);
(d) https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer);
(e) https://support.apple.com/kb/PH21411 (Safari); and
Please note that blocking cookies may have a negative impact on the functions of many websites, including my site. Some features of the site may cease to be available to you.
Who I Share Your Data With
I do not share names or email addresses sent via contact forms with any other party.
If you sign up for my mailing list, my mailing list provider will have your name and email address.
Google Analytics only retains info about visitors, pages viewed, etc. GA does not collect any info that could identify you personally (but they collect data around the web in various forms and aggregate it, so see further info below to manage that data).
Data collected by social media companies (Facebook, Twitter, Pinterest, etc) becomes part of the data that each collects; see their individual sites for information about managing your data.
WordPress itself does not share any data with anyone.
I do not share shop information with anyone other than my payment processor, Paypal.
Payments / Paypal
I accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information.
How Long I Retain Your Data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website, we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Security logs are retained for 14 days.
Google Analytics keeps data on site traffic up to 14 months, the shortest retention period available (but remember, site stats do not have any info about who you are personally). While my site does not give Google any personal info about you, other websites might have at some point.
You can find out more & use tools to manage your Google data here: https://privacy.google.com/your-data.html.
How to view and/or delete your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
How Your Data Is Protected
I use the plugins Wordfence and iThemes Security to keep my site and your data secure. These services scan for malicious intruders, unauthorized access and/or changes, and keep me alerted if anything suspicious is noticed. They also block intrusion attempts to help keep the site more secure.
What Data Breach Procedures I Have In Place
If anything on my site is ever compromised, I will notify the proper authorities and notify every affected person to the best of my ability.
Additional Rights of European Economic Area Residents
If you are a resident of a country in the EEA, you have the rights, among others, to:
(i) access your personal data
(ii) ensure the accuracy of your personal data
(iii) the right to have us delete your personal data
(iv) the right to restrict further processing of your personal data, and
(v) the right to complain to a supervisory authority in your country of residence in the event that data is misused
If you believe that our processing of your personal information infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your residence, your place of work or the place of the alleged infringement.
You may exercise any of your rights in relation to your personal data by written notice to us addressed to the following: email@example.com
Children Under the Age of 13
This Website is not intended for children under 13 years of age. No one under age 13 may provide any information to the Website. We do not knowingly collect personal information from children under 13. If you are under 13, do not use or provide any information on this Website or on or through any of its features/register on the Website, make any purchases through the Website, use any of the interactive or public comment features of this Website or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact me at firstname.lastname@example.org.