Who we are
We are 4 Southern Women who make handcrafted items for sale on this online store. The only person having access to the data on the website is Jolene MacFadden, our head designer, webmaster and blog writer.
Our website address is: https://swconlinestore.com.
What personal data we collect and why we collect it
The only data we collect is your email address and user name when you subscribe to the blog portion of the website. We assume you want to receive updates from our website when you subscribe otherwise why would you in the first place? If you have a picture registered with Gravatar to the email you subscribed with they will add it to your profile page. We only have one email address customer underscore service @ swcstore dot southernwomencrafts dot com and if you receive an email from anyone spoofing our domain then you might want to just delete it. Know also that we do not send out blanket emails ever. The only exception is when we post a new article and WordPress automatically sends a notice to each of our subscribers. Otherwise how would you know to come back and read it?
Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Contact forms
We do use a Contact Form program through the Jetpack Module (https://automattic.com/privacy/) – that will send your comments, questions, and suggestions directly to our email server and all responses will be listed in the Feedback section of our WordPress Admin. Each form is checked for spam through the Askimet widget (https://automattic.com/privacy/). We keep your email in our email account at 1and1 Webhosting Webmail (https://www.1and1.com/terms-gtc/terms-privacy/) for a year as a reference and possible future blog posts. The information on our WordPress Admin Feedback Panel is erased weekly.
“If Akismet is enabled on the site, the contact form submission data (IP address, user agent, email address, site URL, and comment) is submitted to the Akismet service (also owned by Automattic) for spam checking.
The actual submission data is stored in the database of the site on which it was submitted and is emailed directly to the owner of the form (i.e. the site author who published the page on which the contact form resides). This email will include the submitter’s IP address, timestamp, name, email address, website, and message.
The IP address is included as an abuse prevention measure. And for sites using Akismet, it is required for providing proper spam defense.
We sync post and post meta data associated with a user’s contact form submission. If Akismet is enabled on the site, the IP address and user agent originally submitted with the comment are synced, as well, as they are stored in post meta.”
Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.
Analytics
We have inserted a Google Analytics Tracking code into our webpage to help Google Adsense deliver better ads to our sites. We don’t use the reports it creates and rarely even look at it. We just added it because we were told it was a good idea to help our readers get better ads that pertain to what they might be looking for. For more information on how and what that program does you can visit their inforamtional website: https://developers.google.com/analytics/resources/concepts/gaConceptsTrackingOverview
Who we share your data with
We do not share your data with any person only the software companies required to keep the website going, safe from hackers and spammers, delivery our crafter’s newsletter and to provide more relevant content ads to our readers. Those who become customers are explained more fully under the WooCommerce Section below.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Anyone who sets up a buyer’s account that information is stored in the database for as long as the customer wishes it to be on our site or 7 years after a purchase has been made per legal requirements.
Anyone who subscribes to our Crafter’s Newsletter through our MailChimp Widget will have their email address, first name and last name registered on our account with them in a listing to receive our monthly newsletter until you Opt-Out.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
We don’t send your data anywhere unless you request an export of the personal data being collected by our Content Management System-Wordpress (subscribing to our blog with email and a user name and any comments you make), Askimet (spam checking), Gravatar (to show your profile picture), Jetpack to send your email to us, to MailChimp (https://mailchimp.com/legal/privacy/) when you sign-up for our Montly Crafter’s Newsletter, Paypal to process your payments, Google Analytics to deliver more relevant ads while you are visiting our site, etc.
Visitor comments are be checked through an automated spam detection service as well as emails through our Contact Form.
Your contact information
We have an online store only and do not have a regular business address.
You can contact the webmaster through the email at customer underscore service at swcstore dot southernwomencrafts dot com
Additional information
Any subscriber to this blog or the Mailchimp Crafter’s newsletter, wishing to delete their account information from our website can do so through WordPress or contacting us via email with your email address you used to subscribe and any user name you entered. When you receive the newsletter from MailChimp there is an “opt-Out” link at the bottom just click on that and it will take your name off the list. Anyone who signed up for a customer account can delete their account at any time through their profile. We will not keep your information unless you have purchased an item from our store then we are required to keep some information for tax purposes.
We ask that all comments be rated “G” and on-topic. All others will be deleted.
How we protect your data
Our web hosting service has protections in place to keep out unregistered users. Our CMS-Wordpress Module Askimet weeds out spammers from registering as subscribers and making comments. Our email server has spam filters and virus protection monitors.
We have purchased a SSL certificate for this website as we process payments. That comes with it’s own encryption and security. Any information sent over the internet is encrypted by the program requesting or the information to and from our website. If you make a purchase of one or more of our handcrafted items from our online store payment is encrypted and sent directly to the Secure Servers at Paypal (https://www.paypal.com/us/webapps/mpp/ua/privacy-full?locale.x=en_US) who handles all financial transactions. We will never have access to your banking or credit card information.
What data breach procedures we have in place
Should there be a data breach each of our affected subscribers/customers will be emailed and if they request their account removed we will do so as soon as possible. Unless prohibited by law. Should they just want their private data erased we will do that as soon as requested.
What third parties we receive data from
The only third parties we receive data from is Gravatar if you have a picture registered with your email. And Askimet if your email has been registered as a spammer which those are erased every week. Paypal will send us a notice that we have received a payment from our website, who it was from, the amount and their name. We keep the email for tax purposes. Mailchimp stores your email address in a listing within our account so that they monthly crafter’s newsletters can go out, Paypal stores that transaction in our history but not the banking or credit card information.
What automated decision making and/or profiling we do with user data
We don’t use your data for anything other than the WordPress program sending you an email that we have posted a new article to the blog. Google Adsense may use your browsing and search history on our site to deliver more relevant ads while you are visiting our site.
Industry regulatory disclosure requirements
Plugin: Smush
Note: Smush does not interact with end users on your website. The only input option Smush has is to a newsletter subscription for site admins only. If you would like to notify your users of this in your privacy policy, you can use the information below.
Smush sends images to the WPMU DEV servers to optimize them for web use. This includes the transfer of EXIF data. The EXIF data will either be stripped or returned as it is. It is not stored on the WPMU DEV servers.
Smush uses a third-party email service (Drip) to send informational emails to the site administrator. The administrator’s email address is sent to Drip and a cookie is set by the service. Only administrator information is collected by Drip.
Source: WooCommerce
This sample language includes the basics around what personal data your store may be collecting, storing and sharing, as well as who may have access to that data. Depending on what settings are enabled and which additional plugins are used, the specific information shared by your store will vary. We recommend consulting with a lawyer when deciding what information to disclose on your privacy policy.
We collect information about you during the checkout process on our store.
What we collect and store
While you visit our site, we’ll track:
Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!
We’ll also use cookies to keep track of cart contents while you’re browsing our site.
When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:
Send you information about your account and order
Respond to your requests, including refunds and complaints
Process payments and prevent fraud
Set up your account for our store
Comply with any legal obligations we have, such as calculating taxes
Improve our store offerings
Send you marketing messages, if you choose to receive them
If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.
We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for XXX years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.
We will also store comments or reviews, if you choose to leave them.
Who on our team has access
Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:
Order information like what was purchased, when it was purchased and where it should be sent, and
Customer information like your name, email address, and billing and shipping information.
Our team members have access to this information to help fulfill orders, process refunds and support you.
Payments
In this subsection you should list which third party payment processors you’re using to take payments on your store since these may handle customer data. We’ve included PayPal as an example, but you should remove this if you’re not using PayPal.
We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information.
Please see the PayPal Privacy Policy for more details.
Source: WooCommerce Services
Data Used: For payments with PayPal or Stripe: purchase total, currency, billing information. For taxes: the value of goods in the cart, value of shipping, destination address. For checkout rates: destination address, purchased product IDs, dimensions, weight, and quantities. For shipping labels: customer’s name, address as well as the dimensions, weight, and quantities of purchased products.
Data Synced: For payments, we send the purchase total, currency and customer’s billing information to the respective payment processor. Please see the respective third party’s privacy policy (Stripe’s Privacy Policy and PayPal’s Privacy Policy) for more details. For automated taxes we send the value of goods in the cart, the value of shipping, and the destination address to TaxJar. Please see TaxJar’s Privacy Policy for details about how they handle this information. For checkout rates we send the destination ZIP/postal code and purchased product dimensions, weight and quantities to USPS or Canada Post, depending on the service used. For shipping labels we send the customer’s name, address as well as the dimensions, weight, and quantities of purchased products to EasyPost. We also store the purchased shipping labels on our server to make it easy to reprint them and handle support requests.