Privacy and Security Policy
Privacy and Security Policy
Last Updated (May 11, 2019)
Your personal information is protected. We take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
Once you enter our secure Site, a closed padlock will show in your browser status bar. That means that your personal and card details are fully encrypted, and remain secure across the Internet and after they reach our order processing centre.
This Site is secured with a GoDaddy.com Web Server Certificate. Transactions on our Site are protected with up to 256-bit Secure Sockets Layer encryption (SSL). If you provide us with your credit card information, the information is encrypted and stored with AES-256 encryption.
Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
In the unlikely event that your personal data is compromised, we will notify you without delay. The competent UK Supervisory Authority (Information Commissioner’s Office) will also be notified within 72 hours by e-mail with all the information about the extent of the breach, affected data, any impact on the Service. Our action plan for measures to secure the data and limit any possible detrimental effect on the data subjects (after we establish the likelihood and severity of the resulting risk to people’s rights and freedoms) will also be sent to the Information Commissioner’s Office at the same time.
A “personal data breach” is a type of security breach that leads to the accidental or unlawful destruction, alteration, loss, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed in connection with the provision of the Service.
See The Loving Nature’s Cookie Declaration at the end of this Policy for information on the cookies we use.
The personal information we collect
When you visit the Site, we automatically collect certain information about your device. That includes information about your web browser, IP address, time zone, and some of the cookies that are installed on your device.
Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information.”
We collect Device Information using the following technologies:
- Cookies – data files that are placed on your device or computer and often include a unique anonymous identifier
- Log files – track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps
- Web beacons, tags, and pixels – electronic files used to record information about how you browse the Site
How we use your personal information
When you purchase something from our Site, as part of the buying and selling process, we collect the personal information you give us such as your name, address and e-mail address. We use the order Information that we generally collect to fulfil any orders placed through the Site (including processing your payment information, arranging for shipping, and providing you with invoices and order confirmations).
Additionally, we use the order Information to communicate with you or screen the orders for potential risk or fraud. When in line with the preferences you have shared with us, to also provide you with information or advertising relating to our products or services.
We use the Device Information to screen for potential risk and fraud (in particular, your IP address), and more generally to optimise and improve our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).
Sharing your personal information and third-party services
We share your Personal Information with trusted third parties to help us use your Personal Information. For example, we use WooCommerce to power our online store. You can read more about how WooCommerce uses your Personal Information here https://woocommerce.com/privacy-policy. Also, when you choose a direct payment gateway to complete your purchase, like PayPal, Amazon Pay or Pay by Card (via Stripe), some of your data will be passed to the respective third party (more in the ”Payment” section).
As you visit our Site, we are gathering information about your visit. We collect this information to improve our delivery of information and services to you. For that, we utilise technology from third-party companies like Google. We utilise Google Analytics to aid in website measurement. This software is employed to evaluate (anonymously and in aggregate) how people use The Loving Nature site. You can read more about how Google uses your Personal Information here https://www.google.com/intl/en/policies/privacy. Here you can opt-out of Google Analytics https://tools.google.com/dlpage/gaoptout.
How you can access, update or delete your data
You are entitled to access, correct or delete any personal information we have about you. Also, you have the right to lodge a complaint with a supervisory authority. You may request a copy of your data in an electronic format that you can take to other service providers. We will respond to your request within 30 days by providing a link to a location where the data can be downloaded or directly via e-mail.
To easily access, view, update, delete or port your data (where available) please sign in to your Account and visit your “Dashboard”.Please contact us for additional information and guidance for accessing, updating or deleting data.
If you request to delete your data and that data is necessary for the products or services you have purchased, the request will be honoured only to the extent it is no longer required for any services or products purchased. Same if it is required for our legitimate business purposes or legal or contractual recordkeeping requirements.
We generally store information about you for as long as we need it for the purposes for which we collect and use this information, and we are not legally required to continue to keep it. We will also store comments or reviews if you choose to leave them.
When you place an order through the Site, we will maintain your Order Information for our records unless and until you ask us to delete this information.
How do you get my consent?
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to us collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason (e.g. marketing), we will ask directly for your consent. Also, we will provide you with an opportunity to say no.
How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time, by contacting us at email@example.com
It is important to note that The Loving Nature does not sell, rent or lease any of your personal information.
Although, if required by law, we will release your personal information due to a search warrant, court order or other lawful requests, or to otherwise protect our rights.
Go Daddy Operating Company, LLC host our Site. They provide us with an online platform that allows us to sell our products and services to you.
Your data is stored in Go Daddy’s data storage and databases. They store your information on a secure server behind a firewall using the latest technologies available.
Payment can be made by any method specified on the checkout page.
If you choose a direct payment gateway to complete your purchase, like PayPal, Amazon Pay or Pay by Card (via Stripe), some of your data will be passed to the respective third party. That includes information required to process or support the payment, such as the purchase total and your billing information, Name, Email, Address, Phone, City/State/Postcode, Unique payment identifier, Payment provider identifier.
The data is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS) and is stored only as long as is necessary to complete your purchase transaction, to comply with the legal and regulatory obligations or for the purpose of fraud monitoring, detection and prevention. They might also retain data to comply with tax, accounting, and financial reporting obligations, and where data retention is mandated by the payment methods supported.
All our payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
To better understand how our payment providers use and store the data shared with them, check their privacy policies directly:
- PayPal: https://www.paypal.com/uk/webapps/mpp/ua/privacy-prev
- Amazon Pay: https://pay.amazon.com/us/help/201491260
- Stripe: https://stripe.com/gb/privacy
Changes to this policy
After making any material changes to this Policy, you will be notified here that the Policy has been updated. That way you are aware of what information we collect, how we use it, and under what circumstances if any, we use or disclose it.
If this Site is acquired or merged with another company, your information may get transferred to the new owners.
Questions and contact information
If you have any questions, concerns or complaints about our Privacy and Security Policy, our practices or our services, please contact us by e-mail at firstname.lastname@example.org or by post using the details provided below:
The Loving Nature – 10 Lime Grove, Hafan Fach, Tavernspite, Pembrokeshire, SA34 0NQ, United Kingdom
How to control cookies
You can manage or delete cookies as you wish. For details, see aboutcookies.org. You can delete all cookies that are already on your computer and can set most browsers to stop them from being placed. If you do this, however, some services and functionalities may not work.
Please also see our FAQs page https://thelovingnature.co.uk/faq.