The new General Data Protection Regulation (GDPR) came into force in the EU on 25 May 2018.
Like most website operators, Stacey's Succulents collects non-personally-identifying information of the sort that web browsers and servers typically make available, such as the browser type, language preference, referring site, and the date and time of each visitor request. Our purpose in collecting non-personally identifying information is to better understand how visitors use our website. From time to time, we analyse the non-personally-identifying information, e.g., by running a report on trends in the usage of the website for insight purposes only in the hope of improving customer experience.
Stacey's Succulents also collects potentially personally-identifying information like Internet Protocol (IP) addresses for logged in users and for users leaving comments on blog posts. The amount and type of information we gather depends on the nature of the interaction.
The security of your personal information is important to us, but remember that no method of transmission over the internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.
How do we use your information?
We may use your information to fulfil and manage your orders, payments, returns and exchanges made through the site.
We may post testimonials with your consent. Prior to posting the testimonial, we will obtain your consent to use your name and testimonial. If you wish to update or delete your testimonial, please email email@example.com.
To enforce our terms, conditions and policies for business purposes and/or legal reasons.
For other business purposes involving data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our site, products, services, marketing and your experience as a customer of Stacey's Succulents.
How secure is the payment process?
Stacey's Succulents uses Wix Payments and PayPal for transactions.
The PCI DSS is the highest information security standard for organizations or companies that accept credit card payments. This standard provides protection of the privacy and confidentiality of the card's data used to complete the online transaction.
PCI Compliance helps to create a secure environment by improving the quality of the cardholder data in order to reduce the rate of credit card fraud cases. In addition, it ensures that the data for each payment is stored securely in a tamper-proof manner.
How will your data be stored?
Our company is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com's data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
All direct payment gateways offered by Wix.com and used by Stacey's Succulents adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
Will your information be shared with anyone?
We only share information with your consent, to comply with laws, to protect your rights, or to fulfil business obligations. We only share and disclose your information in the following situations:
Compliance with laws. We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements.
Vital interests and legal rights. We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to safety of any person and illegal activities, or as evidence in litigation in which we are involved.
Vendors, Consultants and Other Third-Party Service Providers. We may share your data with third party vendors, service providers, contractors or agents who perform services for us or on our behalf and require access to such information to do that work. Examples include: payment processing, data analysis, email delivery, hosting services, customer service and marketing efforts. We may allow selected third parties to use tracking technology on the Sites, which will enable them to collect data about how you interact with the site over time. This information may be used to, among other things, analyse and track data, determine the popularity of certain content and better understand online activity. Unless described in this Policy, we do not share, sell, rent or trade any of your information with third parties for their promotional purposes.
Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
With your Consent. We may disclose your personal information for any other purpose with your consent.
How long do we keep your information for?
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
Do we collect information from minors?
We do not knowingly collect data from or market to children under 18 years of age.
We do not knowingly solicit data from or market to children under 18 years of age. By using the site, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the sites. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we have collected from children under age 18, please contact us at firstname.lastname@example.org.
If you would at any time like to review or change the information in your account or terminate your account, you can:
Log into user account settings and updating the user account.