SECTION 1 – CORE BELIEF REGARDING USER PRIVACY AND DATA PROTECTION
- User privacy and data protection are human rights
- We have a duty of care to the people within our data
- Data is a liability, it should only be collected and processed when absolutely necessary
- We loathe spam as much as you do!
- We will never sell, rent or otherwise distribute or make public your personal information
SECTION 2 – RELEVANT LEGISLATION
A Soul Awakening’s website is designed to comply with the following national and international legislation with regards to data protection and user privacy:
- Australian Privacy Act 1988 (APA)
- EU Data Protection Directive 1995 (DPD)
- EU General Data Protection Regulation 2018 (GDPR)
- UK Data Protection Act 1988 (DPA)
This site’s compliance with the above legislation, all of which are stringent in nature, means that this site is likely compliant with the date protection and user privacy legislation set out by many other countries and territories as well.
SECTION 3 – PERSONAL INFORMATION THIS SITE COLLECTS AND WHY THIS IS COLLECTED
Section 3.1 Site Visitation Tracking
Like most websites, this site uses Google Analytics (GA) to track interaction. GA records your computer’s IP address which could be used to personally identify you, however Google do not grant access to this.
It is considered that Google is a third party data processor, see Section 5 – Third-Party Services.
Section 3.2 Our Journal
Should you choose to add a comment to any posts that are published on our journal, the name and email address you enter with your comment will be saved to this website’s database, along with your computer’s IP address and time and date that you submitted the comment. This information is only used to identify you as a contributor to the comment section on the respective our journal post and is not passed on to any of the third party data processors outlined below. Only your name will be shown on the public-facing website, although if the email address entered is linked to a Gravatar account, your Gravatar photo will likely be displayed.
Your comment and its associated personal data will remain on this site until we see fit to either 1. Remove the comment, or 2. Remove the journal post. Should you wish to have the comment and its associated personal data deleted, please email us here using the email address that you used when commented on journal post.
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site and post a comment on our journal.
NOTE: You should avoid entering personally identifiable information in the comments field of any journal post comments that you submit on this website.
Section 3.3 Contact Forms and Email Links
Should you choose to contact using the contact form on our Contact us Page or an email link like this one, none of the data that you provide will be stored by this website or passed to, nor be processed by any of the third party data processors outlined in Section 5 – Third-Party Services.
This data will be collated in an email and sent to us over Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected by TLS (also known as SSL), through GoDaddy as outlined Section 5 – Third-Party Services. Not all mail servers are secured in this way, therefore, we would suggest that you always consider email as an insecure medium and not include personal, confidential or otherwise sensitive information within an email.
Section 3.4 Email Newsletter and/or Blog Subscription
If you choose to join our email newsletter and/or Blog subscription, the email address that you submit to us will be forwarded to MailChimp who provide us with email marketing services. We consider MailChimp to be a third party data processor, Section 5 – Third-Party Services. The email address that you submit will not be stored within this website’s own database or in any of our internal computer systems.
NOTE: Email marketing; with your permission, we may send you emails about our store, new products and other updates.
Your email address will remain within MailChimp’s database for as long as we continue to use MailChimp’s services for email marketing or until you specifically request removal from the list.
You can do this by unsubscribing using the unsubscribe link contained in any email newsletters and/or Blog post that we send you or by requesting removal via email. When requesting removal via email, please send your email using the email account that is subscribed to the mailing list.
By subscribing to our email newsletter and/or Blog posts, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to join our email newsletter and/or Blog subscription.
While your email address remains within the MailChimp database, you will receive periodic (approximately one per month) newsletter-style emails from us.
SECTION 4 – HOW WE STORE YOUR PERSONAL INFORMATION
As outlined in Section 3.2 Our Journal above, when you submit a comment to the journal pose published on this website some personal information will be stored within this website’s database. This is presently the only occasion where personal data will be stored on this site, being a WordPress platform.
SECTION 5 – THIRD-PARTY SERVICES
In general, the third-party providers used by us will collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. Therefore, when you elect to proceed with a transaction that involves the services of a third-party service provider, your information may become subject to the laws of the jurisdiction(s) in which that service provider or their facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
As noted in Section 3 – Personal Information this Site collects and Why this is Collected, this site also uses a number of third-party providers to process personal data on our behalf. These third-party providers have been carefully chosen and all comply with the legislation as set out in Section 2 – Relevant Legislation. Three of these third-party providers are based in the United States and are EU-U.S Privacy Shield compliant:
SECTION 6 – ABOUT THIS WEBSITE’S SERVER
SECTION 7 – DATA BREACHES
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
In the unlikely event of a data breach, we will report any unlawful data breach of this site’s database to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
SECTION 8 – SOCIAL MEDIA
Changes and clarifications will take effect immediately upon being posted on the site. You will be updated of any changes here, so that you are aware of what information is being collected by our site, how we use this information and under what circumstances, if any, we use and/or disclose this.
If our site is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
Section 9.1 Change log
15 December, 2019 – Version 1.2
- Removal of Stripe as a payment provider
- Reference to Affiliate Partnerships, Disclaimer
14 May, 2018 – Version 1.1
- Review and inclusion of third-party provider information; EU General Data Protection Regulation 2018 (GDPR) requirements and social media.
08 May, 2016 – Version 1.0
SECTION 10 – CONTACTING US
A Soul Awakening (Aust) Pty Ltd