In this Privacy Policy, we refer to any information that can uniquely identify an individual as “Personal Information”. This Privacy Policy describes how emilylightly.com (the “Site”) collects, uses, and discloses your Personal Information when you use or make a purchase from the Site. Please read this policy and contact us if you have any questions or concerns regarding your personal data.
Collecting Personal Information
When you visit the Site, we collect certain information about your device, your interaction with the Site, and information necessary to process your purchases. We may also collect additional information if you choose to leave a comment or contact us for customer support. See the list below for more information about what Personal Information we collect and why.
Device information
This Site collects information about your device to load the Site accurately for you and to perform analytics on Site usage to optimize your experience. Examples of device information collected include: version of web browser, IP address, time zone, cookie information, what sites or products you view, search terms, and how you interact with the Site. This information is collected automatically when you access our Site using cookies, log files, web beacons, tags, or pixels.
Order information
When you place an order on the Site, we collect information in order to provide products or services to you to fulfill our contract, to process your payment information, arrange for shipping, and provide you with invoices and/or order confirmations, communicate with you, screen our orders for potential risk or fraud, and when in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services. This information may include: name, billing address, shipping address, payment information (including credit card numbers or PayPal account information), email address, and phone number. This information may be shared with our processors, Stripe and/or PayPal.
Comments
When you leave a comment on the Site, WordPress collects the data shown in the comments form (name, email address, URL if applicable, and comments) to attribute your comments to you. WordPress also collects the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy-notice/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
This Site uses Akismet to reduce spam. Learn how your comment data is processed by Akismet here: https://akismet.com/privacy/.
Contact forms
This Site uses a WordPress plugin for its contact form. If you submit an inquiry through the contact form, we will be sent your name, email address, and any comments you provide. This is so that we know how to get back to you and can provide you with the requested support. The information submitted through the contact form is not retained or used for marketing purposes.
Minors
We do not knowingly collect or use Personal Information from children under 16 years of age. If we learn that we have collected Personal Information from a child under 16 years of age, the data will be deleted as soon as possible. If you are the parent or guardian and believe your child has provided us with Personal Information, please contact us at the address below to request deletion.
Sharing Personal Information
We share your Personal Information with service providers to help us provide our services and fulfill our contracts with you as described above. For example:
- This Site uses Shopify and PayPal as its payment processors. When you make a purchase, your information will be shared with Shopify and/or PayPal depending on the payment method you choose. They will process your information, such as your email address and billing information, as required for the purpose of fulfilling your order.
- This Site uses Flodesk as its email marketing automation platform. When you subscribe, Flodesk collects your name and email address. By subscribing, you acknowledge that the information you provide will be transferred to Flodesk for processing in accordance with their Privacy Policy and Terms of Service, and you agree that Flodesk may process your information in accordance with these terms. The information you submit will be kept until you request otherwise.
- This Site uses Google Analytics to track and store analytics data. Google Analytics may track data such as your IP address and which pages you view, which allows us to understand how customers use the Site, web traffic, and general trends. The Site does not have access to any of this information and may only view analytical data in aggregate. For example, a Site owner can see that a specific post has 285 views, but he/she cannot see which specific users/accounts viewed that post. You can view more information about how Google Analytics uses your information when you visit this website here: https://www.google.com/policies/privacy/partners. You may opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout/.
- This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
- Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.
Using Personal Information
We use your personal Information to provide our services to you, which includes: offering products for sale, processing payments, shipping and fulfillment of your order, and keeping you up to date on new products, services, and offers.
Lawful Basis
Pursuant to the General Data Protection Regulation (“GDPR”), if you are a resident of the European Economic Area (“EEA”), we process your personal information under the following lawful bases:
- Your consent;
- The performance of the contract between you and the Site;
- Compliance with our legal obligations;
- To protect your vital interests;
- To perform a task carried out in the public interest;
- For our legitimate interests, which do not override your fundamental rights and freedoms.
Retention
When you place an order through the Site, we will retain your Personal Information for our records unless and until you ask us to erase this information. For more information on your right of erasure, please see the ‘Your rights’ section below.
Automatic decision-making
If you are a resident of the EEA, you have the right to object to processing based solely on automated decision-making (which includes profiling), when that decision-making has a legal effect on you or otherwise significantly affects you.
We do not engage in fully automated decision-making that has a legal or otherwise significant effect using customer data.
Our processors PayPal and Stripe may use limited automated decision-making to prevent fraud that does not have a legal or otherwise significant effect on you. Services that include elements of automated decision-making include:
- Temporary denylist of IP addresses associated with repeated failed transactions. This denylist persists for a number of hours.
- Temporary denylist of credit cards associated with denylisted IP addresses. This denylist persists for a number of days.
Your rights
If you have an account on this Site, are subscribed to the newsletter, or have left comments, you have the right to request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You also have the right to request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
GDPR
If you are a resident of the EEA, you have the right to access the Personal Information we hold about you, to port it to a new service, and to ask that your Personal Information be corrected, updated, or erased. If you would like to exercise these rights, please contact us through the contact information below.
CCPA
If you are a resident of California, you have the right to access the Personal Information we hold about you (also known as the ‘Right to Know’), to port it to a new service, and to ask that your Personal Information be corrected, updated, or erased. If you would like to exercise these rights, please contact us through the contact information below. If you would like to designate an authorized agent to submit these requests on your behalf, please contact us at the address below.
Cookie policy
A cookie is a small amount of information that’s downloaded to your computer or device when you visit our Site. We use a number of different cookies, including functional, performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the site or browse from one page to another. Cookies also provide information on how people use the website, for instance whether it’s their first time visiting or if they are a frequent visitor.
The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing and persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and will expire between 30 minutes and two years from the date they are downloaded to your device.
You can control and manage cookies in various ways. Most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu. For more information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser’s help file or through such sites as www.allaboutcookies.org. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our website may no longer be fully accessible.
Do not track
Do Not Track (“DNT”) is a privacy preference that you can set in certain web browsers. We do not track the users of our Site over time and across third party websites and therefore do not respond to browser-initiated DNT signals. We are not responsible for and cannot guarantee how any third parties who interact with our Site and your Personal Information will respond to DNT signals.
Changes
This privacy policy was last revised on September 19, 2023. We reserve the right to update this privacy policy at any time in order to reflect changes to our practices or for other operational, legal, or regulatory reasons. All changes will be posted to this page with the effective date.
Contact
You can send us any questions, concerns, or requests regarding your personal data through our contact form or by sending an email to contact [at] emilylightly [dot] com.
If you are not satisfied with our response to your complaint, you have the right to lodge your complaint with the relevant data protection authority. You can contact your local data protection authority, or our supervisory authority here: https://www.priv.gc.ca/en/report-a-concern/