What personal data do we collect and why?
Personal data is collected in order to provide you with a better experience. The information that is collected is used to offer a personalized experience, enhance this website, send emails, improve customer service, and to facilitate all transactions. This includes your name, email, address, and phone number.
Your personally identifiable information will not be sold to third-party services and I make every effort to secure your information.
When visitors leave or reply to comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. If a user likes a comment and is logged into Disqus or WordPress.com their ID/username, the local site-specific user ID, and a true/false data point that tells us if the user liked a specific comment is used. If you perform a like action from a WordPress mobile app, some additional information is used to track the activity: IP address, user agent, the timestamp of an event, blog ID, browser language, country code, and device info.
You have the option of leaving an anonymous comment and any email address you input will not be publicly listed. This information may be used to improve user experience, send periodic emails, and administer promotions.
Through Akismet, the contact form submission data — IP address, user agent, name, email address, website, and message — is submitted to the Akismet service (owned by Automattic) for the sole purpose of spam checking. The actual submission data is stored in the database of the site on which it was submitted and is emailed directly to the owner of the form (i.e. the site author who published the page on which the contact form resides). This email will include the submitter’s IP address, timestamp, name, email address, website, and message. The IP address and user agent originally submitted with the comment are synced, as well, as they are stored in the post metadata associated with a user’s contact form submission.
If you leave a comment on our site you may opt-in to save your name, email address, and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
When you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Information is collected from you when you subscribe to our newsletter or free email courses via MailChimp or MailerLite. Users who submit their personal information agree to have their details stored by these email newsletter providers. This information includes details such as your name and email. By signing up for the newsletter you agree to share your information and can choose to unsubscribe at any time. Your stored information will not be used for anything other than the newsletter and will not be sold, rented, shared, or otherwise distributed.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If a visitor prefers to use the mobile theme for this website, A cookie (
akm_mobile) is stored for 3.5 days to remember whether or not a visitor of the site wishes to view its mobile version. You can learn more about this cookie here.
If a user has a WordPress.com account and is logged in they may receive a notification. Their activity with this notification can be tracked. These actions include opening a notification, clicking on a link, liking a comment, designating a comment as spam, and performing other actions within the notification interface.
Search data is collected. This includes search terms, queries, and any search filters that a site visitor uses while processing a search request on the WordPress.com servers.
To initiate and process subscriptions, the following information is used: subscriber’s email address and the ID of the post or comment (depending on the specific subscription being processed). In the event of a new subscription being initiated, we also collect some basic server data, including all of the subscribing user’s HTTP request headers, the IP address from which the subscribing user is viewing the page, and the URI which was given in order to access the page (
DOCUMENT_URI). This server data used for the exclusive purpose of monitoring and preventing abuse and spam.
Functionality cookies are set for a duration of 347 days to remember a visitor’s blog and post subscription choices if, in fact, they have an active subscription.
Occasionally, surveys may be administered to site visitors and email subscribers. When you submit your information you agree to have it stored. These surveys are typically hosted on either Survey Monkey or Google Forms. When you participate in a survey you are giving your consent to have your information stored on these websites.
The Gravatar image URL of the logged-in user is used in order to display it in the toolbar and the WordPress.com user ID of the logged-in user. Additionally, clicked actions within the toolbar are tracked. Data like IP address, WordPress.com user ID, WordPress.com username, WordPress.com-connected site ID and URL, Jetpack version, user agent, visiting URL, referring URL, timestamp of event, browser language, and country-code are used.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
This third-party application collects user data and logs information such as which pages you visit, the duration of your visit, and other statistics in order to improve the user experience. On this site, Google Analytics runs in conjunction with WooCommerce (owned by Automattic). This allows Google Analytics to receive purchase details such as product id, name, category, the total cost, the total quantity, and the order number. Google Analytics also does offers IP anonymization, which can be used by the site owner. Activity data is also sent to Google Analytics. This data includes shopping cart additions and removals, product listing views and clicks, product detail views, and purchases. Tracking for each specific WooCommerce event needs to be enabled by the site owner. More information on how Google Analytics tracks data can be found here.
WordPress.com Stats (Jetpack)
Data like the IP address, WordPress.com user ID (if logged in), WordPress.com username (if logged in), user agent, visiting URL, referring URL, timestamp of event, browser language, country code are used. However, the site owner does not have access to any of this information via this feature. For example, a site owner can see that a specific post has 285 views, but he/she cannot see which specific users/accounts viewed that post. Stats logs — containing visitor IP addresses and WordPress.com usernames (if available) — are retained by Automattic for 28 days and are used for the sole purpose of powering this feature.
Who we share your data with
Data is shared with email service providers like MailerLite and MailChimp when each user chooses to opt-in. Analytics are stored via Google Analytics, Woocommerce, and JetPack. When purchases are made, financial data is stored via PayPal and not by this website. Information like names and email addresses are also shared with WordPress and Disqus with a user chooses to leave or reply to a comment on this website. Each third-party has their own Privacy Policies that are separate from this website. Violet Roots is not liable for their actions or their content.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information. This includes editing dead links or unlinking content that cannot be easily redirected.
What rights you have over your data
If you have an account on this site or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service like Akismet. Comments and their associated data are stored via both WordPress and Disqus.
How we protect your data
Measures have been put in place in an effort to protect your data. This includes using a secured website that is identified by the use of an “https” or HyperText Transfer Protocol Secure web URL. An anti-virus, malware, and firewall scanner is also in place to protect this website from malicious code, brute force attacks, and site vulnerabilities. Regular updates and bug fixes are also implemented in order to maintain the security of this website.
CalOPPA, COPPA, etc.
Some users are from the California area and therefore adherence to CalOPPA (California Online Privacy Protection Act) is necessary. To learn more about it click here. The COPPA (Children’s Online Privacy Protection Act) is also adhered to. Children under 13, as well as those under 18, are advised to obtain parental guidance, approval, and supervision when using this website.
In compliance with CalOPPA and COPPA:
- Users can request removal or a change to their information by emailing us directly. This email can be found at the bottom of this page.
- Violet Roots does not knowingly collect information from anyone under 13.
- To comply with the Fair Information Practices we’ll notify users as soon as possible via email of any data breaches.
- Third-party companies, like Google Adsense, are allowed to present ads and use anonymous information during your visit to this site in order to showcase products that would be of greater interest to you. They use non-identifiable information to achieve this goal, this is called Online Behavioral Advertising.
- To satisfy the CAN-SPAM Act should a user ever wish to unsubscribe from this blog or its email list please directly contact Violet Roots here and you will be removed from all further correspondence.
Third-Party Plugins & Links
Akismet collects information about visitors who comment on Sites that use our Akismet anti-spam service. The information we collect depends on how the User sets up Akismet for the Site, but typically includes the commenter’s IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself).
Smush sends images to the WPMU DEV servers to optimize them for web use. This includes the transfer of EXIF data. The EXIF data will either be stripped or returned as it is. It is not stored on the WPMU DEV servers.
Smush uses a third-party email service (Drip) to send informational emails to the site administrator. The administrator’s email address is sent to Drip and a cookie is set by the service. Only administrator information is collected by Drip.
Woocommerce collects data from customers during the checkout process as well as during the shopping journey. When you make a purchase via Woocommerce on this site you’ll be asked to provide your name, shipping and billing address, email, phone number, and payment details which may include a credit card. You may also be prompted to create or enter account details like a username and password.
Your information is stored for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. Order details are stored for tax and accounting purposes. If you decide to write a comment or review your statement will also be retained. Your information is only accessible by the site owner.
Details on what data is tracked and why are below:
- Products you’ve viewed are tracked to show you products you’ve recently viewed.
- Location, IP address, and browser type are tracked to estimate taxes and shipping.
- Shipping addresses are stored so we can, for example, estimate shipping before you place an order, and send you the order!
- Contact information may be collected to notify you about your account and order.
- Data is collected in order to respond to your requests, including refunds and complaints.
- Data collection is necessary to process payments and prevent fraud.
- Your detail may be requested to set up your account for our store.
- Information is needed to comply with any legal obligations we have, such as calculating taxes.
- Your information is used to improve our store offerings.
- Contact details are used to send you marketing messages if you opted in.
If you create an account, we will store your name, address, email, and phone number, which will be used to streamline checkout for future orders.
We share information with third parties who help us provide our orders and store services to you. This includes our current payment gateway, PayPal.
Payments are accepted through PayPal. When processing payments, some of your data will be passed to PayPal. This includes information required to process or support the payment, such as the purchase total and billing information. The transaction amount, transaction currency code, product title, product price, product ID, order quantity, PayPal payer ID, PayPal transaction ID, PayPal transaction status, PayPal product ID, quantity, customer email address, currency, and the payment button CTA text are used to process and track payments. An HTTP referrer is also sent with a payment completion tracking event that is attached to the site owner.