Who we are
Our website address is: https://shop.piloncilloyvainilla.com.
What personal data we collect and why we collect it
Information we collect automatically
When you visit this website to browse, read, or download information:
- Your web browser automatically sends us (and we may retain) information such as the:
- Internet domain through which you access the Internet
- Internet Protocol address of the computer you are using
- type of browser software and operating system you are using
- date and time you access our site, and
- the Internet address of the site from which you linked directly to our site.
- We will use this information as aggregate data to help us maintain this site, e.g., to determine the number of visitors to different sections of our site, to ensure the site is working properly, and to help us make our site more accessible and useful.
- We will not use this information to identify individuals, except for site security or law enforcement purposes.
- We will not obtain personally-identifying information about you when you visit our site, unless you choose to provide such information.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to this website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you choose to identify yourself (or otherwise provide us with personal information) when you use our online forms:
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
We use services that collect information about use of this site. These anaytics services collect information such as how often users visit this site, what pages they visit when they do so, what links they click in the site, and what site referred the user to this site. We use the information we get from analytics software only to improve this site. Analytics services collect only the IP address assigned to you on the date you visit this site, rather than your name or other identifying information. We do not combine the information collected through the use of analytics services with personally identifiable information.
You can prevent analytics software from recognizing you on return visits to this site by disabling cookies on your browser.
You can prevent analytics software from tracking your visits to this site by enabling the Do Not Track feature of your web browser(s).
The following services are used to track visitor information:
Who we share your data with
Google services such as Google Drive and Google Email to store data and to facilitate communications:
Data may be shared with 3rd parties when required by our contractual obligations to you or as required by legal obligations to relevant authorities.
How long we retain your data
All information you provide to us is stored on our secure servers. Where we have given you (or where you have chosen) a password or other data which enables you to access certain parts of a website, you are responsible for keeping this password and any other log-in details confidential and we recommend that you do not share your password or other log-in details with anyone. You will be responsible for all activity under your username/log-in details. We will keep your personal data for only so long as is necessary or as otherwise required by applicable law.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Customer data stored in inactive accounts is deleted 365 days after the last day of account activity. This does not negate your right to request your PII data is erased.
Customer data stored in closed accounts is deleted 365 days after the last day of account activity. This does not negate your right to request your PII data is erased.
14 days notice of intention to delete account data is issued before inactive or closed account data is erased.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Additionally, as a data subject you may have rights in relation to your personal data which include:
- Right to rectification.You may request that we rectify any inaccurate or incomplete personal data.
- Right to withdraw consent.You may at any time withdraw your consent to the processing of your personal data carried out by us on the basis of your previous consent. Such withdrawal will not affect the lawfulness of processing based on such previous consent.
- Right to make a subject access request (SAR).You may request in writing copies of your personal data. However, compliance with such requests is subject to certain limitations and exemptions and the rights of other individuals. Each request should make clear that a SAR is being made. You may also be required to submit proof of your identity and any payment permitted by law, where applicable.
- Right to object to processing including automated processing and profiling.We do not always make automated decisions about data subjects. However, we may rely on information provided by third parties such as credit reference agencies which may score data subjects on the basis of automated decisions. Profiling may be carried out for business administration purposes, such as monitoring trends in user visits of our website and in order to deliver relevant ads to users’ devices. We will comply with valid objection requests unless we have a compelling overriding legitimate ground for the continuation of our processing or we have another lawful reason to refuse such request. We will comply with each valid opt-out request in relation to marketing communications.
- Right to erasure.You may request that we erase your personal data. We will comply, unless there is a lawful reason for not doing so. For example, there may be an overriding legitimate ground for keeping the personal data, such as, our business record retention obligations that we have to comply with.
- You may request that we restrict our processing of your personal data in various circumstances. We will comply, unless there is a lawful reason for not doing so, such as, a legal obligation to continue processing your personal data in a certain way.
- Right to data portability.In certain circumstances, you may request we provide a copy of your personal data in a structured, commonly used and machine-readable format and have it transferred to another provider of the same or similar services. To the extent it applies to us a controller we will comply with such transfer request. Please note that a transfer to another provider does not imply erasure of your personal data which may still be retained for legitimate and lawful purposes.
- Right to lodge a complaint with the supervisory authority.We suggest that you contact us about any questions or complaints in relation to how we process your personal data. However, each data subject has the right to contact the relevant supervisory authority directly.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
Our contact information
The administrators and owners of this website can be contacted through our website contact form.
The legal basis for processing your Personal Data
In order to comply with applicable data protection laws, we are required to set out the legal basis for processing your Personal Data. In accordance with the purposes for which we collect and use your Personal Data, as set out above, the legal basis for processing your personal data will typically be one of the following:
- Our own or our third parties’ legitimate business interests (for example, in maintaining and promoting our business by providing customers with feedback opportunities or other instances where we have carried out a legitimate interests assessment and have established an existing legitimate interest);
- The performance of a contract that we have in place with you;
- Your consent where appropriate;
- To protect your vital interests; or
- Compliance with our legal obligations.
How we protect your data
This site is stored on a secure web server. All data that forms this site is stored on this web server and is protected by anti hacking devices.
Contact forms used within this site send copies of contact messages to the 3rd party email services used by this site’s owner and administrators. These 3rd party email services are protected by anti-hacking devices. These emails may be forwarded to additional storage units such as desktop computers and mobile devices. These computers and devices are protected at all times.
What data breach procedures we have in place
If a data breach should occur and should the accessed data be personal to visitors we will notify affected visitors within 72 hours of the discovery of any such data breach.