This Privacy Policy describes how composedlotus.com collects, uses, and discloses your Personal Information when you visit or make a purchase from the website.
Purchases
For users who purchase on this website, the following order information is retained in the website’s database:
- Name
- Address
- Phone
- City/State/Zip
- Country
- Unique payment identifier
- IP Address
- Products purchased
What we collect and store
We collect information about you during the checkout process on our store.
While you visit our site, we’ll track:
- Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
- Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
- Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order.
We’ll also use cookies to keep track of cart contents while you’re browsing the website.
When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:
- Send you information about your account and order
- Respond to your requests, including refunds and complaints
- Process payments and prevent fraud
- Set up your account for our store
- Comply with any legal obligations we have, such as calculating taxes
- Improve our store offerings
- Send you marketing messages, if you choose to receive them
If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.
We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for 7 years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.
We will also store comments or reviews, if you choose to leave them.
Who on our team has access
Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:
- Order information, including what was purchased, when it was purchased and where it should be sent, and
- Customer information like your name, email address, and billing and shipping information.
Our team members have access to this information to help fulfill orders, process refunds and support you.
Payments
For purchases on credit card, payment information is shared with Stripe. This information includes:
- Name
- Email Address
- Address
- Phone
- City/State/Zip
- Unique payment identifier
- Payment provider identifier
- Credit Card Information: This data is sent to Stripe, and is never stored on our server.
For Stripe’s privacy policy, visit https://stripe.com/en-ca/privacy
Registered users
If you create an account on this website, you will be prompted to select a Username and provide your Email Address. Your Username and Email Address are stored in the website’s database. Your Email Address is used to send you an email with a link to reset your password in the event you forget your password.
We store the data you provide in your profile indefinitely. You can change all of that data at any time except for your Username. Website administrators can also see and edit that information.
Cookies
WordPress uses cookies, or tiny pieces of information stored on your computer, to verify who you are. There are cookies for logged in users and for commenters.
Cookies for registered users
If you have an account and you log in to this website, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
Cookies for commenters
If you leave a comment on the website we collect the data shown in the comments form, and also your IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/.
After approval of your comment, your profile picture is visible to the public in the context of your comment.
If you leave a comment on this website you may opt in to save your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
Analytics
We use Google Analytics for tracking visitors and aggregating information about the traffic to the website. The Google Analytics privacy policy can be found here: https://policies.google.com/privacy. You can learn more about how to opt-out of tracking in Google Analytics here: https://tools.google.com/dlpage/gaoptout/.
Email marketing/newsletter
We use email marketing and newsletters to communicate with customers and potential customers from time to time. All email lists and campaigns are “opt-in” meaning we will not send you these sorts of emails unless you indicated that you wish to receive them during signup or other interactions on this website.
All marketing emails sent by us will include an unsubscribe link in the footer of the email. Emails sent to you may also include standard tracking, including open and click activities.
We use MailChimp for email marketing. Mailchimp’s privacy policy is found here: https://mailchimp.com/legal/privacy/.
Other emails
We may send you “system” emails, such as responses to password reset requests or payment notifications/receipts even if you have not opted-in to email marketing lists.
If you request a password reset, your IP address will be included in the reset email.
If you choose to correspond with us through email, we may retain the content of your email messages together with your email address and our responses. We provide the same protections for these electronic communications that we employ in the maintenance of information received online, mail, and telephone.
No personal data from children
We do not knowingly collect Personal Data from children under 13 years of age in Canada or the USA or 16 years of age in the European Union.
If you are under 13 in Canada or the USA or 16 in the European Union years of age, you should not provide Personal Data to us.
If we discover that a child under the age of 13 in Canada or the USA or 16 in the European Union has provided us with Personal Data and we do not have parental consent, we will immediately delete that child’s information.
What rights you have over your data
If you have an account on this website, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us.
For visitors that have left comments, the data will be their email address, any IP addresses assigned to them at the time of leaving the comments and the user agent strings of the browsers they used. The rest of the data is public as published by the visitors.
For registered users or paying customers, this will also include profile information and download/payment histories.
If you are a registered user or have left comments on this website you can request to see or download the data we have about you.
You can also request “to be forgotten” and we will erase any personally identifiable data we have about you. Of course, this excludes data we need for administrative or security purposes or if we are required by law to retain some of the data.