Who We Are:
Author: Jennifer M. Zeiger Website address: https://jenniferzeiger.com Business name: Zeiger Adventure Publishing Email: email@example.com
(From here on, the website will be called ZAP for brevity purposes.)
Comments and Reviews/Comment or Product Likes/Gravatar Hovercards/Jetpack Comments/Contact Form/Subscriptions/Sharing Buttons/Media:
All the above features are wonderful for a blog or store. However, for them to function properly, they must collect certain types of data. The following includes data collected for these features.
Comment/Product Likes: WordPress.com user ID/username, the local site-specific user ID and a true/false data point that tells if the user liked a specific comment. For mobile apps, some additional information is used to track activity: IP address, user agent, timestamp of event, blog ID, browser language, country code, and device info.
Gravatar Hovercards: This feature sends a hash of the user’s email address to the Gravatar service (owned by Automattic) in order to retrieve their profile image.
Jetpack Comments: Potentially collects the commenter’s name, email address, and site URL, timestamp, and IP address. Additionally, a jetpack.wordpress.com IFrame receives the following data: WordPress.com blog ID attached to the site, ID of the post on which the comment is being submitted, commenter’s local user ID, local username, site URL, MD5 hash of the commenter’s email address, and the comment content. Akismet (also owned by Automattic) also collects commenter’s name, email address, site URL, IP address, and user agent for the sole purpose of spam checking.
The comment author’s name, email address, and site URL (if provided during the comment submission) are stored in cookies. Learn more about these cookies below.
Contact Form: Akismet (the spam blocker) collects the IP address, user agent, name, email address, website, and message for the sole purpose of spam checking. The actual submission data is stored in the database of the ZAP website and is emailed directly to the site owner. This email will include the submitter’s IP address, timestamp, name, email address, website, and message.
Email, Blog, or Post Subscriptions: Subscriber’s email address, name and ID of the post or comment (depending on the specific subscription being processed). In the event of a new subscription being initiated, ZAP also collects basic server data, including all of the subscribing user’s HTTP request headers, the IP address from which the subscribing user is viewing the page, and the URI which was given in order to access the page (REQUEST_URI and DOCUMENT_URI). This server data is used for the exclusive purpose of monitoring and preventing abuse and spam. Functionality cookies are set for a duration of 347 days to remember a visitor’s blog and post subscription choices if they have an active subscription.
Sharing Buttons: Each sharing button loads content directly from its service in order to display the button as well as information and tools for the sharing party. As a result, each service can collect information about the sharing party. This includes the sharing party’s IP address and the page URL so sharing counts can be displayed. When sharing content via email, the sharing party’s name, email address, IP address and user agent (for spam checking), and email body/content are collected. This content will be sent to Akismet (also owned by Automattic) so that a spam check can be performed.
Media: If you upload images to the website, avoid uploading images with embedded location data (EXIF GPS) included. Website visitors can download and extract any location data from images on the website. Embedded Content from other Websites: Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Like most websites, ZAP collects non-personally-identifying information (NPI) such as the browser type, language preference, referring site, and the date and time of each visitor request to better understand how visitor’s use the website. Occasionally, this NPI might be collected into a report to show the trends in website usage.
ZAP’s website is run on a WordPress platform. By default WordPress does not collect any personal data about visitors, and only collects the data shown on the User Profile screen from registered users.
However, ZAP does run Akismet (spam filter), WordPress.com Stats and Google Analytics.
Akismet: Akismet collects information about visitors who comment. This information typically includes the commenter’s IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself).
Also, in order to protect the website, we check login activity and potentially block fraudulent attempts. To do this, the following information is used: attempting user’s IP address, user’s email address/username (i.e. according to the value they were attempting to use during the login process), and all IP-related HTTP headers attached to the attempting user. This tracks failed login attempts, which contain the user’s IP address, attempted username or email address, and user agent information.
Google Analytics: Please refer to Google Analytics documentation for the specific type of data it collects. Since this site runs WooCommerce or Automattic (the store), the following information is collected: order number, product id and name, product category, total cost, and quantity of items purchased, shopping cart additions and removals, product listing views and clicks, product detail views, and purchases.
Gathering of Personally-Identifying Information (PII) for Purchases or Accounts:
If you choose to purchase from ZAP or set up an account, then you consent to giving personally-identifying information (PII). The amount and type of information gathered depends on which activity you’re pursuing.
Those who want to purchase from ZAP are asked to provide additional information, including as necessary the personal and financial information required to process those purchases.
What ZAP collects and stores during checkout:
When you make a purchase, you’ll be asked to provide your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. This will be used for purposes such as to:
- Send you information about your account and order, respond to your requests, including refunds and complaints, process payments and prevent fraud, set up your account for our store, comply with any legal obligations ZAP has, such as calculating taxes, improve our store offerings, send you marketing messages, if you choose to receive them
Accounts: If you create an account, ZAP will store your name, address, email and phone number, which will be used to populate the checkout for future orders.
ZAP generally stores such information for as long as needed for the purposes for which we collect and use it, and we are not legally required to continue to keep it.
For example, ZAP will store order information for 7 years for tax and accounting purposes. This includes your name, email address, billing and shipping addresses.
Who has access to Purchase and Account information:
Your information will only be shared when necessary to process a request or order. It will also only be shared with those who have agreed not to share the information. Such information might include for packaging, shipping, or payment processing:
- Order information like what was purchased, when it was purchased and where it should be sent, and
- Customer information like your name, email address, and billing and shipping information.
What We Share with Others:
ZAP shares information with third parties who help provide our orders and store services to you; for example, USPS for shipping purposes. Here is their privacy page.
ZAP accepts payments through Square. When processing payments, some of your data will be passed to Square, including information required to process or support the payment, such as the purchase total and billing information.
Protection of Certain Personally-Identifying Information
As stated above, ZAP discloses potentially personally-identifying (PPI) and personally-identifying information (PII) only when necessary to complete orders. At this time, ZAP does not work outside the USA and processes data solely in the United States. ZAP has adopted reasonable physical, technical, and organizational safeguards against accidental, unauthorized, or unlawful destruction, loss, alteration, disclosure, access, use, or processing of user data. We comply with state and federal laws governing the protection of personal information.
ZAP will not rent or sell PPI or PII to anyone. Other than as described above, ZAP discloses PPI and PII only in response to a subpoena, court order or other governmental request.
If you are a registered user of the ZAP website and have supplied your email address, ZAP may occasionally send you an email about new features, solicit your feedback, or just to keep you up to date with new ZAP books or products. ZAP primarily communicates this information through the blog, so this type of email should be minimal. ZAP takes all measures reasonably necessary to protect against the unauthorized access, use, alteration or destruction of PII.
How Long ZAP Keeps Your Data:
Comments and their metadata are retained indefinitely so ZAP can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website, we also store their PPI in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data ZAP holds about you. You can also request that ZAP erase any personal data held about you. This does not include any data ZAP is obliged to keep for administrative, legal, or security purposes. (For Financial and Tax purposes, ZAP retains order information up to seven years.)
To request any of the above or if there are questions unanswered here, please email Jennifer at firstname.lastname@example.org.
If ZAP goes out of business, user information will be retained only so long as required for financial purposes. All other user information will be deleted.