Harfington has created this privacy statement in order to demonstrate our firm commitment to privacy and data protection. The following discloses our information gathering and dissemination practices.
1.1 What personal information do we collect from the people that visit our blog, website or app?
When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, mailing address, phone number or other details to help you with your experience.
1.2 When do we collect information?
We collect information from you when you place an order or enter information on our site.
1.3 How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
We use the information we collect in various ways, including to:
• Provide, operate, and maintain our website
• Improve, personalize, and expand our website
• Understand and analyze how you use our website
• Develop new products, services, features, and functionality
• Communicate with you, either directly or through one of our partners, including for customer service, to provide you with updates and other information relating to the website, and for marketing and promotional purposes
• Send you emails
• Find and prevent fraud
Harfington follows a standard procedure of using log files. These files log visitors when they visit websites. All hosting companies do this and a part of hosting services' analytics. The information collected by log files include internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is personally identifiable. The purpose of the information is for analyzing trends, administering the site, tracking users' movement on the website, and gathering demographic information.
1.4 How do we protect your information?
We do not use vulnerability scanning and/or scanning to PCI standards.
We only provide articles and information. We never ask for credit card numbers.
We use regular Malware Scanning.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user places an order enters, submits, or accesses their information to maintain the safety of your personal information.
All transactions are processed through a gateway provider and are not stored or processed on our servers.
1.5 Do we use 'cookies'?
• Help remember and process the items in the shopping cart.
• Understand and save user's preferences for future visits.
• Keep track of advertisements.
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser's Help Menu to learn the correct way to modify your cookies.
If users disable cookies in their browser:
If you turn cookies off, some features will be disabled. Some of the features that make your site experience more efficient and may not function properly.
However, you will still be able to place orders.
1.6 Third-party disclosure
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information.
1.7 How does our site handle Do Not Track signals?
We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
1.8 Does our site allow third-party behavioral tracking?
It's also important to note that we allow third-party behavioral tracking.
Google DoubleClick DART Cookie
Google's advertising requirements can be summed up by Google's Advertising Principles. They are put in place to provide a positive experience for users.https://support.google.com/adwordspolicy/answer/1316548?hl=en
We have not enabled Google AdSense on our site but we may do so in the future.
California Consumer Privacy Act (CCPA)
If you are a resident of California, this section provides additional details about your rights granted by the CCPA.
In the last 12 months, we collected the following categories of personal information: identifiers (such as name, contact information and device identifiers); commercial information (such as items purchased); internet or other network activity information (such as browsing behavior and other usage data); location data; inferences (such as purchasing preferences); demographic data (such as gender); electronic, visual or similar information (such as customer support call information); and other personal information (such as product feedback or payment method information). For more details about the personal information we collect, please see clauses 1.1 and 1.2 above. We collect this information for the business and commercial purposes described in clause 1.3 above. We share this information with third parties described in clause 1.9 above.
Subject to certain limitations, the CCPA provides you with the right to request:
- access to details on the categories or specific pieces of personal information we collect;
- deletion any of your personal information;
- opt out of any “sale” of your personal information that may occur;
- not be discriminated against for exercising any of the above rights.
If you would like to submit a request to exercise your California privacy rights under the CCPA, you may do so by emailing us at firstname.lastname@example.org. We will verify your request using information associated with your account, including your email address. Further identification may be required.
California Online Privacy Protection Act
According to CalOPPA, we agree to the following:
1.Users can visit our site anonymously.
Can change your personal information:
• By emailing us
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States' consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online.
We do not specifically market to children under the age of 13 years old.
Nevada Privacy Rights
This section applies only to Nevada residents. Although we do not "sell" "covered information" of Nevada "consumers" as those terms are defined by Chapter 603A of the Nevada Revised Statutes, if you are a Nevada consumer, please go to our Privacy Center and inform us that you would like us to provide you notice in the event we should do so in the future, at which point you will have an opportunity to be verified and exercise your opt-out rights under that law. You may contact us as described below. It is your responsibility to keep your notice contact information current.
We operate accounts and fan pages on different social media platforms (the "Social Media" ).
If you visit one of our Social Media Accounts you initiate a variety of data processing operations. Below we identify the other types of entities with whom you may interact when you visit one of our Social Media Accounts. If you do not provide us with your personal data, certain functionalities of the social networking platforms requiring such data will not be available to you or only to a limited extent.
As the owner of a Social Media Account, we can usually only see information stored in your public profile on such social media platform, and only insofar as you are logged in to your profile while visiting our Social Media Account. In addition, we may process data that you provide to us when you contact us through one of our Social Media Accounts (for example: if you create a post, or send us a private message via Facebook). If you visit one of our Social Media Accounts, the operator of the respective social network also processes your data, regardless of whether you yourself have a profile in the respective social network. The individual data processing operations and their scope differ depending on the operator.
In addition, the respective operator of the social network provides us with anonymous usage statistics, which we use to improve the user experience. We do not have access to the usage data that the operator of the social network collects to create these statistics. These data processing operations serve our legitimate interest in improving the user experience when visiting our profile in line with the target group.
You can withdraw your consent at any time with future effect and free of charge.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
We will notify the users via in-site notification
• Within 7 business days
We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
• Send information, respond to inquiries, and/or other requests or questions.
• Process orders and to send information and updates pertaining to orders.
• Send you additional information related to your product and/or service.
• Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.
To be in accordance with CANSPAM, we agree to the following:
• Not use false or misleading subjects or email addresses.
• Identify the message as an advertisement in some reasonable way.
• Include the physical address of our business or site headquarters.
• Monitor third-party email marketing services for compliance, if one is used.
• Honor opt-out/unsubscribe requests quickly.
• Allow users to unsubscribe by using the link at the bottom of each email.
If at any time you would like to unsubscribe from receiving future emails, you can email us at email@example.com and we will promptly remove you from ALL correspondence.
The EU General Data Protection Regulation 2016/679 (the "GDPR")
Harfington complies with the GDPR. Any information gathered receives double opt-in consent and can be fully removed from Harfington's database upon request.