SECURITY AND PRIVACY POLICY

Effective Date: May 30, 2018

----

SECTION 1 - WHAT INFORMATION DO WE COLLECT AND WHAT DO WE DO WITH YOUR INFORMATION?

When ordering or registering on our site, as appropriate, you may be asked to enter your: name, e-mail address, mailing address, phone number or credit card information.
When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.

Any of the information we collect from you may be used in one of the following ways: to send you marketing materials you requested, to improve our website, to improve customer service, to process transactions, administer a contest, challenge, promotion, survey or other site feature and to send periodic emails.


SECTION 2 - CONSENT

How do you get my consent?
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase we imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information, such as name and emails for a secondary reason, like marketing materials, we will either ask you directly for your expressed consent to be added to our email lists, or provide you with an opportunity to say no.

How do I withdraw my consent?

You have the right to withdraw your consent on providing us your personal data, at any time, and to ask us to erase your data. You may ask to see your data that you gave to us, and thus to exercise your right to access data. If it happens that data you gave us is incorrect from any reason, you may ask for rectification of your data.

You may withdraw your consent for us to contact you, for the continued collection or use of your information by contacting us at info@thejournaldeck.com or unsubscribing from our email newsletter at the bottom of our emails.

SECTION 3 - DISCLOSURE TO OUTSIDE PARTIES

Your personally identifiable information will not be sold, traded, transferred or given to any other company. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.

SECTION 4 - THIRD-PARTY SERVICES

In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.

Links:
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.

Squarespace, Celery and Teachable:
Our website is hosted on Squarespace, our store is hosted on Celery, and our membership is hosted on Teachable. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is secured behind their strict firewalls. 

Payment with Stripe:
If you choose a direct payment gateway to complete your purchase or membership, then Celery securely stores your credit card data with Stripe, our payment processor. Stripe is certified to PCI Service Provider Level 1. This is the most stringent level of certification available. Payment information is transmitted using SSL encryption. READ MORE.

SECTION 5 - SECURITY

To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. If you provide us with your name, email address and shipping address for orders we use the platform Celery to collect that information to complete your sale. You can read more about their security here. If you provide us with your name and email address for marketing materials we use the secure email service, MailChimp, and you can read more about their security here. If you provide us with your credit card and billing information for orders the information is encrypted and stored using Stripe's security system to process transactions. Please read here for more on their standards. 


SECTION 6 - Children’s Online Privacy Protection Act Compliance

This children’s privacy statement explains our practices with respect to the online collection and use of personal information from children under the age of thirteen for non-EU users and under the age of sixteen for EU-users, and provides important information regarding their rights under federal law with respect to such information.

This Site is not directed to children under the age of thirteen for non-EU users, nor to children under the age of sixteen for EU-users, and we do NOT knowingly collect personally identifiable information from children under the said age limits as part of the Site. We screen users who wish to provide personal information in order to prevent users under the age of thirteen and sixteen respectively from providing such information. If we become aware that we have inadvertently received personally identifiable information from an underage user as part of the Site, we will delete such information from our records. If we change our practices in the future, we will obtain prior, verifiable parental consent before collecting any personally identifiable information from children under the age of thirteen for non-EU users or sixteen for EU users as part of the Site.

Because we do not collect any personally identifiable information from underage children as part of the Site, we also do NOT knowingly distribute such information to third parties.

We do NOT knowingly allow children under the age of thirteen for non-EU users or sixteen for EU users to publicly post or otherwise distribute personally identifiable contact information through the Site.

Because we do not collect any personally identifiable information from children under the age of thirteen for non-EU users or under the age of sixteen for EU users as part of the Site, we do NOT condition the participation of such children in the Site’s online activities on providing personally identifiable information.


SECTION 7 - Online Privacy Policy Only

This online privacy policy applies only to information collected through our website and not to information collected offline, such as as live events, insofar it does not relate to filling offline systems.

Changes to this Policy

COMPANY reserves the right to change this policy at any time. Please check this page periodically for changes. Your continued use of our site following the posting of changes to these terms will mean you accept those changes. Information collected prior to the time any change is posted will be used according to the rules and laws that applied at the time the information was collected.

Governing law

This policy and the use of these Sites are governed by laws of the United States of America. THE COMPANY adheres to principles of the Personal Information Protection and Electronic Documents Act (PIPEDA) and General Data Protection Regulation (GDPR) wishing to provide all its customers with the highest standards in privacy protection.


QUESTIONS AND CONTACT INFORMATION

If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at info@thejournaldeck.com.