Privacy Policy

1) What is this Privacy Policy for?

This privacy policy is for this website [www.halenmon.com] and served by Halen Mon and governs the privacy of its users who choose to use it.

The policy sets out the different areas where user privacy is concerned and outlines the obligations & requirements of the users, the website and website owners. Furthermore the way halenmon.com processes, stores and protects user data and information will also be detailed within this policy.

Halenmon.com and its owners take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience. Halenmon.com complies to all UK and European international laws and requirements for user privacy.

2) Who we are

Halen Mon, also known as The Anglesey Sea Salt Company, based in Anglesey, North Wales, UK. Our website address is: https://www.halenmon.com. Our postal address is: Halen Mon, Brynsiencyn, Anglesey, LL61 6TQ, UK.

3) What personal data we collect and why we collect it

We collect a small amount of personal data on this site depending on what sections of the site you use. The following sets out the exact information we retain.

3.1 Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

3.2 Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year. If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed. If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

3.3 Media

There are currently no options to upload media but If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

3.4 Contact forms

We use contact forms on this site to gather information from users who makes requests. The information provided by the user (submitter’s IP address, timestamp, name, email address, and message) is sent via email to us. We keep form submissions for a period of 5 years for customer services purposes but no information will be used for marketing purposes. Akismet is enabled on the site therefore the contact form submission data — IP address, user agent, name, email address, website, and message — is submitted to the Akismet service (owned by Automattic) for the sole purpose of spam checking. The IP address and user agent originally submitted with the comment are synced, as well, as they are stored in post meta.

3.5 Embedded content

from other websites Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

3.6 WordPress.com Toolbar

This feature is only accessible to registered users of the site who are also logged in to WordPress.com. Data Used: Gravatar image URL of the logged-in user in order to display it in the toolbar and the WordPress.com user ID of the logged-in user. Additionally, for activity tracking (detailed below): IP address, WordPress.com user ID, WordPress.com username, WordPress.com-connected site ID and URL, Jetpack version, user agent, visiting URL, referring URL, timestamp of event, browser language, country code. Activity Tracked: Click actions within the toolbar.

3.7 Woocommerce

Woocommerce is the software used to sell products and services on the halenmon.com website. It will only capture data if you use the shop itself. When you complete an order it will capture: name, billing address, shipping address, products ordered, total cost, email address and IP address. These details will be stored secured on the halenmon.com server. They will only be accessed by halenmon.com employees who will be dispatching products and dealing with customer service. Data will be held for 5 years for customer services purposes. No details will be retained for marketing purposes unless the user has specifically requested it by checking the explicit check box when ordering, it’s default is to be unchecked. Any customer or user can request to have their data erased at any time.

4) Analytics

Halenmon.com uses tracking software to monitor its visitors to better understand how they use it. This software is provided by Google Analytics and WordPress.com Stats – which use cookies to track visitor usage. The software will save a cookie to your computers hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information. You can read Google’s privacy policy here for further information [ http://www.google.com/privacy.html ].

4.1 WordPress.com Stats

Data Used: IP address, WordPress.com user ID (if logged in), WordPress.com username (if logged in), user agent, visiting URL, referring URL, timestamp of event, browser language, country code. Important: The site owner does not have access to any of this information via this feature. For example, a site owner can see that a specific post has 285 views, but he/she cannot see which specific users/accounts viewed that post. Stats logs — containing visitor IP addresses and WordPress.com usernames (if available) — are retained by Automattic for 28 days and are used for the sole purpose of powering this feature.

Activity Tracked: Post and page views, video plays (if videos are hosted by WordPress.com), outbound link clicks, referring URLs and search engine terms, and country. When this module is enabled, Jetpack also tracks performance on each page load that includes the Javascript file used for tracking stats. This is exclusively for aggregate performance tracking across Jetpack sites in order to make sure that our plugin and code is not causing performance issues. This includes the tracking of page load times and resource loading duration (image files, Javascript files, CSS files, etc.). The site owner has the ability to force this feature to honor DNT settings of visitors. By default, DNT is currently not honored.

4.2 Google Analytics

Data Used: Purchase events will send Google Analytics the following information: order number, product id and name, product category, total cost, and quantity of items purchased. Google Analytics does offer IP anonymization, which can be enabled by the site owner.

Activity Tracked: This feature sends page view events (and potentially video play events) over to Google Analytics for consumption. For sites running WooCommerce-powered stores, some additional events are also sent to Google Analytics: shopping cart additions and removals, product listing views and clicks, product detail views, and purchases.

5) Who we share your data with

Halen Mon only shares your data when necessary. What follows is a list of companies that your data could be shared with when using this site. You can find a link to all their relevant privacy policies below:

5.1 Google

We use Google Analytics to better understand user habits. Data captured is outlined in 4.2. You can read their privacy policy here.

5.2 Mailchimp

This is a service used to send newsletters to customers and only receives user’s name and email address if the customer explicitly signs up to receive updates when placing on order on the site or on a separate page. This data is held indefinitely on the Mailchimp servers until such service ceases to exist or the user requests erasure. Mailchimp’s privacy policy can be found here. Halenmon.com operates an email newsletter, used to inform subscribers about products and services supplied by halenmon.com. Users can subscribe through an online automated process should they wish to do so but do so at their own discretion. Some subscriptions may be manually processed through prior written agreement with the user.

Subscriptions are taken in compliance with UK Spam Laws detailed in the Privacy and Electronic Communications Regulations 2003. All personal details relating to subscriptions are held securely and in accordance with the Data Protection Act 1998. No personal details are passed on to third parties nor shared with companies / people outside of the company that operates halenmon.com. Under the Data Protection Act 1998 you may request a copy of personal information held about you by halenmon.com’s email newsletter program. A small fee may be payable. If you would like a copy of the information held on you please write to the business address at the bottom of this policy. Email marketing campaigns published by halenmon.com or its owners may contain tracking facilities within the actual email. Subscriber activity is tracked and stored in a database for future analysis and evaluation. Such tracked activity may include; the opening of emails, forwarding of emails, the clicking of links within the email content, times, dates and frequency of activity.

This information is used to refine future email campaigns and supply the user with more relevant content based around their activity. In compliance with UK Spam Laws and the Privacy and Electronic Communications Regulations 2003 subscribers are given the opportunity to un-subscribe at any time through an automated system. This process is detailed at the footer of each email campaign. If an automated un-subscription system is unavailable clear instructions on how to un-subscribe will by detailed instead. Users can email halen mon to remove themselves from any subscription lists.

5.3 Stripe

Stripe is software and a service to process payment information when users are purchasing goods and services on the halenmon.com website. They are sent user data including credit card number, expiry date, CVC code, address, name and ip address. All data is passed securely through to Stripe and stored on their servers. Credit card numbers are not retained. Data is held indefinitely for customer services reasons. Users can request their information be deleted. You can read their privacy policy here.

5.4 Automattic

Automattic make software used on the halenmon.com website. They retain small amounts of personal data outlined in 3.1 and 3.6. You can read their privacy policy here.

6) How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue. For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

We keep contact form entries for a period of 5 years. We keep analytics records for a period of 10 years. We keep customer purchase records for 10 years.

7) What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

8) Our contact information

Our data protection officer is Nicki Hughes who can be reached over the phone on +44 1248 430871 or at the address listed below. Halen Môn, Brynsiencyn, Isle of Anglesey, LL616TQ.

9) How we protect your data

Our site is encrypted to the highest standards and is protected by a Comodo verified SSL. Any data transfer is done via secure methods. Any data is stored on a secured server hosted by DreamHost.com. Security and protections involve long string passwords, regular virus checks, spam and virus detection software and regular maintenance and updates.

Resources & Further Information

 

v.3.0 23-May-2018

Halen Môn,
Brynsiencyn,
Isle of Anglesey,
LL616TQ.
+44 (0) 1248 430871