Personal Information means any information that may be used to identify an individual, including, but not limited to, a first and last name, a home or other physical address, a phone number, an email address, credit card information, payment information, and billing address. In general, you can visit the Site without telling us who you are or revealing any Personal Information about yourself. However, in order to access certain information, services, or features that may be contained on the Site, we may require you to provide Personal Information. For example, we will collect certain Personal Information if you choose to subscribe to a mailing list, register for an account, participate in special offers, sweepstakes or other promotions, sign up for our chat rooms, message boards or blogs, or send questions or comments to us via e-mail. If you would like to purchase any products or merchandise offered for sale on the Site using a credit card, we also will collect your credit card information and a shipping address.
For some features of the Site, you may be able to submit information about other people. For example, if you wish to purchase a product for another person on the Site and want it shipped directly to that person, you may submit the recipient’s name, address, and certain other contact information. We will use and store any such information that we collect from you about another person only to the extent necessary to carry out your request, and we will not use such information for any other purpose.
How We May Use Your Personal Information
If you provide us with Personal Information, we may retain and use that information for several purposes. For example, we may use your Personal Information in order to process and fulfill any transactions or services that you request. We may also use Personal Information to ensure compliance with our policies and applicable law. In addition, we may send you periodic communications by e-mail or regular mail, such as news updates, special offers, or information on our products or services, if you have chosen to receive such communications. If you later wish to opt-out of receiving such promotional e-mails from us at any time, simply follow the instructions for doing so in the e-mails that you receive from us. We reserve the right to send you certain communications relating to the Site, such as service announcements, e-mails related to purchases you have made, or similar administrative or transactional messages, without offering you the opportunity to opt-out of receiving them.
With Whom We May Share Your Information
We may sometimes use other businesses to perform certain services for us, such as maintaining the Site and our mailing lists, processing orders and delivering products, sending postal mail, and providing marketing assistance and data analysis. We may provide Personal Information to those businesses when that information is necessary for them to complete a requested transaction or otherwise perform their duties. Buff City will take reasonable steps to ensure that these third-party service providers are obligated to protect Personal Information on Buff City Soap’s behalf. However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions. For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
We reserve the right to disclose visitor information in special cases when we have reason to believe that disclosing this information is necessary to identify, contact, or bring legal action against someone who may be causing injury to or interference with (either intentionally or unintentionally) our rights or property, other visitors, or anyone else that could be harmed by such activities. We also reserve the right to disclose visitor information when we believe in good faith that the law requires it.
From time to time, we may collect general, non-personal, statistical information about the use of the Site, such as how many visitors visit a specific page on the Site, how long they stay on that page and which hyperlinks, if any, they “click” on. We collect this information through the use of “cookies” and other tracking technologies, which are discussed in greater detail below. We collect this information in order to determine which areas of the Site are most popular and to enhance the Site for visitors. We may group this information into aggregate visitor data in order to describe the use of the Site to our existing or potential business partners, sponsors, advertisers, or other third parties, or in response to a government request. We also may group demographic and preferences information and responses to surveys that we collect from visitors into aggregate data for the same purposes. However, please be assured that this aggregate data will in no way personally identify you or any other visitors to the Site.
Our online store is operated by WooCommerce, a WordPress plugin. They provide us with the online e-commerce platform to sell our products and services to you. Your personal data, with the exception of credit card information, is stored through the Buff City Soap’s data storage, databases and the general Woo Commerce application. All data is stored on a secure server behind a firewall. All credit card data is stored on the third party payment gateways’ servers.
Stripe and PayPal
If you choose either of these direct payment gateways to complete your purchase, then Stripes and PayPal stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
We intend to take reasonable and appropriate steps to protect the Personal Information that you share with us from unauthorized access or disclosure. The security of your Personal Information is important to us. We maintain physical, electronic, and procedural safeguards to secure your personal information. If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with an AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards. We cannot guarantee the security of our databases, nor can be guarantee that information you supply won’t be intercepted while being transmitted to us over the Internet. By supplying us with information, you acknowledge these risks and signify that you have voluntarily chosen to provide the information despite the inherent risks involved. Accordingly, while we strive to protect your Personal Information and privacy, we cannot guarantee or warrant the security of any information you disclose or transmit to us online and cannot be responsible for the theft, destruction, or inadvertent disclosure of your Personal Information.
If you create an account on the Site, you may be asked to choose a password for your account, in which case your online account information shall be protected by your password. We recommend that you do not disclose your password to any other person. You are responsible for maintaining the confidentiality of your password and account, and are fully responsible for all activities that occur under your password or account.
Age of Consent
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.