A user is any legal or natural person who uses or visits the Site (hereinafter: “the user”).
Below you will find information on how we use your personal information, for what purposes your personal information is used, with whom we share it, and what control and information rights you have.
What is Personally Identifiable Information (Personal Data)
“Processing” means any act or series of actions carried out in relation to personal data or sets of personal data, with or without automated means, such as collecting, recording, editing, structuring, storing, adapting or modifying, retrieving, viewing, using, disclosure by brokering, expanding or otherwise making available, adapting or combining, restricting, deleting or destroying.
What personal information do we collect from the people that visit our Website?
You may be required to provide certain personal information to us when you elect to use certain products or services available on the Website. When ordering or registering on our website, as appropriate, you may be asked to enter your name, email address, or other details to help you with your experience. When do we collect information? We may collect information from you: (a) when you subscribe to a mailing list; (b) when you enter your information on the Website such as commenting or entering a giveaway or contest sponsored by us or one of our partners; (c) when you send us an email message; (d) when you register for an account on the Website; (e) when you order and purchase products and services on the Website. How do we use your information? We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the Website, or use certain other site features in the ways described below.
Specifically, what info will we collect?
If you sign up for our mailing list, you will be required to give your email address and first name. We usually send two emails per week, with blog tutorials, promotions, and freebies. Occasionally we will send additional emails about special offers. There is a clear ‘unsubscribe’ link at the bottom of every email so you can opt out at any time. If at any time you would like to unsubscribe from receiving future emails, you can email us or use the unsubscribe link at the bottom of each email, and we will promptly remove you from ALL correspondence, and you will stop receiving any mail from us.
If at any time you would like us to delete the information you provided to us, you can email us and we will promptly delete your information from the subscribers' database.
When users leave comments on the site, we collect the data shown in the comments form and also the user’s IP address and browser user string to help with spam detection.
If you leave a comment on our Site you may opt-in to saving your name, email address, and Site in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
Your email address is never disclosed unless you include it in the main body of the comment. Your name and comment are visible to anyone who visits the comment section. We reserve the right to edit or remove the comments at our discretion.
There are different types of cookies. From the perspective of their life span (for how long they are stored on your computer), cookies can be “session” or “persistent”. Session cookies are stored only for a period of time when you are visiting the Site and are automatically deleted as soon as you close your web browser or app. On the other side, persistent cookies remain on your computer when you have gone offline. They are stored on your device (computer, mobile phone) for a certain period of time and are reactivated every time you visit the Site where the cookies were created.
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
- authentication (to identify you when you visit our website and as you navigate the Website)
- personalization (if you so choose)
- advertising (to display advertising and serve ads relevant to you)
- analysis (to help us analyze the use and performance of our website and services)
Usage of Third-Party Service Providers
We may share data with trusted partners to help perform statistical analysis, send you email or postal mail, or arrange for deliveries. All such third parties are prohibited from using your personal information except to provide these services to us, and they are required to maintain the confidentiality of your information.
Products from AppleGreen Cottage are (also) sold through our Shop.
Please note that the Shop is part of and operating within the Payhip platform. When making a purchase, you will enter into a consumer contract with Payhip Limited (a company registered in England with registration no 08386910) which will supply our digital products to you, subject to the terms of the license granted to Payhip by the Shop. You can read more about this here: https://payhip.com/terms/end-user
If at any time you would like to edit or delete the information you provided in the Shop, you can do that by contacting us, or Payhip at firstname.lastname@example.org. You can also choose to change or delete all your information, and your account, from the Shop whenever you choose to do so, by clicking on 'Settings', and then selecting 'Delete Account' from your Account tab in your customer account.
The purpose of the collection of personal data
We use the collected data in order to:
- Send emails, newsletter, information, respond to inquiries, and/or other requests or questions.
- Carry out direct marketing of our products or
- Continue to send emails to our clients after the original transaction has occurred, subject to your explicit approval (i.e. express consent), for direct marketing of our products or services that are similar to the initially purchased products/services.
- To provide and maintain our services in the shop
- To notify you about changes to our services in the shop
- To provide customer support
- To gather analysis or valuable information so that we can improve our service
- To monitor the usage of our site and service
- For advertising-related capabilities associated with the ad provider (see chapter Advertising below)
- To detect, prevent, and address technical issues
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information without permission. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when such release is necessary to comply with the law.
The period for which the personal data will be stored
Email address: We keep your email until you revoke your consent to do so.
Security of your Personal Information
To protect against the loss, misuse, and alteration of personal data, we have introduced reasonable state-of-the-art security measures that are under our control. For example, our security and private policies are regularly reviewed and improved as needed, and only authorized personnel have access to personal information. While we cannot guarantee that information will never be lost, misused, or altered, we use all reasonable efforts to prevent it.
We secure your personal information from unauthorized access, use, or disclosure. We use the following methods for this purpose: SSL Protocol. Shop: When you start making your purchase in our shop, your personal information (such as a credit card number) is transmitted through the Paypal service and is protected through the use of encryption, such as the Secure Sockets Layer (SSL) protocol. Also, we never receive your credit card information, as it is processed directly by Paypal, subject to PCI DSS (Payment Card Industry Data Security Standard) that was put in place to ensure customers' protection. Please refer to PayPal's privacy policies for more information on PayPal security, as well as Payhip's policies.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the user has visited the other website.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users who register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have regarding your personal data
In accordance with the provisions of the EU General Data Protection Regulation, you have the following rights as an individual:
Right to withdraw consent: If you, as an individual, have consented to the processing of your personal data (for one or more specific purposes), you have the right to revoke your consent at any time, without prejudice to the lawfulness of the data processing carried out up to your revocation. Consent may be revoked by a written statement sent to the controller using the contact form in the Shop. Withdrawal of consent to our processing of personal data does not have any negative consequences or sanctions for the individual. However, after revoking the consent to our processing of personal data, the controller may no longer be able to provide one or more of its services to the concerned individual if the services cannot be provided without personal data.
Right of access: As an individual, you have the right to obtain a confirmation from the provider (personal data controller) whether personal data is processed in relation to you and, where applicable, access to personal data and certain information (on the purposes of processing, on the types of personal data, about the users, on retention periods or criteria for determining periods, on the existence of the right to rectify or delete data, the right to limit and object to processing and the right to appeal to the supervisory authority, the source of data if the data have not been collected from you, the existence of automated decision making, including the creation of profiles, the reasons for it and the meaning and consequences of such processing for you, and other information in accordance with Article 15 of the EU General Data Protection Regulation).
Right to correct personal information: As an individual, you have the right to have the controller correct inaccurate personal data about you without undue delay. As an individual, you have the right to supplement incomplete data, including the submission of a supplementary statement, taking into account the purposes of the processing.
Data deletion (“the right to forget”): As an individual, you have the right to request deletion of the personal information that the controller holds about you. The controller must delete the data without undue delay when there is one of the following reasons:
- data are no longer needed for the purposes for which they were collected or otherwise processed;
- if you revoke the consent and there is no other legal basis for the processing;
- if you object to the processing and there are no overriding legitimate reasons for the processing;
- the data were processed illegally;
- the data must be deleted in order to fulfill legal obligations under EU law or the law of the Member State applicable to the controller;
- data were collected in connection with the provision of information society services.
However, as an individual, in certain cases described in Article 17 (3) of the EU General Data Protection Regulation, you do not have the right to have the data deleted.
Restriction of processing: You have the right to request the controller to restrict the processing of your personal data where:
- you contest the accuracy of the personal data until the controller has taken sufficient steps to correct or verify its accuracy;
- the processing is unlawful but you do not want the controller to erase the data;
- the controller no longer needs your personal data for the purposes of the processing, but you require such data for the establishment, exercise or defense of legal claims; or
- you have objected to processing justified on legitimate interest grounds (see above) pending verification as to whether the controller has overriding compelling legitimate grounds to continue processing.
Data portability: You, as an individual, have the right to receive personal data about you that you have provided to the controller in a structured, commonly used, and machine-readable format, and also to require the controller to transmit it to another controller where this is technically feasible. Namely when processing is based on consent or a contract, and processing is carried out by automated means.
Right to object: On grounds relating to your specific situation, you have the right to object at any time to the processing of personal data that is necessary to perform tasks in the public interest or exercise public authority conferred on the controller (point (e) of Article 6 (1) of the EU General Data Protection Regulation) or is necessary for legitimate interests pursued by the controller or a third party (point (f) of Article 6 (1) of the EU General Data Protection Regulation), including profiling on the basis of those treatments. The controller ceases to process personal data unless it proves urgent legitimate reasons for the processing that outweigh your interests, rights, and freedoms, or for asserting, enforcing, or defending legal claims.
Where personal data are processed for marketing purposes, the individual has the right to object at any time to the processing of data relating to him/her for the purposes of such marketing, including the creation of profiles, insofar as it relates to such direct marketing. Where an individual objects to processing for direct marketing purposes, the data shall no longer be processed for those purposes.
Where data is processed for scientific or historical research purposes or for statistical purposes, the individual has the right to object to the processing of data relating to him/her for reasons related to his/hers particular situation, unless the processing is necessary for the performance of a task carried out by reasons of public interest.
Right to lodge a complaint with a supervisory authority: Without prejudice to any other (administrative or other) remedy, you, as an individual, have the right to lodge a complaint with the supervisory authority, in particular in the country where you have your habitual residence, where you work or where the infringement allegedly took place, if you believe that the processing of your personal data violates the regulations on the protection of personal data. In Slovenia, the tasks of the supervisory authority are performed by the Information Commissioner.
Without prejudice to any other (administrative or extrajudicial) remedy, you as an individual have the right to an effective remedy against a legally binding decision of the supervisory authority, as well as in the event that the supervisory authority does not consider your complaint or does not inform you about the situation or the decision on the appeal within three months. Proceedings against the supervisory authority shall be subject to the jurisdiction of the courts of the Member State in which the supervisory authority is established.
The controller may, for the purposes of identification of the individual in case of exercising his/her rights in relation to personal data, request additional data from the individual and may refuse to act, if the individual cannot be reliably identified.
The controller must respond to the request of the individual by which he/she exercises his/her rights in relation to personal data without undue delay and no later than one month from the receipt of the request.
As a data subject, you have the right to lodge a complaint at the following address: Republic of Slovenia, Information Commissioner, Dunajska cesta 22, 1000 Ljubljana, telephone: 01 230 97 30, e-mail: email@example.com.
Where we send your data
Automated Spam Detection Service
User comments may be checked through an automated spam detection service.
Exchange of information
The Company does business with other service providers and suppliers in order to provide the comprehensive range of services and solutions as described above. These service providers may change their offer or sign a contract with additional service providers to better meet the needs of our customers.
Your personal data will be disclosed to third parties only to the extent necessary to fulfill our contractual relationship. The legal basis for the transfer of your personal data are points (b) and (f) of Article 6 (1) of the EU General Data Protection Regulation as they also represent our legitimate interest in enforcing our general terms and conditions or other contracts concluded with you. We may transfer your personal information to other countries for the purposes of data consolidation, storage, simplified customer information management, and reporting.
We may disclose anonymous aggregate statistics about our Site users to potential partners, advertisers, and other reputable third parties for the purpose of describing our services and other legitimate purposes. However, such information will not contain any personal information.
We may disclose your personal information to our contractors who assist us in providing the services we offer through the Site. Such transfer will always be based on a personal data processing agreement, which means that our contractors will only use your personal data to the extent necessary to perform their functions and will be contractually obliged to process your personal data only on our behalf and in accordance with our requirements.
The Company does not disclose personal information to third parties for its own use without your permission. However, the Company must share information in some cases as a result of applicable law. For example, we must disclose information due to a court order, testimony, or judicial investigation. In addition, we may voluntarily provide information in accordance with applicable law to assist in the investigation of law enforcement, or if disclosure is necessary to protect our systems, our business, or the rights of others.
Cross-border data transmission
As part of the above data exchange activities, your personal data may be transferred to other countries (such as US), which may have different data protection standards from the country in which you reside. Please note that data processed in a foreign country may be subject to foreign laws and be accessible to foreign governments, courts, law enforcement agencies, and regulatory agencies. Notwithstanding the foregoing, we will endeavor to take reasonable steps to maintain an appropriate level of data protection in the exchange of your personal data with such countries.
This Site is affiliated with CMI Marketing, Inc., d/b/a CafeMedia (“CafeMedia”) for the purposes of placing advertising on the Site, and CafeMedia will collect and use certain data for advertising purposes. To learn more about CafeMedia’s data usage, click here: www.cafemedia.com/publisher-advertising-privacy-policy