Who we are
Whole Life Soaps, a privately-owned handmade soap and lotion company, is located in Wrightwood, California at 6013 Park Drive. We do e-business at the following website: wholelifesoaps.com. We are a registered business in the state of California under the State Board of Equalization (#102-66848800003) and in San Bernardino County as a registered business using the fictitious business title of Whole Life Soaps.
What personal data we collect and why we collect it
When you visit our store front, we use the credit card processor Squareup for our in-store purchases. At time of purchase, if paying by cash, you have the option of providing a phone number to collect reward points that go toward earning a $15 gift card good in-store only. At this time, this website and the storefront POS system which runs the rewards program are not able to communicate. We hope o remedy this in the future. Online customers may save their receipts and bring them to our physical storefront for redemption if they so choose.
When using credit cards, our payment processors (PayPal, Squareup, and Stripe) collect the following information at time of purchase:
· Email Address
· Dates of Purchase
· Billing and/or Shipping Addresses
· Phone number
· Order information
· Payment Method
· Last four digits of credit method used
· Card expiration date
· Card digital fingerprint
· Website ELD number
· Payment processor ID number
· Receipt History
In addition, Customers have the option of registering for an account on our website to help facilitate their customer experience. Customers can choose to store a payment option, view their past orders, and update their shipping preferences.
We do not store any payment information on wholelifesoaps.com. Our website only stores the following personal information: Name, order history, email address, shipping address, and billing address.
Who we share your data with
When you signup for an account on wholelifesoaps.com, your information is shared with the third-party emailer MailChimp. We only share your email address with them. This information is used for updating customers about current or new promotional campaigns offered either online at wholelifesoaps.com or in store at our Wrightwood, Ca location.
When you sign-up for our Star Rewards Program in-store, Squareup collects your phone number and email address as well as your credit card information. Square uses this information for their marketing programs and may share it with other third-parties like Google Analytics. Squareup also uses this information across multiple merchants for tracking your purchases and sending you itemized receipts.
How long we retain your data
We keep all customer information for a period of seven years for tax purposes. Customers may ask that we delete their information sooner, if they prefer.
What rights you have over your data
We value your privacy. Because of this, you keep yor righst to any data we collect. If you would like your data removed from wholelifesoaps.com, please email us and we will remove it for you.
Where we send your data
Customers who provide information through our e-commerce site wholelifesoaps.com are supplying data to our webhost client Squarespace.com. Squarespace stores your data in multiple Tier III data centers across the United States. Squarespace serves images and other static assets via multiple geographically distributed content delivery networks (CDNs). This system ensures that the data in each page view is served from the data center closest to the visitor’s location.
All Squarespace sites are hosted across a private cloud with full redundancy. If a primary service fails, Squarespace can switch to a backup service. Squarespace Operations team monitors Squarespace sites 24x7 and is ready to respond to incidents within minutes of detecting an anomaly.
In addition, we use MailChimp for promotional email content. Read about MailChimp’s updated privacy policies here: https://mailchimp.com/legal/privacy/
For questions regarding your information, or to remove your information from our website, please send an email to firstname.lastname@example.org. Please write “privacy concerns” in the subject header and then tell us your concerns. We will respond within 48 hours.
How we protect your data
Our website and payment processors use SSL Certificates and data encryption provided by our processors to protect your sensitive information. To verify that SSL is protecting a page, look for a URL beginning with https://, instead of http://, and a green, closed padlock icon. This allows visitors to navigate the website and submit information through a secure connection.
SSL provides three important security benefits:
· Privacy: Encrypts the connection between the browser and web server and securely transmits information (like login credentials) to prevent unauthorized parties from eavesdropping.
· Data integrity: Prevents unauthorized parties from altering data during transmission (like during a Form Block submission).
· Authentication: Protects against impersonation by requiring web server proof of identity.
What data breach procedures we have in place
In the event of a data breach, we will notify all customers in our data base via email. We will also notify the appropriate authorities.
In the event of a data breach, you the consumer should do the following:
· Notify your bank. Verify your account details and change PIN codes.
· Double check email addresses from incoming emails. Cyber-criminals can pose as bank representatives and ask for credentials.
· Do not click suspicious looking links or download files from unknown sources.
· Consider placing a hold on your credit through each of the three major credit-reporting agencies (Equifax, Experian, and Transunion).
· Monitor your credit report for suspicious activity.