Per GDPR compliance, if you find that any piece of this isn’t easy to understand…shoot us an email via email@example.com.
The short of it:
We’re a small business and don’t have the time or the ability to do any shady stuff with your data. We wouldn’t even know how if we tried. We’re also too busy making tasty chocolates and confections to figure it out.
We collect your email address to send you coupon codes, interesting chocolate info, and the occasional sales email (who doesn’t like chocolate on sale?!). If you purchase something, we collect your info so we can contractually charge and provide you with the good(s) you purchased. We’re also gonna stalk you occasionally via FB ads.
Yep. We use the totally not-tasty kind to remember your preferences and present you with a customized experience. It’s really internet status quo at this point. You can block cookies at any time in your own browser settings, but—fair warning—the site may not work the way you want it to.
Just like almost every other business website you visit, we’re following you around our site via Google Analytics. We like knowing what you like and what you care about so we can give you more of what you like and what you care about.
We also use the Facebook Pixel. It sees you visiting our site and shows you our advertisements via FB and Instagram based on stuff you engaged with and were or may be interested in—in hopes you buy it. Because we’re a business, and we need to sell things to stay a business and not become a very expensive hobby.
As of the time we’re updating this agreement, we don’t know of a Facebook pixel blocker. But we know that if you use incognito mode in your browser it doesn’t seem to track you. We’ve also heard that apps that block social media while you’re working won’t track you via the FB pixel either.
We do know that both of these track your IP address which the EU feels can be used to personally identify who you are. We have no freaking clue how to do this or even what we would do with it if we could.
Really all these things tell us at the end of the day is that a human engaged with our business and how they did so.
What We Use To Store Your Data
When you opt-in to receive a discount on your first order, you give us your email address. When you buy something, you give us your payment info and a few more personal details. We use the info you give us to, again, retarget you via Facebook, YouTube, Pinterest, and Google for more stuff from us you would legitimately likely be interested in based on what you’ve opted in for or purchased from us.
Mailchimp: We use Mailchimp to store your first name and your email address. That’s really it. You give us your email address. We send you the discount code and a few times a month send you info on chocolate and promos that based on what you opted in for show you have a legitimate interest in. Don’t want the emails? We put an unsubscribe link at the bottom of each and every email. You just click it and you won’t be emailed any additional emails again (outside of order updates)—unless you opt-in again, of course. Mailchimp is GDPR compliant.
Stripe: We use this service to run your credit card when you buy stuff from us. None of this information is held on our site and only one person has access to it. Stripe has assured us they are GDPR compliant.
If you sign up for more information about chocolate/our products (i.e. our newsletter—but we hate that word), we’re gonna send you our newsletter. We strive to send 4ish a month. Rarely we send more, usually we send less. There’s an unsubscribe link at the bottom of every email if you don’t want this info anymore.
If you opt-in for the discount code, we’ll use your info to send you that discount code. We usually follow this up with suggested confections we’re currently loving or are in season, or—even better—on sale. We do this because we can’t go around giving away everything for free all the time—otherwise we wouldn’t have a business, and we really like running a business, making money, paying our bills, and making people happy with delicious chocolate.
Mailchimp tracks info for us like what links you click on and if you open/don’t open. We use that info to resend you an email we think you’d really like if Mailchimp says you didn’t open it or to send you more content focused on what you do like based on what you clicked on in previous emails.
You Have A Right To Be Deleted:
If you want us to delete the info we have on you from our systems, that’s cool by us. Shoot us an email to firstname.lastname@example.org and we’ll remove it.
By the way, this does NOT include your info from Stripe. You need to contact Stripe to do that. Uncle Sam says we need keep that info for tax purposes for 7 years. After that, we shred/delete that info because we don’t really want to hold on to your info any longer than we have to either.
Legally we have 72 hours to let you know if your data is part of a data breach that we’re a part of. We’ll let you know as soon as we know some jackass has infiltrated our systems and taken your data. Which We hope that never happens—because again, we don’t keep anything worth the effort of stealing it.
CHILDREN – ONLINE PRIVACY PROTECTION ACT COMPLIANCE
CHANGES TO THIS POLICY
Updated: July 2018