back to homepage

Privacy and Cookie Policy

Highlights of what has been updated

 

Transparency: We added additional information about how, and when, we collect, use and share your personal information.

GDPR: Entering into effect on May 25, 2018, GDPR enforces a new set of rules and standards for the processing of personal data of individuals in the EU. Healthy Tree Frog is compliant with GDPR and our updated Privacy & Cookies Policy takes into account and applies the requirements of the regulation.

The updated Privacy & Cookies Policy will take effect on May 25, 2018. By using Healthy Tree Frog’s services on or after that date, you’ll be agreeing to our updated Privacy & Cookies Policy.

Privacy Policy

This is the privacy notice of Healthy Tree Frog. In this document, “we”, “our”, or “us” refer to Healthy Tree Frog.

Our website address is: https://www.healthytreefrog.com

We are a non-profit website. Our Data Protection Officer is Karen Lennox-Williams.

Healthy Tree Frog consists of a group of volunteer bloggers that work from home and have no registered office.

Healthy Tree Frog has no control over and no liability for the content or the administration of any partner site or the partner offers.

 Introduction

This privacy policy has been compiled to better serve those who are concerned with how their ‘Personally Identifiable Information’ (PII) is being used online. PII, as described in the European law and US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website. In the context of the law and this notice, “process” means collect, store, transfer, use or otherwise act on information.

We regret that if there are one or more points below with which you are not happy, your only recourse is to leave our website immediately.

We take seriously the protection of your privacy and confidentiality. We understand that all visitors to our website are entitled to know that their PII will not be used for any purpose unintended by them, and will not accidentally fall into the hands of a third party.

We undertake to preserve the confidentiality of all information you provide to us, and hope that you reciprocate.

The following policy is written in compliance with the new GDPR European Law and the California Online Privacy Protection Act

The law requires us to tell you about your rights and our obligations to you in regards to the processing and control of your PII. We do this now, by requesting that you read the information provided at www.knowyourprivacyrights.org

Except as set out below, we do not share, or sell, or disclose to a third party, any information collected through our website.

The bases on which we process information about you

The law requires us to determine under which of six defined bases we process different categories of your PII, and to notify you of the basis for each category.

If a basis on which we process your PII is no longer relevant then we shall immediately stop processing your data.

If the basis changes then if required by law we shall notify you of the change and of any new basis under which we have determined that we can continue to process your information.

Information we process with your consent

Through certain actions when otherwise there is no contractual relationship between us, such as when you browse our website or ask us to provide you more information about our business, including our products and services, you provide your consent to us to process information that may be PII.

Wherever possible, we aim to obtain your explicit consent to process this information, for example, by asking you to agree to our use of cookies.

Sometimes you might give your consent implicitly, such as when you send us a message by e-mail to which you would reasonably expect us to reply.

Except where you have consented to our use of your information for a specific purpose, we do not use your information in any way that would identify you personally. We may aggregate it in a general way and use it to provide class information, for example to monitor the performance of a particular page on our website.

We continue to process your information on this basis until you withdraw your consent or it can be reasonably assumed that your consent no longer exists.

You may withdraw your consent at any time by instructing us at info@healthytreefrog.com. However, if you do so, you may not be able to use our website or our services further.

Information we process for the purposes of legitimate interests

We may process information on the basis there is a legitimate interest, either to you or to us, of doing so.

Where we process your information on this basis, we do after having given careful consideration to:

    • whether the same objective could be achieved through other means

    • whether processing (or not processing) might cause you harm

    • whether you would expect us to process your data, and whether you would, in the round, consider it reasonable to do so

For example, we may process your data on this basis for the purposes of:

    • record-keeping for the proper and necessary administration of Healthy Tree Frog

    • responding to unsolicited communication from you to which we believe you would expect a response

    • protecting and asserting the legal rights of any party

    • insuring against or obtaining professional advice that is required to manage Healthy Tree Frog’s risk

    • protecting your interests where we believe we have a duty to do so

Like many other Web sites, Healthy Tree Frog makes use of log files. The information inside the log files includes internet protocol ( IP ) addresses, type of browser, Internet Service Provider ( ISP ), date/time stamp, referring/exit pages, and number of clicks to analyze trends, administer the site, track user’s movement around the site, and gather demographic information. IP addresses, and other such information are not linked to any information that is personally identifiable and is removed from our servers within 24 hours.

Information we process because we have a legal obligation

We are subject to the law like everyone else. Sometimes, we must process your information in order to comply with a statutory obligation.

For example, we may be required to give information to legal authorities if they so request or if they have the proper authorisation such as a search warrant or court order.

This may include your PII.

How do we protect your information?

We do not use vulnerability scanning and/or scanning to PCI standards.

An external PCI compliant payment gateway handles all CC transactions.

We use regular Malware Scanning.

All identifiable information is deleted within 24 hours and no PII is stored on this website or the server.

Your PII is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive information you supply is encrypted via Secure Socket Layer (SSL) technology.

We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your PII.

All transactions are processed through a gateway provider and are not stored or processed on our servers.

 

Specific uses of information you provide to us

Information provided on the understanding that it could be shared with a third party

Our website allows you to post information with a view to that information being read, copied, downloaded, or used by other people.

Examples include:

Comments on blog posts

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Once your information enters the public domain, we have no control over what any individual third party may do with it. We accept no responsibility for their actions at any time.

Complaints regarding content on our website

If you complain about any of the content on our website, we shall investigate your complaint.

If we feel it is justified or if we believe the law requires us to do so, we shall remove the content while we investigate.

Free speech is a fundamental right, so we have to make a judgment as to whose right will be obstructed: yours, or that of the person who posted the content that offends you.

If we think your complaint is vexatious or without any basis, we shall not correspond with you about it.

Information relating to your method of payment

Payment information is never taken by us or transferred to us either through our website or otherwise. Our employees and contractors never have access to it.

At the point of payment, you are transferred to a secure page on the website of PayPal or some other reputable payment service provider. That page may be branded to look like a page on our website, but it is not controlled by us.

Sending a message to our support team

When you contact us, through our website or by e-mail, we collect the data you have given to us in order to reply with the information you need.

We record your request and our reply in order to increase the efficiency of Healthy Tree Frog

We do not keep any PII associated with your message, such as your name or email address.

Complaining

When we receive a complaint, we record all the information you have given to us.

We use that information to resolve your complaint.

If your complaint reasonably requires us to contact some other person, we may decide to give to that other person some of the information contained in your complaint. We do this as infrequently as possible, but it is a matter for our sole discretion as to whether we do give information, and if we do, what that information is.

We may also compile statistics showing information obtained from this source to assess the level of service we provide, but not in a way that could identify you or any other person.

If you have a complaint about Healthy Tree Frog:

Direct all complaints here: info@healthytreefrog.com

Use of information we collect through automated systems when you visit our website

What we collect and store when you shop online

  • Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
  • Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
  • Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!

We’ll also use cookies to keep track of cart contents while you’re browsing our site

When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:

  • Send you information about your account and order
  • Respond to your requests, including refunds and complaints
  • Process payments and prevent fraud
  • Set up your account for our store
  • Comply with any legal obligations we have, such as calculating taxes
  • Improve our store offerings
  • Send you marketing messages, if you choose to receive them

If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.

We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for 2 years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.

We will also store comments or reviews, if you choose to leave them.

Who on our team has access

Karen Lennox-Williams (administrator)

  • Order information like what was purchased, when it was purchased and where it should be sent, and
  • Customer information like your name, email address, and billing and shipping information.

The administrator has access to this information to help fulfill orders, process refunds and support you.

What we share with others

We share information with third parties who help us provide our orders and store services to you; for example –WooCommerce

Payments

We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information.

Cookies

Cookies are small text files that are placed on your computer’s hard drive by your web browser when you visit any website. They allow information gathered on one web page to be stored until it is needed for use on another, allowing a website to provide you with a personalised experience and the website owner with statistics about how you use the website so that it can be improved.

Some cookies may last for a defined period of time, such as one day or until you close your browser.

Your web browser should allow you to delete any cookies you choose. It also should allow you to prevent or limit their use.

Our website uses cookies. They are placed by software that operates on our servers, and by software operated by third parties whose services we use.

When you first visit our website, we ask you whether you wish us to use cookies. If you choose not to accept them, we shall not use them for your visit except to record that you have not consented to their use for any other purpose.

We use cookies in the following ways:

To track how you use our website

If you have an account and you log into this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Personal identifiers from your browsing activity

Requests by your web browser to our servers for web pages and other content on our website are recorded.

We record information such as your geographical location, your Internet service provider and your IP address. We also record information about the software you are using to browse our website, such as the type of computer or device and the screen resolution.

We use this information in aggregate to assess the popularity of the web pages on our website and how we perform in providing content to you.

Information we obtain from third parties

Although we do not disclose your personal information to any third party (except as set out in this notice), we sometimes receive data that is indirectly made up from your PII from third parties whose services we use.

No such information is personally identifiable to you.

Services Used:

WordPress Plugins:

MailChimp: Used to save email subscriptions. Privacy Policy

Jetpack provided by (Automattic): Stats, comments and security. Privacy Policy

Wordfence: Security and site traffic. Privacy Policy

Onesignal: Used to provide notifications to subscribers of new posts. Privacy Policy

Easy Social Share Buttons provided by (Appscreo): Used to record shares of posts. https://appscreo.com/

WooCommerce

Third party advertising on the site

Third parties may advertise on our website. In doing so, those parties, their agents or other companies working for them may use technology that automatically collects information about you when their advertisement is displayed on our website.

They may also use other technology such as cookies or JavaScript to personalise the content of, and to measure the performance of their adverts.

We do not have control over these technologies or the data that these parties obtain. Accordingly, this privacy notice does not cover the information practices of these third parties.

Third Party Advertising:

Google Adsense:

  • Third party vendors, including Google, use cookies to serve ads based on a user’s prior visits to your website
  • Google’s use of the DoubleClick cookie enables it and its partners to serve ads to your users based on their visit to your sites and/or other sites on the internet
  • Users may opt out of the use of the DoubleClick cookie for interest-based advertising by visiting your Ad Settings.  aboutads.info

Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users. Support at Google

We use Google AdSense Advertising on our website.

Google, as a third-party vendor, uses cookies to serve ads on our site. Google’s use of the DART cookie enables it to serve ads to our users based on previous visits to our site and other sites on the Internet. Users may opt out of the use of the DART cookie by visiting the Google ad and content network privacy policy at the following URL – Google ad and content network privacy policy

Skimlinks: Privacy Policy

Clickbank: Privacy Policy

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behave in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

 

Data may be processed outside the European Union

Our website is hosted in USA.

We may also use outsourced services in countries outside the European Union from time to time in other aspects of our business.

Accordingly data obtained within the UK or any other country could be processed outside the European Union.

For example, some of the software our website uses may have been developed in the United States of America or in Australia.

We use the following safeguards with respect to data transferred outside the European Union:

the processor is within the same corporate group as our business or organisation and abides by the same binding corporate rules regarding data processing.

the data protection clauses in our contracts with data processors include transfer clauses written by or approved by a supervisory authority in the European Union.

we comply with a code of conduct approved by a supervisory authority in the European Union.

California Online Privacy Protection Act

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting PII from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared. – See more at:

http://consumercal.org/california-online-privacy-protection-act

According to CalOPPA, we agree to the following:

Users can visit our site anonymously.

 

Access to your own information

Find out what information we hold about you

To find out if we hold any information about you, contact us at: info@healthytreefrog.com

Removal of your information

If you wish us to remove PII from our website, you may contact us at: info@healthytreefrog.com

This may limit the service we can provide to you.

Verification of your information

When we receive any request to access, edit or delete PII we shall first take reasonable steps to verify your identity before granting you access or otherwise taking any action. This is important to safeguard your information.

Other matters

COPPA (Children Online Privacy Protection Act)

When it comes to the collection of PII from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.

This website is directed to adults; it is not directed to children under the age of 13. We operate our site in compliance with the Children’s Online Privacy Protection Act, and will not knowingly collect or use PII from anyone under 13 years of age.

We do not let third-parties, including ad networks or plug-ins collect PII from children under 13.

Encryption of data sent between us

We use Secure Sockets Layer (SSL) certificates to verify our identity to your browser and to encrypt any data you give us.

Whenever information is transferred between us, you can check that it is done so using SSL by looking for a closed padlock symbol or other trust mark in your browser’s URL bar or toolbar.

How you can complain

If you are not happy with our privacy policy or if have any complaint then you should tell us by email. Our address is info@healthytreefrog.com

If a dispute is not settled then we hope you will agree to attempt to resolve it by engaging in good faith with us in a process of mediation or arbitration.

If you are in any way dissatisfied about how we process your PII, you have a right to lodge a complaint with the Information Commissioner’s Office. This can be done at https://ico.org.uk/concerns/

Compliance with the law

Our privacy policy has been compiled so as to comply with the law of every country or legal jurisdiction in which we aim to do business. If you think it fails to satisfy the law of your jurisdiction, we should like to hear from you.

However, ultimately it is your choice as to whether you wish to use our website.

You will be notified of any Privacy Policy changes:

  • On our Privacy Policy Page

Can change your personal information:

How does our site handle Do Not Track signals?

We honour Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.

In order to be in line with GDPR Practices we will take the following responsive action, should a data breach occur:

If you are registered on this website:

We will notify you via email:

  • Within 48 hours

 

CAN SPAM Act

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

We collect your email address in order to:

  • Send information, respond to inquiries, and/or other requests or questions

To be in accordance with CANSPAM, we agree to the following:

  • Not use false or misleading subjects or email addresses.
  • Identify the message as an advertisement in some reasonable way.
  • Include the physical address of our business or site headquarters.
  • Monitor third-party email marketing services for compliance, if one is used.
  • Honor opt-out/unsubscribe requests quickly.
  • Allow users to unsubscribe by using the link at the bottom of each email.

Contacting Us

If there are any questions regarding this privacy policy, you may contact Karen Lennox-Williams (DPO) at:

info@healthytreefrog.com

healthytreefrog.com

Last updated 19/05/2018