Transparency: We added additional information about how, and when, we collect, use and share your personal information.
GDPR: Entering into effect on May 25, 2018, GDPR enforces a new set of rules and standards for the processing of personal data of individuals in the EU. Healthy Tree Frog is compliant with GDPR and our updated Privacy & Cookies Policy takes into account and applies the requirements of the regulation.
The updated Privacy & Cookies Policy will take effect on May 25, 2018. By using Healthy Tree Frog’s services on or after that date, you’ll be agreeing to our updated Privacy & Cookies Policy.
This is the privacy notice of Healthy Tree Frog. In this document, “we”, “our”, or “us” refer to Healthy Tree Frog.
Our website address is: https://www.healthytreefrog.com
We are a non-profit website. Our Data Protection Officer is Karen Lennox-Williams.
Healthy Tree Frog consists of a group of volunteer bloggers that work from home and have no registered office.
Healthy Tree Frog has no control over and no liability for the content or the administration of any partner site or the partner offers.
This privacy policy has been compiled to better serve those who are concerned with how their ‘Personally Identifiable Information’ (PII) is being used online. PII, as described in the European law and US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website. In the context of the law and this notice, “process” means collect, store, transfer, use or otherwise act on information.
We regret that if there are one or more points below with which you are not happy, your only recourse is to leave our website immediately.
We take seriously the protection of your privacy and confidentiality. We understand that all visitors to our website are entitled to know that their PII will not be used for any purpose unintended by them, and will not accidentally fall into the hands of a third party.
We undertake to preserve the confidentiality of all information you provide to us, and hope that you reciprocate.
The following policy is written in compliance with the new GDPR European Law and the California Online Privacy Protection Act
The law requires us to tell you about your rights and our obligations to you in regards to the processing and control of your PII. We do this now, by requesting that you read the information provided at www.knowyourprivacyrights.org
Except as set out below, we do not share, or sell, or disclose to a third party, any information collected through our website.
The law requires us to determine under which of six defined bases we process different categories of your PII, and to notify you of the basis for each category.
If a basis on which we process your PII is no longer relevant then we shall immediately stop processing your data.
If the basis changes then if required by law we shall notify you of the change and of any new basis under which we have determined that we can continue to process your information.
Through certain actions when otherwise there is no contractual relationship between us, such as when you browse our website or ask us to provide you more information about our business, including our products and services, you provide your consent to us to process information that may be PII.
Wherever possible, we aim to obtain your explicit consent to process this information, for example, by asking you to agree to our use of cookies.
Sometimes you might give your consent implicitly, such as when you send us a message by e-mail to which you would reasonably expect us to reply.
Except where you have consented to our use of your information for a specific purpose, we do not use your information in any way that would identify you personally. We may aggregate it in a general way and use it to provide class information, for example to monitor the performance of a particular page on our website.
We continue to process your information on this basis until you withdraw your consent or it can be reasonably assumed that your consent no longer exists.
You may withdraw your consent at any time by instructing us at info@healthytreefrog.com. However, if you do so, you may not be able to use our website or our services further.
We may process information on the basis there is a legitimate interest, either to you or to us, of doing so.
Where we process your information on this basis, we do after having given careful consideration to:
whether the same objective could be achieved through other means
whether processing (or not processing) might cause you harm
whether you would expect us to process your data, and whether you would, in the round, consider it reasonable to do so
For example, we may process your data on this basis for the purposes of:
record-keeping for the proper and necessary administration of Healthy Tree Frog
responding to unsolicited communication from you to which we believe you would expect a response
protecting and asserting the legal rights of any party
insuring against or obtaining professional advice that is required to manage Healthy Tree Frog’s risk
protecting your interests where we believe we have a duty to do so
Like many other Web sites, Healthy Tree Frog makes use of log files. The information inside the log files includes internet protocol ( IP ) addresses, type of browser, Internet Service Provider ( ISP ), date/time stamp, referring/exit pages, and number of clicks to analyze trends, administer the site, track user’s movement around the site, and gather demographic information. IP addresses, and other such information are not linked to any information that is personally identifiable and is removed from our servers within 24 hours.
We are subject to the law like everyone else. Sometimes, we must process your information in order to comply with a statutory obligation.
For example, we may be required to give information to legal authorities if they so request or if they have the proper authorisation such as a search warrant or court order.
This may include your PII.
We do not use vulnerability scanning and/or scanning to PCI standards.
An external PCI compliant payment gateway handles all CC transactions.
We use regular Malware Scanning.
All identifiable information is deleted within 24 hours and no PII is stored on this website or the server.
Your PII is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your PII.
All transactions are processed through a gateway provider and are not stored or processed on our servers.
Our website allows you to post information with a view to that information being read, copied, downloaded, or used by other people.
Examples include:
Comments on blog posts
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Once your information enters the public domain, we have no control over what any individual third party may do with it. We accept no responsibility for their actions at any time.
If you complain about any of the content on our website, we shall investigate your complaint.
If we feel it is justified or if we believe the law requires us to do so, we shall remove the content while we investigate.
Free speech is a fundamental right, so we have to make a judgment as to whose right will be obstructed: yours, or that of the person who posted the content that offends you.
If we think your complaint is vexatious or without any basis, we shall not correspond with you about it.
Payment information is never taken by us or transferred to us either through our website or otherwise. Our employees and contractors never have access to it.
At the point of payment, you are transferred to a secure page on the website of PayPal or some other reputable payment service provider. That page may be branded to look like a page on our website, but it is not controlled by us.
When you contact us, through our website or by e-mail, we collect the data you have given to us in order to reply with the information you need.
We record your request and our reply in order to increase the efficiency of Healthy Tree Frog
We do not keep any PII associated with your message, such as your name or email address.
When we receive a complaint, we record all the information you have given to us.
We use that information to resolve your complaint.
If your complaint reasonably requires us to contact some other person, we may decide to give to that other person some of the information contained in your complaint. We do this as infrequently as possible, but it is a matter for our sole discretion as to whether we do give information, and if we do, what that information is.
We may also compile statistics showing information obtained from this source to assess the level of service we provide, but not in a way that could identify you or any other person.
If you have a complaint about Healthy Tree Frog:
Direct all complaints here: info@healthytreefrog.com
We’ll also use cookies to keep track of cart contents while you’re browsing our site
When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:
If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.
We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for 2 years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.
We will also store comments or reviews, if you choose to leave them.
Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access: Karen Lennox-Williams (administrator)
Our team members have access to this information to help fulfill orders, process refunds and support you.
We share information with third parties who help us provide our orders and store services to you; for example –WooCommerce
We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information.
Cookies are small text files that are placed on your computer’s hard drive by your web browser when you visit any website. They allow information gathered on one web page to be stored until it is needed for use on another, allowing a website to provide you with a personalised experience and the website owner with statistics about how you use the website so that it can be improved.
Some cookies may last for a defined period of time, such as one day or until you close your browser.
Your web browser should allow you to delete any cookies you choose. It also should allow you to prevent or limit their use.
Our website uses cookies. They are placed by software that operates on our servers, and by software operated by third parties whose services we use.
When you first visit our website, we ask you whether you wish us to use cookies. If you choose not to accept them, we shall not use them for your visit except to record that you have not consented to their use for any other purpose.
To track how you use our website
If you have an account and you log into this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Requests by your web browser to our servers for web pages and other content on our website are recorded.
We record information such as your geographical location, your Internet service provider and your IP address. We also record information about the software you are using to browse our website, such as the type of computer or device and the screen resolution.
We use this information in aggregate to assess the popularity of the web pages on our website and how we perform in providing content to you.
Although we do not disclose your personal information to any third party (except as set out in this notice), we sometimes receive data that is indirectly made up from your PII from third parties whose services we use.
No such information is personally identifiable to you.
Services Used:
WordPress Plugins:
MailChimp: Used to save email subscriptions. Privacy Policy
Jetpack provided by (Automattic): Stats, comments and security. Privacy Policy
Wordfence: Security and site traffic. Privacy Policy
Onesignal: Used to provide notifications to subscribers of new posts. Privacy Policy
Easy Social Share Buttons provided by (Appscreo): Used to record shares of posts. https://appscreo.com/
WooCommerce
Third parties may advertise on our website. In doing so, those parties, their agents or other companies working for them may use technology that automatically collects information about you when their advertisement is displayed on our website.
They may also use other technology such as cookies or JavaScript to personalise the content of, and to measure the performance of their adverts.
We do not have control over these technologies or the data that these parties obtain. Accordingly, this privacy notice does not cover the information practices of these third parties.
Third Party Advertising:
Google Adsense:
Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users. Support at Google
We use Google AdSense Advertising on our website.
Google, as a third-party vendor, uses cookies to serve ads on our site. Google’s use of the DART cookie enables it to serve ads to our users based on previous visits to our site and other sites on the Internet. Users may opt out of the use of the DART cookie by visiting the Google ad and content network privacy policy at the following URL – Google ad and content network privacy policy
Skimlinks: Privacy Policy
Clickbank: Privacy Policy
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behave in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.
Our website is hosted in USA.
We may also use outsourced services in countries outside the European Union from time to time in other aspects of our business.
Accordingly data obtained within the UK or any other country could be processed outside the European Union.
For example, some of the software our website uses may have been developed in the United States of America or in Australia.
We use the following safeguards with respect to data transferred outside the European Union:
the processor is within the same corporate group as our business or organisation and abides by the same binding corporate rules regarding data processing.
the data protection clauses in our contracts with data processors include transfer clauses written by or approved by a supervisory authority in the European Union.
we comply with a code of conduct approved by a supervisory authority in the European Union.
CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting PII from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared. – See more at:
http://consumercal.org/california-online-privacy-protection-act
According to CalOPPA, we agree to the following:
Users can visit our site anonymously.
To find out if we hold any information about you, contact us at: info@healthytreefrog.com
If you wish us to remove PII from our website, you may contact us at: info@healthytreefrog.com
This may limit the service we can provide to you.
When we receive any request to access, edit or delete PII we shall first take reasonable steps to verify your identity before granting you access or otherwise taking any action. This is important to safeguard your information.
When it comes to the collection of PII from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
This website is directed to adults; it is not directed to children under the age of 13. We operate our site in compliance with the Children’s Online Privacy Protection Act, and will not knowingly collect or use PII from anyone under 13 years of age.
We do not let third-parties, including ad networks or plug-ins collect PII from children under 13.
We use Secure Sockets Layer (SSL) certificates to verify our identity to your browser and to encrypt any data you give us.
Whenever information is transferred between us, you can check that it is done so using SSL by looking for a closed padlock symbol or other trust mark in your browser’s URL bar or toolbar.
If you are not happy with our privacy policy or if have any complaint then you should tell us by email. Our address is info@healthytreefrog.com
If a dispute is not settled then we hope you will agree to attempt to resolve it by engaging in good faith with us in a process of mediation or arbitration.
If you are in any way dissatisfied about how we process your PII, you have a right to lodge a complaint with the Information Commissioner’s Office. This can be done at https://ico.org.uk/concerns/
Our privacy policy has been compiled so as to comply with the law of every country or legal jurisdiction in which we aim to do business. If you think it fails to satisfy the law of your jurisdiction, we should like to hear from you.
However, ultimately it is your choice as to whether you wish to use our website.
We honour Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
In order to be in line with GDPR Practices we will take the following responsive action, should a data breach occur:
If you are registered on this website:
We will notify you via email:
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
If there are any questions regarding this privacy policy, you may contact Karen Lennox-Williams (DPO) at:
info@healthytreefrog.com
healthytreefrog.com
Last updated 19/05/2018
