Here at The Dartmoor Soap Company we take your privacy seriously – collecting only the data we need to be able to provide you with our services. We do not share your data with any other organisations, and make every effort to ensure that the data we hold is kept secure.
What personal data we collect and why we collect it:
Buying from Our Shop
When you visit our shop checkout, we collect your order details, billing and delivery information, and any other contact details that you provide us with. This information is collected solely for the purposes of processing your order.
Payment Details
We do not collect or hold any card details. All payments are processed externally to our site, by PayPal – their privacy policy is available at: https://www.paypal.com/en/webapps/mpp/ua/privacy-full
Comments & Reviews
If you leave comments or reviews on our website, we collect the data shown in the comments form, and also your IP address and browser user agent string to help with spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Contact forms
If you use the contact form on our website, your name, email address and message are sent directly to us in the form of an email from the website. We will then hold this information for the purposes of replying to your message, and for any continuing correspondence.
Mailing List Sign-Up
If you sign up for our mailing list, we will hold your email address for the purposes of sending you newsletters and news items from our website. The service involves a “double opt-in”, so that email addresses entered on the site are verified through the sending of a confirmation email – if the email address is not confirmed, then we do not retain it. You can opt out of the service at any time, by clicking on the “Unsubscribe” link, or by contacting us. The service is provided by MailChimp – their privacy policy is available at: https://mailchimp.com/legal/privacy/
Accounts
If you create an account on our website, your username and email address will be stored in the site database. Passwords are converted to an anonymized string (also called a hash), through the use of a one-way encryption algorithm, and it is only this anonymized string that is securely stored by the site. The password itself cannot be accessed, or re-created from the hash – by us or anybody else. The website also stores any other personal information that you provide in your user profile. You can see, edit, or delete your personal information at any time. Our website administrators can also see and edit that information.
Cookies
Analytics Cookies
When you visit our site, Google Analytics sets a cookie to enable it to distinguish individual users, which expires after 2 years. It also sets a temporary cookie, which expires after 1 minute, to control the rate of exchange of data with its servers. The cookies do not contain any personally identifiable data.
We use Google Analytics to collect information about the number of visits to our site. We use a standard implementation of Google Analytics, which does not store any personally identifiable information. Visitors’ IP addresses are used, where possible, to determine the area in which their device is located but the IP address itself is not data that can be accessed through Google Analytics. All data in Google Analytics is aggregated and anonymised.
Marketing Cookies
We do not directly set any marketing cookies. However, Third Party content embedded within our site may set additional cookies for their own marketing purposes. Pages on this site may include embedded content (such as Google Maps or Vimeo videos). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account (such as a Google or Vimeo account) and are currently logged in to that account in your web browser. Third Party cookies can be disabled in your web browser in the privacy section of the browser’s settings – for instructions on how to do this in the most popular browsers, visit the providers’ support sites: Google Chrome, Apple Safari, Mozilla Firefox or Microsoft Edge.
Security and Spam Protection
This site employs software to protect against unauthorised login, spam and other malicious activity. Where malicious activity is detected, the IP address from which it originated will be stored.
How long we retain your data
If you leave a comment or review, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
If you provide us with your contact details or other information, we will retain it indefinitely, unless you have specifically requested otherwise or until such time as you request that it is removed. During the time that we retain your details, we will use them only for the purpose(s) for which you gave your consent – such as corresponding over a question or request, receiving news updates, or for processing orders from our shop.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
This site is hosted on a secure server situated within the EU. Information provided when you sign up to the email subscription service may be held by MailChimp on servers outside the EU, where it is safeguarded to the same standards as if the data was held within the EU – see: https://mailchimp.com/legal/privacy/
Your contact information, and information for processing your orders may also be held securely in our own computer and paper records systems. Some data held in our own systems is also stored in secure cloud storage provided by Microsoft, where it remains private and is held on servers based in the EU or on servers where it is safeguarded to the same standards as if the data was held within the EU – see: https://products.office.com/en-gb/business/office-365-trust-center-privacy
How we protect your data
This site employs a secure (https) connection and, as such, any data you exchange with the site is transmitted over a secure, encrypted connection – details of our security certificate can be viewed by clicking on the symbol to the left of our website address in your browser address bar. Access to data held within the site, within our own computer systems and cloud storage, or within our account with MailChimp (the providers of the email subscription service) is password-protected and subject to additional layers of security.
What data breach procedures we have in place
If we suspect that there has been any unauthorised access to, or disclosure of, the personal data we hold, we will immediately inform anyone who we believe may have been affected.
Our contact information
For any matter related to privacy or the storage and processing of personal data, please contact us at: hello@