Who we are
Our website address is: https://greylittlearrows.com
1. What Personal Data We Collect and Why
Comments:
When visitors leave comments, we collect the data shown in the comment form, as well as the visitor’s IP address and browser user agent to help detect spam. An anonymized hash of your email address may be sent to the Gravatar service to check if you’re using it. Gravatar’s privacy policy can be found here. Once your comment is approved, your profile picture becomes publicly visible.
Media Uploads:
If you upload images, please avoid including embedded location data (EXIF GPS), as visitors can extract this data from website images.
Cookies:
-
Leaving a comment? You may choose to save your name, email, and website in cookies for your convenience. These cookies will last for one year.
-
Logging in? Temporary cookies confirm your browser accepts cookies. These are discarded when you close your browser.
-
Upon login, cookies are set for login credentials and screen preferences:
-
Login cookies: 2 days
-
Screen options: 1 year
-
“Remember Me” enabled: 2 weeks
-
-
Editing or publishing a post sets a cookie with the post ID, which expires after 1 day.
Embedded Content:
Our articles may include embedded content (videos, images, etc.) from other websites. Such content behaves as if visited directly on the source website and may collect data, use cookies, and track interactions.
2. Data Retention
-
Comments: Retained indefinitely, including metadata, to streamline future moderation.
-
User Accounts: For registered users, we store personal information in their user profile. Users can view, edit, or delete their data (excluding usernames). Admins may also manage this data.
3. Your Data Rights
If you have an account or have left comments, you may request:
-
An exported file of your personal data.
-
The deletion of your personal data, excluding data we must retain for legal, administrative, or security purposes.
4. Data Transfers and Third Parties
-
Automated Spam Detection: Visitor comments may be processed through an anti-spam service.
-
Third-Party Services: We only share data with providers essential for delivering our services (e.g., payment processors). These providers have their own privacy policies, and we recommend reviewing them to understand how your data is handled.
-
International Transfers: If you’re located outside the U.S. and interact with a U.S.-based payment provider, your data may be subject to U.S. laws, including the Patriot Act.
-
Once you leave our site or are redirected to a third-party platform, their privacy policy will apply.
5. How We Protect Your Data
We implement industry-standard security measures, including:
-
SSL encryption for data transmission.
-
AES-256 encryption for credit card information.
-
Compliance with PCI-DSS and other recognized security protocols.
Despite these efforts, no method is 100% secure. We follow best practices to safeguard your data.
6. Analytics
We use Google Analytics to understand visitor behavior and site usage patterns.
7. Age of Consent
By using our site, you confirm that you are:
-
At least the age of majority in your region, or
-
A legal guardian providing consent for your minor dependents to use our services.
8. Policy Updates
We may update this Privacy Policy at any time. Changes take effect immediately upon posting. Material updates will be clearly indicated on this page. If the store is acquired or merges with another entity, your information may be transferred to ensure continued service.
9. Contact Us
To access, correct, amend, or delete your data—or for questions or complaints—please contact us at [email protected].
