Privacy

Image by Markus Winkler from Pixabay

Your privacy is important to us. This policy describes what information we and/or plugins we use collect and how we will handle that information. By submitting material to storiesfromacottage.com, you agree to be bound by the terms of the Privacy Policy.

(1) Personal information, sometimes referred to as “personally identifiable information,” is information which identifies, or could be used to identify you. Such information includes your address, telephone number and email address. This information will be collected when you submit a story so that we may contact you.

(2) If we elect to publish your story, your name, city and state will be included with your story unless you request we publish your story anonymously, and we agree to do so. No other personal information which you provide (e.g., your address, telephone number or email address) will be knowingly disclosed to any third party except as described below.

(3) storiesfromacottage.com is not directed to children, and we do not knowingly collect or maintain information from those individuals we know are under the age of 13. Visitors to the website who are under the age of 13 should not disclose or provide any personal information about themselves – e.g., do not tell us your name, address, telephone number or email address. If we discover any personal information from a child under the age of 13, we will delete it. If we decide to later collect personal information from children under the age of 13, we will do so in compliance with applicable privacy laws, including COPPA.

(4) Notwithstanding any other provision of this Privacy Policy, we will disclose personally identifiable information if required to do so by any state or federal law or regulation, by government request or by court order.

(5) We reserve the right to change or modify this Privacy Policy at any time without prior notice. Any such change or modification will become effective immediately upon posting.

 We use Facebook Ads to provide a means to earn advertising fees. View their privacy policy: https://www.facebook.com/legal/technology_terms

You can also view your Facebook ads settings and update your preferences at any time: https://www.facebook.com/help/568137493302217?helpref=faq_content

What personal data we collect and why we collect it

Comments

When visitors leave comments on the site, we collect the data shown in the comments form and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms

We keep contact form submissions indefinitely for customer service purposes, but we do not use the information submitted through them for marketing purposes.

Cookies

If you leave a comment on our site, you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year. View our cookie policy: https://storiesfromacottage.com/cookie-policy/

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me,” your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article. It expires after one day.

We use SiteLock for security. SiteLock uses cookies and processes data. View their privacy policy: https://www.sitelock.com/privacy-policy

We use the analytics provided by the Jetpack plugin from Automattic, which also uses cookies. View their privacy policy: https://automattic.com/privacy/

We use the analytics provided by Facebook Pixel, which also uses cookies. View their privacy policy: https://www.facebook.com/legal/technology_terms

Third party vendors, including Facebook and Google, use cookies, web beacons and other storage technologies to collect or receive information from our website and elsewhere on the internet. These third party vendors, including Facebook and Google, use that information to provide measurement services and to target ads. You may opt out of third-party vendors’ use of cookies for interest-based advertising by visiting aboutads.info or youronlinechoices

Google’s use of the DoubleClick DART cookie enables it and its partners to serve ads to our users based on their visit to our sites and/or other sites on the Internet.
What is the DoubleClick DART cookie? The DoubleClick DART cookie is used by Google in the ads served on publisher websites displaying AdSense for content ads. We display AdSense for content ads. When users visit an AdSense publisher’s website and either view or click on an ad, a cookie may be dropped on that end user’s browser. The data gathered from these cookies will be used to help AdSense publishers, including us, to better serve and manage the ads on their site(s) and across the web. Users may opt out of the use of the DoubleClick DART cookie for interest-based advertising by visiting Ads Settings.

Embedded content from other websites

Articles and stories on this site may include embedded content (e.g., videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged into that website.

Analytics

By default, WordPress does not collect any analytics data. However, many web hosting accounts collect some anonymous analytics data.

(5) We use the analytics provided by the Jetpack plugin from Automattic, which also uses cookies. View their privacy policy: https://automattic.com/privacy/

(6) We use Facebook Pixel, which also uses cookies, for advertising and analytics. View their privacy policy: https://www.facebook.com/legal/technology_terms

We use the analytics provided by Google Analytics. View their privacy policy: https://policies.google.com/privacy?hl=en-US

Mobile Theme

WPtouch Pro powers our mobile website.

Data Used: A visitor’s preference on viewing the mobile version of a site.

Activity tracked: A cookie (aka as wptouch-pro-view) is stored for 1 year to know whether a visitor is viewing the mobile or the desktop theme (in case they switched to desktop).

View WPtouch Pro’s privacy policy: https://www.wptouch.com/privacy-policy/

(7) Data used by the Jetpack plugin

Activity Log
This feature only records activities of a site’s registered users, and the retention duration of activity data will depend on the site’s plan and activity type.
Data Used: To deliver this functionality and record activities around site management, the following information is captured: user email address, user role, user login, user display name, WordPress.com and local user IDs, the activity to be recorded, the WordPress.com-connected site ID of the site on which the activity takes place, the site’s Jetpack version, and the timestamp of the activity. Some activities may also include the actor’s IP address (login attempts, for example) and user agent.
Activity Tracked: Login attempts/actions, post and page update and publish actions, comment/pingback submission and management actions, plugin and theme management actions, widget updates, user management actions, and the modification of other various site settings and options. Retention duration of activity data depends on the site’s plan and activity type. See the complete list of currently-recorded activities (along with retention information).
Data Synced (?): Successful and failed login attempts, which will include the actor’s IP address and user agent.

Comment Likes
This feature is only accessible to users logged in to WordPress.com.
Data Used: In order to process a comment like, the following information is used: WordPress.com user ID/username (you must be logged in to use this feature), the local site-specific user ID (if the user is signed in to the site on which the like occurred), and a true/false data point that tells us if the user liked a specific comment. If you perform a like action from one of our mobile apps, some additional information is used to track the activity: IP address, user agent, timestamp of event, blog ID, browser language, country code, and device info.
Activity Tracked: Comment likes.

Contact Form (BestWebSoft plugin)
Data Used: If Akismet is enabled on the site, the contact form submission data — IP address, user agent, name, email address, website, and message — is submitted to the Akismet service (also owned by Automattic) for the sole purpose of spam checking. The actual submission data is stored in the database of the site on which it was submitted and is emailed directly to the owner of the form (i.e. the site author who published the page on which the contact form resides). This email will include the submitter’s IP address, timestamp, name, email address, website, and message.
Data Synced: Post and post meta data associated with a user’s contact form submission. If Akismet is enabled on the site, the IP address and user agent originally submitted with the comment are synced, as well, as they are stored in post meta.

Google Analytics
Data Used: Please refer to the appropriate Google Analytics documentation for the specific type of data it collects. For sites running WooCommerce (also owned by Automattic) and this feature simultaneously and having all purchase tracking explicitly enabled, purchase events will send Google Analytics the following information: order number, product id and name, product category, total cost, and quantity of items purchased. Google Analytics does offer IP anonymization, which can be enabled by the site owner.
Activity Tracked: This feature sends page view events (and potentially video play events) over to Google Analytics for consumption. For sites running WooCommerce-powered stores, some additional events are also sent to Google Analytics: shopping cart additions and removals, product listing views and clicks, product detail views, and purchases. Tracking for each specific WooCommerce event needs to be enabled by the site owner.

Gravatar Hovercards
Data Used: This feature will send a hash of the user’s email address (if logged in to the site or WordPress.com — or if they submitted a comment on the site using their email address that is attached to an active Gravatar profile) to the Gravatar service (also owned by Automattic) in order to retrieve their profile image.

Infinite Scroll
Data Used: In order to record page views via WordPress.com Stats (which must be enabled for page view tracking here to work) with additional loads, the following information is used: IP address, WordPress.com user ID (if logged in), WordPress.com username (if logged in), user agent, visiting URL, referring URL, timestamp of event, browser language, country code.
Activity Tracked: Page views will be tracked with each additional load (i.e. when you scroll down to the bottom of the page and a new set of posts loads automatically). If the site owner has enabled Google Analytics to work with this feature, a page view event will also be sent to the appropriate Google Analytics account with each additional load.

Jetpack Comments
Data Used: Commenter’s name, email address, and site URL (if provided via the comment form), timestamp, and IP address. Additionally, a jetpack.wordpress.com IFrame receives the following data: WordPress.com blog ID attached to the site, ID of the post on which the comment is being submitted, commenter’s local user ID (if available), commenter’s local username (if available), commenter’s site URL (if available), MD5 hash of the commenter’s email address (if available), and the comment content. If Akismet (also owned by Automattic) is enabled on the site, the following information is sent to the service for the sole purpose of spam checking: commenter’s name, email address, site URL, IP address, and user agent.
Activity Tracked: The comment author’s name, email address, and site URL (if provided during the comment submission) are stored in cookies. Learn more about these cookies.
Data Synced (?): All data and metadata (see above) associated with comments. This includes the status of the comment and, if Akismet is enabled on the site, whether or not it was classified as spam by Akismet.

Notifications
This feature is only accessible to registered users of the site who are logged in to WordPress.com.
Data Used: IP address, WordPress.com user ID, WordPress.com username, WordPress.com-connected site ID and URL, Jetpack version, user agent, visiting URL, referring URL, timestamp of event, browser language, country code. Some visitor-related information or activity may be sent to the site owner via this feature. This may include: email address, WordPress.com username, site URL, email address, comment content, follow actions, etc.
Activity Tracked: Sending notifications (i.e. when we send a notification to a particular user), opening notifications (i.e. when a user opens a notification that they receive), performing an action from within the notification panel (e.g. liking a comment or marking a comment as spam), and clicking on any link from within the notification panel/interface.

Protect
Data Used: In order to check login activity and potentially block fraudulent attempts, the following information is used: attempting user’s IP address, attempting user’s email address/username (i.e. according to the value they were attempting to use during the login process), and all IP-related HTTP headers attached to the attempting user.
Activity Tracked: Failed login attempts (these include IP address and user agent). We also set a cookie (jpp_math_pass) for 1 day to remember if/when a user has successfully completed a math captcha to prove that they’re a real human. Learn more about this cookie.
Data Synced (?): Failed login attempts, which contain the user’s IP address, attempted username or email address, and user agent information.

Search
This feature is only available to sites on the Professional plan.
Data Used: Any of the visitor-chosen search filters and query data in order to process a search request on the WordPress.com servers.

Sharing
Data Used: When sharing content via email (this option is only available if Akismet is active on the site), the following information is used: sharing party’s name and email address (if the user is logged in, this information will be pulled directly from their account), IP address (for spam checking), user agent (for spam checking), and email body/content. This content will be sent to Akismet (also owned by Automattic) so that a spam check can be performed. Additionally, if reCAPTCHA (by Google) is enabled by the site owner, the sharing party’s IP address will be shared with that service. You can find Google’s privacy policy here.

Subscriptions
Data Used: To initiate and process subscriptions, the following information is used: subscriber’s email address and the ID of the post or comment (depending on the specific subscription being processed). In the event of a new subscription being initiated, we also collect some basic server data, including all of the subscribing user’s HTTP request headers, the IP address from which the subscribing user is viewing the page, and the URI which was given in order to access the page (REQUEST_URI and DOCUMENT_URI). This server data used for the exclusive purpose of monitoring and preventing abuse and spam.
Activity Tracked: Functionality cookies are set for a duration of 347 days to remember a visitor’s blog and post subscription choices if, in fact, they have an active subscription.

WordPress.com Secure Sign On
This feature is only accessible to registered users of the site with WordPress.com accounts.
Data Used: User ID (local site and WordPress.com), role (e.g. administrator), email address, username and display name. Additionally, for activity tracking (see below): IP address, WordPress.com user ID, WordPress.com username, WordPress.com-connected site ID and URL, Jetpack version, user agent, visiting URL, referring URL, timestamp of event, browser language, country code.
Activity Tracked: The following usage events are recorded: starting the login process, completing the login process, failing the login process, successfully being redirected after login, and failing to be redirected after login. Several functionality cookies are also set, and these are detailed explicitly in our Cookie documentation.
Data Synced (?): The user ID and role of any user who successfully signed in via this feature.

WordPress.com Stats
Data Used: IP address, WordPress.com user ID (if logged in), WordPress.com username (if logged in), user agent, visiting URL, referring URL, timestamp of event, browser language, country code. Important: The site owner does not have access to any of this information via this feature. For example, a site owner can see that a specific post has 285 views, but he/she cannot see which specific users/accounts viewed that post. Stats logs — containing visitor IP addresses and WordPress.com usernames (if available) — are retained by Automattic for 28 days and are used for the sole purpose of powering this feature.
Activity Tracked: Post and page views, video plays (if videos are hosted by WordPress.com), outbound link clicks, referring URLs and search engine terms, and country. When this module is enabled, Jetpack also tracks performance on each page load that includes the Javascript file used for tracking stats. This is exclusively for aggregate performance tracking across Jetpack sites in order to make sure that our plugin and code is not causing performance issues. This includes the tracking of page load times and resource loading duration (image files, Javascript files, CSS files, etc.). The site owner has the ability to force this feature to honor DNT settings of visitors. By default, DNT is currently not honored.

WordPress.com Toolbar
This feature is only accessible to registered users of the site who are also logged in to WordPress.com.
Data Used: Gravatar image URL of the logged-in user in order to display it in the toolbar and the WordPress.com user ID of the logged-in user. Additionally, for activity tracking (detailed below): IP address, WordPress.com user ID, WordPress.com username, WordPress.com-connected site ID and URL, Jetpack version, user agent, visiting URL, referring URL, timestamp of event, browser language, country code.
Activity Tracked: Click actions within the toolbar.

(8) Who we share your data with

This site is powered by WordPress. By default, WordPress does not share any personal data with anyone.

Please be aware that if you follow a link from this site to another site, we are not responsible for that site’s privacy and data practices. Users would need to view that site’s privacy polciy for the necessary information. This includes “liking” and sharing information from this site on social media sites.

This site is hosted by Bluehost.com, and its data is maintained on their serves. View their privacy policy: https://www.bluehost.com/terms/privacy-policy

If you subscribe to our site’s blog posts or to comments on posts, your information will be processed either by WordPress or Google feedburner. View their privacy policies:

https://wordpress.org/about/privacy/ and https://policies.google.com/privacy

If you subscribe to this site’s newsletter, your information will be used to send you newsletter emails. This is powered by Email Subscribers. View their privacy in the section below entitled “We also use.”

(9) How long we retain your data

If you leave a comment, the comment and its metdata are retained indefinitely. This is so we can recognize and approve any follow-up comments instead of holding them in a moderation queue.

If you submit communication through our contact form, your contact information and message are retained indefinitely. This is so we can have a record of communications and so we can respond to your message. Information submitted in this way will not be used for marketing purposes.

Users may register on our website. We store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

(10) What rights you have over your data

If you have an account on our site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service. We use Askimet and Jetpack, both of which Automattic owns. View Automattic’s privacy policy: https://automattic.com/privacy/

Askimet blocks spam, and Jetpack provides “security and protection features, up-time monitoring, site stats, a free global CDN that optimizes and speeds up your images, and various traffic tools like Related Posts and Publicize.”

(11) We also use:

Email Subscribers for subscriptions to our newsletter.

Email Subscribers does not store any of your personal data on its site. Email Subscribers creates the following tables in my WordPress site:

  • {prefix}es_emaillist: This has all your subscribers information.
  • {prefix}es_notification: This has all the post notification that you create to send new blog notification.
  • {prefix}es_sentdetails: This is a logs which has information about post notification and newsletter emails that you have sent.
  • {prefix}es_deliverreport: This is a detailed logs which has information about post notification and newsletter emails that you have sent.

Additionally, as Templates is Custom Post Type, all the templates that we create (for newsletter or post notification) are stored in the WordPress Post & Postmeta table.

View Email Subscribers’s privacy:

Privacy policy

We use WordPress or Google feedburner for blog post subscriptions and comment subscriptions. View their privacy policies: https://wordpress.org/about/privacy/   https://policies.google.com/privacy

(12) We use the Print Friendly and PDF plugin for our readers to print our stories. View their privacy policy: https://www.printfriendly.com/privacy

(13) This site is hosted by Bluehost.com, and its data is maintained on its servers. View Bluehost’s privacy policy: https://www.endurance.com/privacy/privacy

(14) Our contact information

Email: contact @ storiesfromacottage.com or use our contact form

U.S. Mail: Stories from a Cottage, 445 Highland Avenue, Athens, GA 30606

(15) Additional information

We do not use this site for commercial purposes or for more complex collection or processing of personal data.

(16) How we protect your data

Data is protected by our web host, Bluehost.com, on personal computers with regular malware scans, or occasionally on paper filed in secure locations. We also use sitelock.com for regular malware scans. View sitelock’s privacy policy: https://www.sitelock.com/privacy-policy

What data breach procedures we have in place

Should there be a data breach, we would contact those involved as soon as possible via the appropriate method (website blog post, newsletter subscribers’ email, etc.). Note that we never collect financial or other information of that sort.

(17) What third parties we receive data from

None, to our knowledge

(18) What automated decision making and/or profiling we do with user data

Automated decision making and/or profiling is not done on this site, other than Akismet Anti-spam (view Automattic’s privacy policy: https://automattic.com/privacy/ ) and security protection provided by sitelock.com and Automattic.

(19) Industry regulatory disclosure requirements

This site is not a member of a regulated industry, nor it is subject to additional privacy laws.

Privacy Notice for California Residents

Effective Date: January, 2020

Last Reviewed on: January, 2020

This Privacy Notice for California Residents supplements the information contained in our privacy policy above and applies solely to all visitors, users, and others who reside in the State of California (”consumers” or “you”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 (CCPA) and any terms defined in the CCPA have the same meaning when used in this notice.

Information We Collect

Our Website collects information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (”personal information”). In particular, our website has collected the following categories of personal information from its consumers within the last twelve (12) months:

Category A: Identifiers

Examples: A real name, Internet Protocol address, email address, or other similar identifiers.

Collected: YES

Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

Examples: A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.

Collected: NO

Category C: Protected classification characteristics under California or federal law.

Examples: Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).

Collected: NO

Personal information does not include:

  • Publicly available information from government records.
  • De-identified or aggregated consumer information.
  • Information excluded from the CCPA’s scope, like:
  • health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
  • personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

We obtains the categories of personal information listed above from the following categories of sources:

  • Directly from you. For example, from forms you complete on our website.
  • Indirectly from you. For example, from observing your actions on our website or interactions with our advertisers.

Use of Personal Information

We may use, or disclose the personal information we collect for one or more of the following business purposes:

  • To fulfill or meet the reason you provided the information. For example, if you share your name and contact information to publish a story, we will use that personal information to respond to your inquiry.
  • To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
  • As described to you when collecting your personal information or as otherwise set forth in the CCPA.
  • We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

Sharing Personal Information

This site is powered by WordPress. By default, WordPress does not share any personal data with anyone.

Please be aware that if you follow a link from this site to another site, we are not responsible for that site’s privacy and data practices. Users would need to view that site’s privacy polciy for the necessary information. This includes “liking” and sharing information from this site on social media sites.

This site is hosted by Bluehost.com, and its data is maintained on their serves. View their privacy policy: https://www.bluehost.com/terms/privacy-policy

If you subscribe to our site’s blog posts or to comments on posts, your information will be processed either by WordPress or Google feedburner. View their privacy policies:

https://wordpress.org/about/privacy/ and https://policies.google.com/privacy

If you subscribe to this site’s newsletter, your information will be used to send you newsletter emails. This is powered by Email Subscribers. View their privacy in the section below entitled “We also use.”

Disclosures of Personal Information for a Business Purpose

In the preceding twelve (12) months, we have not disclosed personal information for a business purpose.

Sales of Personal Information

In the preceding twelve (12) months, we have not sold personal information. We do not have future plans to sell your personal information.

Your Rights and Choices

The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

Access to Specific Information and Data Portability Rights

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business or commercial purpose for collecting or selling that personal information.
  • The categories of third parties with whom we share that personal information. (We do not sell your personal data to third parties.)
  • The specific pieces of personal information we collected about you (also called a data portability request).
  • If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
  • sales, identifying the personal information categories that each category of recipient purchased; and
  • disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.

Deletion Request Rights

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

  • Complete the transaction for which we collected the personal information, provide a service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  • Debug products to identify and repair errors that impair existing intended functionality.
  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  • Comply with a legal obligation.
  • Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Exercising Access, Data Portability, and Deletion Rights

To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by sending us a message on our website. Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Response Timing and Format

We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to [45/90] days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance, specifically by electronic mail communication.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Personal Information Sales Opt-Out and Opt-In Rights

We do not sell your personal information to third parties. We have no future plans to sell your personal information to third parties.

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights.

California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send us an electronic message through our website or write us at our address listed on our web page.

Changes to Our Privacy Notice

We reserve the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will post the updated notice on the Website and update the notice’s effective date. Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.

Contact Information

If you have any questions or comments about this notice, the ways in which we collect and uses your information described below [and in the Privacy Policy], your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us as follows

  • Email: contact@storiesfromacottage.com
  • U.S. Mail: 445 Highland Avenue, Athens, GA 30606

Last updated: November 9, 2020