Privacy Policy

Who we are

We are Addicted to Chocolate. Owned and operated in Morphett Vale, South Australia. Our website address is: https://addictedtochocolate.com.au

Non-Personal data we collect

For each request to the website, we expressly collect the following non-personal information via the web server software about the device you are using to connect to it (Computer desktop, phone, tablet etc). We use this information for our own troubleshooting, security, marketing and statistical purposes:

• The IP address of the device making the request
• The browser type, version and language
• The date and time the device accessed the site
• The previous page the device visited (‘referrer’)
• The pages the device accessed and any documents downloaded
• The success/failure code of the request, and
• The devices operating system.

What personal data we collect

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms

Cookies

We use cookies to remember and process the items in your cart, understand and save your preferences for future visits. Our web server also instructs your browser to keep hold of images for a limited amount of time in order to speed up your next visit.

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Our website also contains links to other 3rd party sites. We have no control over their websites and cannot be held responsible for anything that happens when you visit their sites. We make best efforts to only provide quality links to other sites but they can change at any time without notice. By clicking on these links you agree to release Addicted to Chocolate from responsibility for your data.

Who we share your data with

For payments, we share basic transaction information with our payment processor, Square. When you make a purchase on our website we do not store your credit card information. The form you fill in to make payment is a form that belongs to Square and the information is passed on directly to them, encrypted. You are not required to create or hold an account with us in order to make a purchase. You may remain a ‘guest’ and your private details are only stored in order to fulfil the purchase.

We share analytics data (traffic sessions, page navigation) with Google & Hotjar.

If subscribing to our newsletter, we will pass your name and email address to Survey Monkey or similar mailing service.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

Regarding your orders through our store, we retain order information as follows:

• We retain inactive accounts for 90 days
• We retain orders in the pending status for 30 days
• We retain failed orders for 7 days
• We retain cancelled orders for 7 days
• We retain completed orders for 24 months for accounts purposes.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

Our contact information

The most current contact information can be found at the footer of this page.

How we protect your data

We protect your data by means of encrypted communication between your computer and our website store.  We achieve this via SSL Secure Socket Layer, RSA 2048 bits using sha256 communication. We only pass your information to our payment gateway processor, Square so they can handle the payment. We then use your information to simply fulfil your order with us. We do not share your information with anyone else outside of this.

Square is PCI compliant meaning they protect your credit card data with the highest bank grade security. Their privacy policy can be found here: https://squareup.com/au/legal/privacy

Our website is protected by a firewall so that any data stored on our site is secured from external attacks.

What data breach procedures we have in place

Our website is protected by Wordfence firewall. It monitors and logs all traffic behaviour and reports to us of any suspicious activity. You may read more about Wordfence’s GDPR policy here: https://www.wordfence.com/help/general-data-protection-regulation/

What third parties we receive data from

We receive data from Instagram in order to serve our own Instagram feed onto our website home page. Your computer will make contact with Instagram in order to obtain the posts from our profile on Instagram, therefore you may wish to read their privacy policy. More information can be found from Instagram: https://help.instagram.com/402411646841720

Consent and Policy Changes

By using this site you consent to this privacy policy.

If we decide to change this policy we will do so by modifying this page. This page was last updated 12/10/2018

If you have any additional concerns for your personal information and / or security on this particular website, please do not hesitate to contact us

If you are interested in obtaining additional information of privacy, you can visit the Australian Federal Privacy Commissioner’s Website at www.privacy.gov.au