PRIVACY STATEMENT
This privacy statement outlines how we collect and use your information on this website.
PERSONAL INFORMATION WE COLLECT ON THIS WEBSITE
When you are visiting our website or purchase products from our store, as part of the process, we will collect the personal information you give us:
ANALYTICS
This website collects personal data to power our site analytics, including:
Information about your browser, network, and device
Web pages you visited prior to coming to this website
Your IP address
This information may also include details about your use of this website, including:
Clicks
Internal links
Pages visited
Scrolling
Searches
Timestamps
We share this information with Squarespace, our website analytics provider, to learn about site traffic and activity.
VISITOR DATA
When you buy something on this website, we collect personal information from you to fulfill the order. We may collect information like your:
Billing and shipping address
Details relating to your purchase (for example, your shirt size)
Email address
Name
Phone number
We share this information with Squarespace, our online store hosting provider, so that they can provide website services to us.
As you go through checkout, this site may auto-complete your shipping and billing address by sharing what you type with the Google Places API and returning suggestions to you to improve your checkout experience.
CUSTOMER ACCOUNTS
If you create a customer account on this website, we collect personal information to improve our checkout experience and customer service.
This information may include your:
Billing and shipping address(es)
Details about your orders (for example, your shirt size)
Email address
Name
Phone number
We share this information with Squarespace, our website hosting provider, so they can provide website services to us.
We use SSL (Secure Sockets Layer) to make sure that information you exchange with our website is securely encrypted and secure from interception.
CONSENT
How do we get your consent?
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
We may send you emails about our store, new products and other updates, but we will ask for your explicit permission before doing that.
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time, by contacting us at Highlandpatissier@gmail.com or mailing us at: highland pâtissier 9 Skinner Place, Dornoch, Sutherland, IV25 3LL, United Kingdom
DISCLOSURE
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
PAYMENT
If you choose a direct payment gateway to complete your purchase, then payment gateway (for example, PayPal or WorldPay) stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
THIRD-PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the way your personal information will be handled by these providers.
Remember that certain providers may be in or have facilities that are located in a different jurisdiction than either you or us. So, if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.
FONTS
This website uses font files from Google Fonts and Adobe Fonts. To properly display this site to you, servers where the font files are stored may receive personal information about you, including:
Information about your browser, network, or device
Your IP address
LINKS
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
EMAILS
You’ll receive an automated email within 24 hours after you abandon your shopping cart, if all of the following occur:
You enter your email address at checkout, or are logged into your Customer Account.
You add a product which is in stock to your shopping cart.
You close your browser or leave this website without completing your purchase.
You can unsubscribe from these messages at the bottom of the email.
The email will link back to this website, where you can pick up where you left off and complete your purchase.
We may send you marketing emails, which you can unsubscribe from by clicking the link at the bottom of the email. We share your contact information with Squarespace, our email marketing provider, so they can send these emails on our behalf.
We may email you with messages about your order or account activity. For example, we may email you to tell you that:
You’ve created a Customer Account
Your Customer Account password has been reset or updated
You’ve made a purchase
Your order has shipped
It’s not possible to unsubscribe from these messages.
We share your contact information with Squarespace, our website hosting provider, so they can send these emails to you on our behalf.
SECURITY
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL). Although no method of transmission over the Internet or electronic storage is 100% secure, we follow recommendations and implement additional generally accepted industry standards.
COOKIES
We use some necessary cookies because they allow visitors to navigate and use key features on our site.
Here is a list of cookies we may use:
Functional and Required Cookies
|
Name |
Purpose, type, and duration |
|
_acloggedin |
Supports login by Scheduling client if the client has an account. |
|
Cookie |
|
|
- |
|
|
_client_acloggedin |
Supports login by Scheduling client if the client has an account. |
|
Cookie |
|
|
- |
|
|
algoliasearch-client-js |
Adds auto-populated suggestions to address fields in Scheduling to help clients complete forms faster. |
|
localstorage |
|
|
Persistent |
|
|
AWSALB, AWSALBCORS |
Improves performance in Scheduling by using one server for the duration of the session. |
|
Cookie |
|
|
1 week |
|
|
CART |
Shows when a visitor adds a product to their cart |
|
Cookie |
|
|
2 weeks |
|
|
CHECKOUT_WEBSITE |
Identifies the correct site for checkout when Checkout on Your Domain is disabled. |
|
Cookie |
|
|
Session |
|
|
Commerce-checkout-state |
Stores state of checkout while the visitor is completing their order in PayPal |
|
sessionstorage |
|
|
Session |
|
|
Crumb |
|
|
Cookie |
|
|
Session |
|
|
hasCart |
Tells Squarespace that the visitor has a cart |
|
Cookie |
|
|
2 weeks |
|
|
Locked |
Prevents the password-protected screen from displaying if a visitor enters the correct site-wide password. |
|
Cookie |
|
|
Session |
|
|
PHPSESSID |
Securely authenticates a visitor during their checkout in Scheduling. |
|
Cookie |
|
|
1 month |
|
|
RecentRedirect |
Prevents redirect loops if a site has custom URL redirects. Redirect loops are bad for SEO. |
|
Cookie |
|
|
30 minutes |
|
|
remember_client |
Remembers Scheduling client’s login details if they have an account. |
|
Cookie |
|
|
365 days |
|
|
siteUserCrumb |
Prevents cross-site request forgery (CSRF) for logged in site users. |
|
Cookie |
|
|
3 years |
|
|
SiteUserInfo |
|
|
Cookie |
|
|
3 years |
|
|
SiteUserSecureAuthToken |
Authenticates a visitor who logs into a customer account |
|
Cookie |
|
|
3 years |
|
|
squarespace-announcement-bar |
Prevents the announcement bar from displaying if a visitor dismisses it |
|
localstorage |
|
|
Persistent |
|
|
squarespace-likes |
Shows when you've already "liked" a blog post. |
|
localstorage |
|
|
Persistent |
|
|
squarespace-popup-overlay |
Prevents the promotional pop-up from displaying if a visitor dismisses it |
|
localstorage |
|
|
Persistent |
|
|
ss_sd |
Ensures that visitors on the Squarespace 5 platform remain authenticated during their sessions. |
|
Cookie |
|
|
Session |
|
|
Test |
Investigates if the browser supports cookies and prevents errors. |
|
Cookie |
|
|
Session |
|
|
TZ |
Allows a Scheduling client’s appointments to display correctly based on their time zone preferences. |
|
localstorage |
|
|
Persistent |
Analytics and Performance Cookies
|
Cookie Name |
Duration |
Purpose |
|
ss_cid |
2 years |
Identifies unique visitors and tracks a visitor’s sessions on a site |
|
ss_cookieAllowed |
30 days |
Remembers if a visitor agreed to placing Analytics cookies on their browser if a site is restricting the placement of cookies |
|
ss_cpvisit |
2 years |
Identifies unique visitors and tracks a visitor’s sessions on a site |
|
ss_cvisit |
30 minutes |
Identifies unique visitors and tracks a visitor’s sessions on a site |
|
ss_cvr |
2 years |
Identifies unique visitors and tracks a visitor’s sessions on a site |
|
ss_cvt |
30 minutes |
Identifies unique visitors and tracks a visitor’s sessions on a site |
CHANGES TO THIS PRIVACY POLICY
We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information, contact us at Highlandpatissier@gmail.com or by mail at 9 skinner place, Sutherland, Dornoch, IV25 3LL, UK