Privacy
Fat Stone Farm, LLC Privacy Policy
Effective Date: September 7, 2017
Version number: 2.0
From our website launch in September 2016 until May 2017 less than 0.01% of our visitors looked at our Privacy Policy. The handful of people who did look were likely our Service Providers.
The collection, use, transfer and storage of your personally identifiable information (PII) or personally related information (PRI) should be of concern to you.
Neither your PII nor mine appear to be (well) protected under current US law. With its 2004 and 2013 online privacy related State laws, California seems to be the most proactive in the US in requiring website owners to declare a “privacy policy.” But for other than financial institutions, the law is a far cry from restricting the collection and use of PII. Furthermore, it’s only related to California consumers.
Privacy Tools That You Can Use
If you want to understand how you are tracked I would suggest downloading the Ghostery app from www.ghostery.com. I have no personal connection to the company and it’s even possible that by downloading the browser you actually INCREASE your tracking and insecurity – however – I would be remiss if I did not share with you a resource that I believe has helped me control the amount of PII and PRI about me floating out there in the cloud.
If you choose to install Ghostery please be aware that you will not be able to access our website without unblocking a few of our trackers. Yes, we are tracking you (please read on)! We do want you to become and stay a customer so we encourage you to unblock what you have to. On the other hand, we think your privacy is something that you should ultimately control. Ghostery seems helpful. It’s your choice. My mother-in-law doesn’t care but maybe you should -- for the next generation?
Protecting your PRI as well as your PII
One further note – personally identifiable information (PII) is generally defined as the “details collected on the Internet about an individual consumer, including an individual’s first and last name, a physical street address, an email address, a telephone number, a Social Security number, or any other information that permits a specific individual to be contacted physically or online.” The term extends to details such as a person’s birthday, height, weight or hair color that are collected online and stored by an operator in personally identifiable form.
However, PII is only a fraction of the information about YOU that internet companies spend billions of dollars every year tracking. Above I referred to personally related information (PRI) which is a term that I coined to describe the meta-data trail that you leave behind wherever you go online. This trail might not contain any particular piece of information that would fall into the PII definition, but it might be enough personally related information that when combined with other bits of personally related data allows YOU and YOUR activity to be identified (with a high degree of probability). Whereas you might be able to ask a company to scrub your PII from its database, there are no mechanisms in place for you to erase or control your PRI.
Advanced PRI technologies are already well developed at the largest internet companies, I believe. So while most stated privacy concerns are directed at PII, it’s really PRI that requires equal attention.
We Promise to Try our Best
As a small farm and internet seller of food, we depend completely on larger internet companies for all our Software as a Service (SaaS) needs. In many ways, I am very thankful that I can purchase these services that help me transact with my customers, run contests and sweepstakes, improve my website, analyze my traffic, and so on and so forth.
On a periodic basis we read these companies privacy policies and look for changes (Privacy Policies generally range from 2,500 to 3,500 words in my estimate), but the fact of the matter is that these policies are just promises. And the promises are crafted by cadres of lawyers. And the degree to which these companies gather and use personally related information (PRI) is unknown to us.
Unless we at Fat Stone Farm sell our small farm business someday, we will never sell your PII. We depend on several large reputable service providers to collect and securely store your PII, including transaction (credit card) information. And we won’t knowingly sell your PRI either.
If you have any questions about what information we collect and how we use it, and what you can do about it please do not hesitate to contact me at 139-3 Joshuatown Road, Lyme, CT 06371. Drop me a note with your telephone number and I will give you a call to answer your questions. Thanks for taking the time to read our policy.
Formal Introduction to Our Privacy Policy
Our Privacy Policy explains how Fat Stone Farm, LLC (“We” or “Us”) collects, uses, and discloses information from our customers and online visitors when they purchase our products online, use our website or when they otherwise interact with us through email, sweepstakes, contests, social advertisements or in any other way. It also tells you how you might be able to control what PII we have collected and store about you and it informs you that our privacy policy may change at any time so be sure to check back here from time to time.
Our Privacy Policy is incorporated into our Terms of Use, and describes: (i) the types of information we or our Service Providers collect when you use our Site, (ii) how we use that information, (iii) how we may share your information, and (iv) the options we offer you pertaining to the information we collect. By using our Site or interacting with us in any other way, you consent to our collection and use of your information as described in this Privacy Policy.
SECTION 1 – INFORMATION THAT WE COLLECT
When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address and other Personally Identifiable Information (PII).
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
Payment:
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
COLLECTION OF PERSONALLY IDENTIFYABLE OR RELATED INFORMATION (PII & PRI)
When you browse our store or interact with us in any other way we or our Service Providers (referred to as “We”) may collect and store personally related information (PRI). If you are a customer, this PRI may become PII. PRI can fall into any number of categories, including but not limited to:
Log Information: We log information about your use of our Website, including the type of browser you use, access times, pages viewed, your IP address, your general location, and the page you visited before navigating to Website.
Device Information: We collect information about the computer or mobile device you use to access our Services, including the hardware model, operating system and version, unique device identifiers and mobile network information.
Information Collected by Cookies and Other Tracking Technologies: We use various technologies to collect information, including cookies, pixels and web beacons. Cookies are small data files stored on your hard drive or in device memory that help us improve our Website and your experience, see which areas and features of our Website are popular, and count visits. Web beacons are electronic images that may be used in our Website or emails and help deliver cookies, count visits and understand usage and campaign effectiveness. For more information about cookies, and how to disable them, please see "Your Choices" below.
Advertising and Analytics Services Provided by Others: We may allow others to serve advertisements on our behalf across the Internet and to provide analytics services. These entities may use cookies, web beacons and other technologies to collect information about your use of the Services and other websites, including your IP address, web browser, pages viewed, time spent on pages, links clicked and conversion information. This information may be used by Fat Stone Farm and others to, among other things, analyze and track data, determine the popularity of certain content, deliver advertising and content targeted to your interests on our Services and other websites and better understand your online activity. For more information about interest-based ads, or to opt out of having your web browsing information used for behavioral advertising purposes, please visit www.aboutads.info/choices.
Information We Collect From Other Sources: We may also obtain information from other sources and combine that with information we collect through our Services. For example, we may collect information about you from third parties, including but not limited to social media sites, identity verification services, credit bureaus, mailing list providers and publicly available sources.
SECTION 2 – HOW WE USE THE INFORMATION
We may use information about you for various purposes, including to:
- Provide, maintain, customize, and improve our Website;
- Provide and deliver the products you request, process transactions and send you related information, including confirmations and shipping information,
- Respond to your comments, questions and requests and provide customer service;
- Administer contests and sweepstakes
- Communicate with you about products, offers, promotions, rewards, and events offered by Fat Stone Farm and provide news and information we think will be of interest to you;
- Developed target advertising
- Monitor and analyze trends, usage and activities in connection with our Website; and
- Carry out any other purpose for which the information was collected.
Fat Stone Farm is based in the United States and the information we collect is governed by U.S. law. By being a Fat Stone Farm customer and otherwise providing information to us, you consent to the processing and transfer of information in and to the U.S. and other countries.
SECTION 3 – HOW WE SHARE THE INFORMATION
We may share information about you as follows or as otherwise described in this Privacy Policy:
- With vendors, consultants and other Service Providers who need access to such information to carry out work on our behalf;
- In response to a request for information if we believe disclosure is in accordance with any applicable law, regulation, or legal process, or as otherwise required by any applicable law, rule or regulation; or if you violate our Terms of Service.
- In connection with, or during negotiations of, any merger, sale of company assets, financing or acquisition of all or a portion of our business by another company; and
- With your consent or at your direction.
- We may allow others to serve advertisements on our behalf across the Internet and to provide analytics services. These entities may use cookies, web beacons and other technologies to collect information about your use of the Services and other websites,
- We may also share aggregated or de-identified information, which cannot reasonably be used to identify you. We do not sell your PII or PRI.
- In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
- However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
- For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
- In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
- As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
- Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.
- When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
SECTION 4: HOW WE PROTECT YOUR INFORMATION
We depend heavily on our Software as a Service (SaaS) providers to protect your personal information against unauthorized or unlawful access, processing and against accidental loss, destruction or damage. We also limit access to personal information about you to employees who reasonably need access to it to provide our Site, or in order to do their jobs. However, because no security system can be 100% effective, we cannot completely guarantee the security of any information we may have collected from or about you. In addition, we have no control over the security of other web sites on the Internet that you might visit even when a link may appear to those web sites site from our Site. If you share your computer or use a computer that is accessed by the general public, remember to log off and close your browser window when you have finished your session.
SECTION 5 – THE CHOICES WE GIVE YOU ABOUT YOUR PII
Below is a description of the process by which our customers can review and request changes to your personally identifiable information as collected by us.
We and our Service Providers store your PII in order to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase. Please contact us (see contact information below) and we can remove your stored information from the system.
To review, request changes or completely remove your PII from our system please contact us at bill@fatstonefarm.com or mailing us at, Fat Stone Farm, LLC, 139-3 Joshuatown Rd, Lyme Connecticut US 06371
To remove yourself from any email or marketing list, simply use the “unsubscribe” feature provided at the bottom of every email.
If at any time you wish for us to stop collecting PII or PRI about you, you can enable or download cookie blocking software and other tools such as Ghostery that will prevent some or all data collection.
SECTION 6 - AGE OF CONSENT
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
SECTION 7 – CHILDERN UNDER 13
Children under the age of 13 are not permitted to use this Site or our services. We do not knowingly collect any personal information from children under 13. If we become aware that someone attempting to register on our Site is under 13, we will attempt to delete the information he or she provided as soon as possible.
SECTION 8 – FOR CALIFORNIA USERS
In addition to the rights set forth in this Privacy Policy, Residents of California ("California Users"), may request information regarding the types of personal information we share with third parties for direct marketing purposes, and the identities of the third parties with whom we have shared such information during the immediately preceding calendar year. California Users may request further information about our compliance with this law by sending us a message via the email address set forth below. Please note that we are only required to respond to one request per customer each year concerning this law, and we are not required to respond to requests made by means other than via email.
SECTION 9 - CHANGES TO THIS PRIVACY POLICY
We reserve the right to change this Privacy Policy from time to time. If we make changes, we will notify you by revising the date at the top of the policy and, in some cases, we may provide you with additional notice (such as adding a statement to our homepage or sending you an email notification). We encourage you to review the Privacy Policy whenever you access our site or otherwise interact with us to stay informed about our information practices and the ways you can help protect your privacy. If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at bill@fatstonefarm.com or by mail at
Fat Stone Farm, LLC
[Attn: Privacy Compliance Officer]
139-3 Joshuatown Rd, Lyme, Connecticut US 06371