Who are we?

Our website address is: https://www.virungabluemountains.com.

Comments

When you leave a comment on our site, the data entered in the comment form, but also your IP address and your browser’s user agent are collected to help us detect unwanted comments

An anonymised string created from your email address (also known as a hash) can be sent to the Gravatar service to check whether you are using the service. The privacy policy of the Gravatar service is available here: https://automattic.com/privacy/. After your comment has been validated, your profile picture will be publicly visible next to your comment.

Media

If you upload images to the site, we advise you to avoid uploading images that contain EXIF data of GPS coordinates. People visiting your site can download and extract location data from these images.

Cookies

If you leave a comment on our site, you will be asked to save your name, email address and site in cookies. This is only for your convenience so that you do not have to enter this information if you leave another comment later. These cookies expire after one year.

If you go to the login page, a temporary cookie will be created to determine whether your browser accepts cookies. It does not contain any personal data and will be deleted automatically when you close your browser.

When you log in, we will set a number of cookies to store your login information and screen preferences. The lifetime of a login cookie is two days, and the lifetime of a screen preference cookie is one year. If you check “Remember me”, your login cookie will be retained for a fortnight. If you log out of your account, the login cookie will be deleted.

By editing or publishing a publication, an additional cookie will be stored in your browser. This cookie does not contain any personal data. It simply indicates the ID of the publication you just edited. It expires after one day.

Embedded content from other sites

Articles on this site may include embedded content (e.g. videos, images, articles…). Embedded content from other sites behaves in the same way as if the visitor were on that other site.

These websites may collect data about you, use cookies, embed third-party tracking tools, track your interactions with these embedded contents if you have a logged-in account on their website.

Use and transmission of your personal data

If you request a password reset, your IP address will be included in the reset email.

How long your data is stored

If you leave a comment, the comment and its metadata are retained indefinitely. This allows subsequent comments to be automatically recognised and approved instead of being left in the moderation queue.

For accounts that register on our site (if any), we also store the personal data specified in their profile. All accounts can view, edit or delete their personal information at any time (with the exception of their user ID). Site managers can also view and edit this information.

The rights you have over your data

If you have an account or have left comments on the site, you can request to receive a file containing all the personal data we hold about you, including that which you have provided to us. You can also request the deletion of your personal data. This does not include data stored for administrative, legal or security purposes.

Transmission of your personal data

Visitors’ comments can be checked with an automated comment detection service.

SECTION 1 – PERSONAL INFORMATION COLLECTED When you make a purchase from our shop, as part of our buying and selling process, we collect the personal information you provide, such as your name, address and e-mail address. When you browse our shop, we also automatically receive the Internet Protocol (IP) address of your computer, which allows us to obtain more details about the browser and operating system you are using. E-mail marketing (where applicable): With your permission, we may send you emails about our shop, new products and other updates. SECTION 2 – CONSENT How do you obtain my consent? When you provide us with your personal information to complete a transaction, verify your credit card, place an order, schedule a delivery or return a purchase, we assume that you consent to our collection and use of your information for this purpose only. If we ask you to provide your personal information for any other reason, such as marketing purposes, we will ask you directly for your express consent, or we will give you the opportunity to decline. How do I withdraw my consent? If, after you have given us your consent, you change your mind and no longer consent to our contacting you, collecting your information or disclosing it, you may notify us by contacting us at info@virungaluemountains.com. SECTION 3 – DISCLOSURE We may disclose your personal information if we are required to do so by law or if you breach our Terms and Conditions. SECTION 4 – SHOPIFY Our shop is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our services and products to you. Your data is stored in Shopify’s data storage system and databases, and in the general Shopify application. Your data is stored on a secure server protected by a firewall. Payment: If you make your purchase through a direct payment gateway, in this case Shopify will store your credit card information. This information is encrypted in accordance with the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction information is retained for as long as necessary to complete your order. Once your order is finalized, your purchase transaction information is deleted. All direct payment gateways are PCI-DSS compliant, managed by the PCI Security Standards Council, which is a joint effort of companies such as Visa, MasterCard, American Express and Discover. The PCI-DSS requirements ensure the secure processing of credit card data by our shop and its service providers. For more information, please see the Shopify Terms of Service here or the Privacy Policy here. SECTION 5 – SERVICES PROVIDED BY THIRD PARTIES Generally, the third party providers we use will only collect, use and disclose your information to the extent necessary to perform the services they provide to us. However, some third party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies regarding the information we are required to provide to them for your purchase transactions. With respect to these providers, we recommend that you read their privacy policies carefully so that you can understand how they will handle your personal information. You should keep in mind that some suppliers may be located or have facilities located in a different jurisdiction than you or us. So if you decide to proceed with a transaction that requires the services of a third party supplier, then your information may be governed by the laws of the jurisdiction in which that supplier is located or the jurisdiction in which its facilities are located. For example, if you are located in Canada and your transaction is processed through a payment gateway located in the United States, your information used to complete the transaction may be disclosed under United States law, including the Patriot Act. Once you leave our shop site or are redirected to a third party website or application, you are no longer governed by this Privacy Policy or our website’s Terms and Conditions. Links You may leave our website by clicking on certain links on our website. We assume no responsibility for the privacy practices of such other sites and recommend that you read their privacy policies carefully. ARTICLE 6 – SECURITY To protect your personal information, we take reasonable precautions and follow industry best practices to ensure that it is not lost, misappropriated, accessed, disclosed, altered or destroyed in an inappropriate manner. If you provide us with your credit card information, it will be encrypted through the use of Secure Sockets Layer (SSL) and stored with AES-256 encryption. While no method of transmission over the Internet or electronic storage is 100% secure, we follow all the requirements of the PCI-DSS and implement additional generally accepted industry standards. COOKIES The following is a list of cookies that we use. We have listed them here so that you can choose whether or not to allow them. session_id, a unique session identifier, allows Shopify to store information about your session (referrer, landing page, etc). _shopify_visit, no data retained, persists for 30 minutes since last visit. Used by our website provider’s internal statistics tracking system to record the number of visits. shopify_uniq, no data held, expires at midnight (depending on the location of the visitor) the next day. Calculates the number of visits to a shop per unique customer. cart, unique identifier, persists for 2 weeks, stores your shopping cart information. _secure_session_id, unique session identifier storefront_digest, unique identifier, undefined if the shop has a password, it is used to know if the current visitor has access. SECTION 7 – AGE OF CONSENT By using this site, you represent that you are at least the age of majority in your state or province of residence, and that you have given us your consent to allow any minor in your care to use this website. SECTION 8 – CHANGES TO THIS PRIVACY POLICY We reserve the right to change this Privacy Policy at any time, so please check back frequently. Changes and clarifications will take effect immediately upon posting on the website. If we make changes to the content of this policy, we will notify you here that it has been updated, so that you will know what information we collect, how we use it, and under what circumstances, if any, we disclose it. If our shop is acquired by or merged with another company, your information may be transferred to the new owners so that we can continue to sell products to you. QUESTIONS AND CONTACT INFORMATION If you wish to: access, correct, amend or delete any personal information we have about you, make a complaint, or if you simply wish to have more information, contact our Privacy Standards Officer at info@virungaluemountains.com or by mail at Virunga Blue Mountains [Re: Privacy Standards Officer]