- Personal Data We May Collect About You We will collect various types of personal data about you for the purposes described in this Policy, including:
- Contact information (such as your name, birthday, nationality, email address, postal address, telephone number and any other personal data) that you provide by completing forms on the Website, including if you subscribe to our newsletter and register and create an account on the Website;
- Details of any transactions made by you;
- Personal data that may be contained in communications you send to us, for example to report a problem or to submit queries, concerns or comments regarding the Website or its content;
- Information from surveys that we may, from time to time, conduct on the Website for research purposes, if you choose to respond to, or participate in, them;
- Credit/debit card information, which is considered to be sensitive personal data in certain countries such as Mexico;
- Information about your use and navigation of our Website, such as your IP address and other device identifiers, your operating system and browser type, and information about the Website pages you visit, collected thanks to cookies; and
- Personal information collected from third parties, such as data that you agree to share with us on publicly accessible social networks (e.g., Facebook, Instagram, etc.) and/or that we may collect from other publicly accessible databases.
You are under no obligation to provide any such information. Providing your personal data to us (in particular, your personal details, your email, your address, your credit/debit card numbers and bank code and your telephone number) is necessary for processing your order for the purchase of products on the Website, supplying other services provided on the Website upon your request, or when your personal data is needed to fulfil obligations required by law or regulations. The refusal to provide us with any personal data necessary for performing the above purposes may consequently prevent us from processing your order for the purchase of products sold on the Website or fulfilling obligations required by law and other regulations. Therefore, failure to provide personal data may constitute, in some cases, a legitimate and justified reason for not processing your order for the purchase of products sold on the Website or not providing the Website’s services.
Disclosure of further personal data to us other than that required for fulfilling legal or contractual obligations and to properly browse our services with necessary traffic data is, on the contrary, optional and does not have any effect on the use of the Website and of its services or on the purchase of products on the Website. We will inform you at every step whether disclosing your personal data to us is required or optional by marking with an appropriate symbol (*) the information that is required or data needed for the purchase of products and/or for the provision of requested services on the Website.
- Minimum Age
Protecting the safety and privacy of children is very important to us. We do not accept registrations or orders submitted by, and will not knowingly collect or use personal data from anyone under the age of sixteen (16) years, or any other age limit sets out by the law of his/her country of residence. By registering or making any purchase on the Website, you confirm that you have reached the age of majority in your country of residence.
Do-Not-Track. Currently, our systems do not recognize browser “do-not-track” requests. You may, however, disable certain tracking as discussed in this section (e.g., by disabling cookies).
- Use Made of Your Personal Data
Whenever we process your personal data, we do so on the basis of a lawful “justification” (or legal basis) for processing. In the majority of cases, the processing of your personal data will be justified on one of the following bases:
- processing is necessary to perform a contract with you or take steps that you have requested in order to enter into a contract (e.g., sale contract);
- processing is necessary for us to comply with a legal obligation;
- processing is in our legitimate interests as a business, and our interests are not overridden by your interests, fundamental rights or freedoms. Our legitimate interests may include our interest in using customer and Website user personal data to conduct and develop our business activities (including by carrying out standard marketing activities), with current and potential customers and Website users; and in establishing, exercising or defending legal claims; or
- processing is based on your prior explicit consent, such as segmented and customized marketing activities.
|The purposes for which we process your personal data are the following:||The processing of your personal data is justified by the following legal basis:|
|1||Process your purchases and to provide you with the services and information offered through the Website and which you request||Performance of a contract|
|2||Administer your account with us||Performance of a contract|
|3||Verify and carry out financial transactions in relation to payments you make||Performance of a contract|
|4||Audit the downloading of data from the Website||Our legitimate interest to get to know our customers better and improve our services accordingly|
|5||Improve and customise our Website, and our products, services and our business in general, such as by tracking your product preferences, shopping history and interactions with the Website||Our legitimate interest to improve our products and services|
|6||Identify visitors to the Website||Our legitimate interest to get to know our customers better and improve our services accordingly|
|7||Carry out data analytics and market research||Our legitimate interest to get to know our customers better and improve our services accordingly|
|8||Carry out data enrichment, such as by analysing your product preferences, shopping history and interactions with the Website together with data collected from third parties, such as data that you agree to share with us on social networks (e.g., Facebook, Instagram, etc.) and/or that we may collect from publicly accessible databases||Your prior explicit consent|
|9||Correspond with you to resolve your queries or complaints||Your prior explicit consent|
- Disclosure of Your Personal Data
We may disclose your personal data to any of our affiliate companies, or to our service providers who have a legitimate interest in receiving your personal data, specifically and exclusively in order to assist us in providing the services we offer, processing transactions, fulfilling requests for information, receiving and sending communications, updating marketing lists, analysing data, providing support services or in performing other tasks, from time to time.
For the avoidance of doubt, we will get your express opt-in consent before we share your personal data with any third party company other than Daddy Butter for marketing purposes.
Your personal data will be accessible by authorized personnel of Daddy Butter and affiliated companies, and service providers acting on our behalf on a need-to-know basis. We may also share your personal data with third parties in connection with potential or actual sale or restructuring of our company or any of our assets, or those of any associated company, in which case personal data held by us about our users may be one of the transferred assets.
We will also respond to requests for personal data where required by to do so by law, or when we believe that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, court order, request from a regulator or any other legal process served on us.
We have adopted security measures to protect personal data against accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure or access. For the best possible protection of your personal data outside the limits of our control, your device should be protected (such as by updated antivirus systems) and your internet service provider should take appropriate measures for the security of network data transmission (such as, for example, firewalls and anti-spam filtering).
While we take reasonable steps to protect your personal data, we cannot guarantee that the personal data you disclose to us will be 100% secure.
You accept the inherent security implications of dealing on-line over the Internet and will not hold Daddy Butter or their processors responsible for any data breach unless it is due to our negligence.
- Retention of Your Personal Data
Our general approach is to retain your personal data only for as long as required to fulfil the purposes for which it was collected. We generally retain your personal data for three years from the end of our relationship or from the last contact from you, unless local law requires otherwise. However, in some circumstances we may retain personal data for longer periods of time, for instance where we are required to do so in accordance with legal, tax and accounting requirements.
In specific circumstances we may also retain your personal data for longer periods of time corresponding to the applicable statute of limitations so that we have an accurate record of your dealings with us in the event of any complaints or challenges.
- Your Rights
You have the following rights with respect to your personal data:
- Right to withdraw consent– where applicable, you have the right to withdraw your consent at any time. For example, if you wish to opt-out of receiving electronic marketing communications, you can change your settings in your account on the Website, use the ‘unsubscribe’ link provided in our emails or text the STOP number in our SMS, or otherwise contact us directly and we will stop sending you communications.
- Right of access, rectification and erasure– you have the right to request access to and obtain a copy of any of your personal data that we may hold, to request correction of any inaccurate data relating to you and to request the deletion of your personal data under certain circumstances. You can see and update most of this data yourself online, or by contacting directly email@example.com.
- Right of data portability– Under certain conditions, you have the right to receive all such personal data which you have provided to us in a structured, commonly used and machine-readable format, and also to require us to transmit it to another controller where this is technically feasible.
- Right to restriction of processing– you have the right to restrict our processing of your personal data where:
- you contest the accuracy of the personal data until we have taken sufficient steps to correct or verify its accuracy;
- the processing is unlawful but you do not want us to erase the data;
- we no longer need your personal data for the purposes of the processing, but you require such data for the establishment, exercise or defence of legal claims; or
- you have objected to processing justified on legitimate interest grounds (see below) pending verification as to whether we have overriding compelling legitimate grounds to continue processing.
Where personal data is subject to restriction in this way, we will only process it with your consent or for the establishment, exercise or defence of legal claims, in accordance with local legislation.
- Right to object to processing justified on legitimate interest grounds– where we are relying upon legitimate interest to process personal data, then you have the right to object to that processing. If you object, we must stop that processing unless we can either demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms or where we need to process the data for the establishment, exercise or defence of legal claims. Where we rely upon legitimate interest as a justification for processing we believe that we can demonstrate such compelling legitimate grounds, but we will consider each case on an individual basis.
- Information for California Residents– California residents may request a list of certain third parties to which we have disclosed personal data about you for their own direct marketing purposes. You may make one request per calendar year. In your request, please attest to the fact that you are a California resident and provide a current California address for your response. You may request this information in writing by contacting us at:firstname.lastname@example.org. Please allow up to thirty (30) days for a response.
You also have the right to lodge a complaint with a supervisory authority if you consider that the processing of your personal data infringes applicable law.
For further information regarding your rights, to exercise any of your rights, or if you have any complaints or questions regarding the processing of your personal data please contact email@example.com.
Please note that we may request proof of identity, and where permissible under applicable law, we reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive. We will endeavour to respond to your request as soon as possible and in any case within the applicable timeframes.
- Changes to this Policy
We may occasionally change this Policy, for example, to comply with new requirements imposed by the applicable laws or technical requirements. We will post the updated Policy on the Website. We may also notify you in case of material changes and seek your consent to those changes, where required by applicable law. You are thus encouraged to periodically review this page.
Cookies and Other Technology Policy
Last Updated October 2017
- What is a cookie?
Cookies are text files containing small amounts of information that a user’s device (computer, tablet or mobile) downloads when it visits a website. They allow the site to “remember” your computer, but not specifically who is using it, and improve your user experience. By associating the identification numbers in the cookies with other customer information when, for example, you log-in to the site, then we know that the cookie information relates to you.
- What is the scope of cookies?
Cookies are used generally for different purposes, such as letting the user navigate between pages efficiently, implementing the user’s preferences and generally improving their browsing experience, by customizing the website according to their navigation and user profile. They can also help ensure that the adverts that the user sees online are more relevant to them and their interests.
- What cookies do we use?
Our website uses several type of cookies for different purposes as better explained below in section 4 “Categories of cookies on DaddyButter.com”.
In particular we use:
- A) Session cookies, which only last for the duration of a browsing session. They are usually used to facilitate the access to the services on our website, to authenticate you when you are a registered member, and to remember what a user has put in their shopping basket, and
- B) Persistent cookies, which last for more than one visit. They are used to remember a user’s preferences and actions within the website. In this case, when a user returns to our website, or visits sites that use the same cookies, the site reads the cookies and identifies the user’s browser.
Among these cookies it is possible to refer to:
- C) First party cookies, which are supplied by the website you are visiting, i.e., DaddyButter.com and can be read only by such site. For example the cookies that maintain products in the shopping bag of a user who is in the meantime still surfing the site. First party cookies can be either session or permanent cookies.
- D) Third party cookies, which are meant to collect data in an anonymous way, for example analytics information, including browsing statistics. Other third party cookies are meant to track our visitors’ response to our online promotional activities. This technology uses information about your visits to our website and third parties’ sites on which we advertise, to deliver relevant advertisements. We also use this to learn which banner adverts bring users to our website. Also third party cookies can be either session or permanent cookies.
- Categories of cookies on DaddyButter.com site
The type of cookie used on our website can fall under one of the categories below.
A.1: Navigation or Session Cookies
These cookies are strictly necessary session cookies essential to enable you to move around the website and use its essential features, such as accessing secure areas of the website. These cookies include session authentication cookies. Without these cookies, necessary services such as shopping baskets or e-billing cannot be provided.
We are able to identify you as being logged in to DaddyButter.com and to ensure that you are able to access the appropriate features on our site.
If you choose to disable these cookies, you will be unable to use our site for ordering our products, but only for browsing.
These cookies are also known as performance cookies and collect information about how you use our website, so that we can improve the quality of our site and services. Some examples include which pages you visit most often, whether you get error messages from web pages, and your choices about receiving cookies or not. Performance cookies allow us to implement these choices and optimise the way our site works. All the information that these cookies collect is aggregated and therefore they do not collect personal identification information. These type of cookies may be first party or third party.
These cookies include analytics that allow us to obtain statistics about website access and browsing, monitor which website our users arrive from, help us improve the site by measuring usage information and any errors which occur during our users browsing experience, as well as the effectiveness of advertising campaigns, using aggregated information.
A.3: Functionality Cookies
Functionality cookies allow the website to remember your online settings (such as your user name, language or location) and provide enhanced, more personalised features.
These cookies can also be used to remember changes you made to text size, fonts and other parts of a web page that you can customize. They may also be used to provide services you have asked for or to prevent you from receiving services you have already refused.
These types of cookies may be first party or third party. Presently we only use first party cookies, and they can be session or permanent.
When you choose functionalities and services, you agree to our use of the related functionality cookie.
B – Profiling Cookies
Among the many types of advertising or targeting cookies, we may use Flash Cookies and Pixel Tags:
- Flash Cookies: We may use local shared objects, known as Flash cookies, to store your preferences. The amount and type of information collected through Flash cookies and how they work is different from browser cookies. Please be aware that the browser’s tools to manage cookies will not remove Flash cookies. To disable flash cookies, please use the setting tool provided by the Flash player here.
- Pixel Tags: If you agreed to being tracked and/or profiled, we may use other tracking technologies (e.g., web beacons, clear gifs) in the communications we send to you. The purpose of these may be to learn about whether you have read or opened the email, whether you have interacted with any link, e.g., by clicking on it, and if so which ones. This information may be combined with other information we have gathered about you, to help us deliver more interesting communications to you, based on your browsing experience and shopping.
At any time you can manage your preferences for advertising or targeting cookies through your browser settings as per section 6 below, or by enabling/disabling all third party cookies as per section 7 below.
- Information sharing
- How to manage your tracking and cookie preferences
Most browser applications automatically accept cookies but you can set it to receive an alert each time an operator tries to send you cookies/pixel tags, and/or prevent it from accepting them. On most browsers, the “Help” portion of the toolbar will tell you how to prevent it from accepting cookies, how to change your tracking settings, how to have it notify you when you receive cookies/pixel tags, or how to disable cookies/pixel tags altogether.
Below are pages describing these settings in more detail for each browser:
If you use multiple browsers (e.g., Internet Explorer, Google Chrome, Firefox, etc.) you must repeat this procedure with each one, and if you connect to the web from multiple devices (e.g., from work and at home), then you will need to set your preferences on each browser on each device.
Please note that if you disable completely cookies from the browser, then it is possible that some parts of our website will not function properly such as the normal surfing or the purchase activity, and finally you may also lose any personalized activity, and the advertising you receive when you visit this website will not be tailored to your interests.
- How to disable third party cookies and advertising or targeting cookies fromDaddyButter.com site
You may learn how to disable third party cookies and advertising or targeting cookies on your computer by checking youronlinechoices.com
- How to contact us
If you want to know more about cookies, have any question or want to send us suggestions, please contact us at at firstname.lastname@example.org.
- More information
A full overview of the cookies we use on our website and their respective names and purposes can be found hereunder:
|Cookie name||Purpose / Supplier|
|__troruid||Cookie for marketing profiling|
|__trosync||Cookie for marketing profiling|
|_session_id||User Session Cookie|
|ggbackurl||URL type “Back” in current page|
|ggcategoryurl||URL type “Category” in current page|
|gghomeurl||URL type “home” in current page|
|site_abbreviation||ID for Country / language|
|cookie-policy||Acceptance for the cookies policy|
|ide||Cookie for marketing profiling form doubleclick.net|
|__sonar||Cookie for marketing profiling form doubleclick.net|
|__utma||Cookies for user statistics|
|__utmb||Cookies for user statistics|
|__utmc||Cookies for user statistics|
|__utmz||Cookies for user statistics|
|_utmt_ua_xxxxxxxx-y||Cookies for user statistics|
|_drt_||Cookie for marketing profiling form doubleclick.net|
|id||Cookie for marketing profiling form doubleclick.net|
This feature only records activities of a site’s registered users, and the retention duration of activity data will depend on the site’s plan and activity type.
Data Used: To deliver this functionality and record activities around site management, the following information is captured: user email address, user role, user login, user display name, WordPress.com and local user IDs, the activity to be recorded, the WordPress.com-connected site ID of the site on which the activity takes place, the site’s Jetpack version, and the timestamp of the activity. Some activities may also include the actor’s IP address (login attempts, for example) and user agent.
Activity Tracked: Login attempts/actions, post and page update and publish actions, comment/pingback submission and management actions, plugin and theme management actions, widget updates, user management actions, and the modification of other various site settings and options. Retention duration of activity data depends on the site’s plan and activity type. See the complete list of currently-recorded activities (along with retention information).
Data Synced (?): Successful and failed login attempts, which will include the actor’s IP address and user agent.
Data Used: This feature will send a hash of the user’s email address (if logged in to the site or WordPress.com — or if they submitted a comment on the site using their email address that is attached to an active Gravatar profile) to the Gravatar service (also owned by Automattic) in order to retrieve their profile image.
Data Used: In order to record page views via WordPress.com Stats (which must be enabled for page view tracking here to work) with additional loads, the following information is used: IP address, WordPress.com user ID (if logged in), WordPress.com username (if logged in), user agent, visiting URL, referring URL, timestamp of event, browser language, country code.
Activity Tracked: Page views will be tracked with each additional load (i.e. when you scroll down to the bottom of the page and a new set of posts loads automatically). If the site owner has enabled Google Analytics to work with this feature, a page view event will also be sent to the appropriate Google Analytics account with each additional load.
Data Used: Commenter’s name, email address, and site URL (if provided via the comment form), timestamp, and IP address. Additionally, a jetpack.wordpress.com IFrame receives the following data: WordPress.com blog ID attached to the site, ID of the post on which the comment is being submitted, commenter’s local user ID (if available), commenter’s local username (if available), commenter’s site URL (if available), MD5 hash of the commenter’s email address (if available), and the comment content. If Akismet (also owned by Automattic) is enabled on the site, the following information is sent to the service for the sole purpose of spam checking: commenter’s name, email address, site URL, IP address, and user agent.
Activity Tracked: The comment author’s name, email address, and site URL (if provided during the comment submission) are stored in cookies. Learn more about these cookies.
Data Synced (?): All data and metadata (see above) associated with comments. This includes the status of the comment and, if Akismet is enabled on the site, whether or not it was classified as spam by Akismet.
This feature is only accessible to users logged in to WordPress.com.
Data Used: In order to process a post like action, the following information is used: IP address, WordPress.com user ID, WordPress.com username, WordPress.com-connected site ID (on which the post was liked), post ID (of the post that was liked), user agent, timestamp of event, browser language, country code.
Activity Tracked: Post likes.
This feature is only accessible to registered users of the site who are logged in to WordPress.com.
Data Used: IP address, WordPress.com user ID, WordPress.com username, WordPress.com-connected site ID and URL, Jetpack version, user agent, visiting URL, referring URL, timestamp of event, browser language, country code. Some visitor-related information or activity may be sent to the site owner via this feature. This may include: email address, WordPress.com username, site URL, email address, comment content, follow actions, etc.
Activity Tracked: Sending notifications (i.e. when we send a notification to a particular user), opening notifications (i.e. when a user opens a notification that they receive), performing an action from within the notification panel (e.g. liking a comment or marking a comment as spam), and clicking on any link from within the notification panel/interface.
Data Used: In order to check login activity and potentially block fraudulent attempts, the following information is used: attempting user’s IP address, attempting user’s email address/username (i.e. according to the value they were attempting to use during the login process), and all IP-related HTTP headers attached to the attempting user.
Activity Tracked: Failed login attempts (these include IP address and user agent). We also set a cookie (
jpp_math_pass) for 1 day to remember if/when a user has successfully completed a math captcha to prove that they’re a real human. Learn more about this cookie.
Data Synced (?): Failed login attempts, which contain the user’s IP address, attempted username or email address, and user agent information.
This feature is only available to sites on the Premium and Professional plans, and the actual payment processing is handled by PayPal.
Data Used: Transaction amount, transaction currency code, product title, product price, product ID, order quantity, PayPal payer ID, and PayPal transaction ID.
Activity Tracked: The PayPal payer ID, transaction ID, and HTTP referrer are sent with a payment completion tracking event that is attached to the site owner.
Data Synced (?): PayPal transaction ID, PayPal transaction status, PayPal product ID, quantity, price, customer email address, currency, and payment button CTA text.
This feature is only available to sites on the Premium and Professional plans.
Data Used: For video play tracking via WordPress.com Stats, the following information is used: viewer’s IP address, WordPress.com user ID (if logged in), WordPress.com username (if logged in), user agent, visiting URL, referring URL, timestamp of event, browser language, country code. If Google Analytics is enabled, video play events will be sent there, as well.
Activity Tracked: Video plays.
Data Used: For payments with PayPal or Stripe: purchase total, currency, billing information. For taxes: the value of goods in the cart, value of shipping, destination address. For checkout rates: destination address, purchased product IDs, dimensions, weight, and quantities. For shipping labels: customer’s name, address as well as the dimensions, weight, and quantities of purchased products.
WordPress.com Secure Sign On
This feature is only accessible to registered users of the site with WordPress.com accounts.
Data Used: User ID (local site and WordPress.com), role (e.g. administrator), email address, username and display name. Additionally, for activity tracking (see below): IP address, WordPress.com user ID, WordPress.com username, WordPress.com-connected site ID and URL, Jetpack version, user agent, visiting URL, referring URL, timestamp of event, browser language, country code.
Activity Tracked: The following usage events are recorded: starting the login process, completing the login process, failing the login process, successfully being redirected after login, and failing to be redirected after login. Several functionality cookies are also set, and these are detailed explicitly in our Cookie documentation.
Data Synced (?): The user ID and role of any user who successfully signed in via this feature.
Data Used: IP address, WordPress.com user ID (if logged in), WordPress.com username (if logged in), user agent, visiting URL, referring URL, timestamp of event, browser language, country code. Important: The site owner does not have access to any of this information via this feature. For example, a site owner can see that a specific post has 285 views, but he/she cannot see which specific users/accounts viewed that post. Stats logs — containing visitor IP addresses and WordPress.com usernames (if available) — are retained by Automattic for 28 days and are used for the sole purpose of powering this feature.
This feature is only accessible to registered users of the site who are also logged in to WordPress.com.
Data Used: Gravatar image URL of the logged-in user in order to display it in the toolbar and the WordPress.com user ID of the logged-in user. Additionally, for activity tracking (detailed below): IP address, WordPress.com user ID, WordPress.com username, WordPress.com-connected site ID and URL, Jetpack version, user agent, visiting URL, referring URL, timestamp of event, browser language, country code.
Activity Tracked: Click actions within the toolbar.