Grace Possible Privacy Policy

Welcome to Grace Possible. Protecting your privacy is important to us. This policy explains how the personal information we collect will be treated. Our website address is: https://gracepossible.com. Grace Possible is a business founded and operated by Joanna K. Harris – author, speaker, and life coach. She can be contacted by email at joanna@gracepossible.com.

Source: WordPress

What personal data we collect and why we collect it:

Personal data is not just created by you as the user interacting with our site, Grace Possible. It is also generated from technical processes that you use on our site, such as contact forms, comments, cookies, analytics, and third party embeds. Grace Possible’s website is created using WordPress. By default, WordPress does not collect any personal data about visitors, and it only collects the data shown on the User Profile screen from registered users. However some of the plugins used in creating and maintaining this website may collect personal data. These will be covered in this policy.

Contact forms

This site uses the Contact Form 7 plugin to create the forms used throughout the website. These forms collect data, such as your name and email address. WordPress, Get Response, and Grace Possible will have access to this information. This plugin stores the data input sent through the forms found on this website, along with any meta information about the submissions. This includes the time stamp, the origin IP address, and the browser. You can read more about Contact Form 7’s own privacy policy, here.

This site uses Get Response, both the plugin and the add-on, as it’s online marketing platform (you can see their full policy here). When you sign up and subscribe with Grace Possible you are doing so through the Contact Form 7 plugin that connects to Get Response. Any information you disclose will be held for future mailing purposes until such a time as you unsubscribe. Get Response will safeguard this information and only allow Grace Possible to access it and use it to send you information. This allows us to add site visitors to our contact list, update contact information, track site visits, and pass ecommerce data to Get Response.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address, and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen option cookies last for a year. If you select “Remember Me,” your login will continue for two weeks. If you log out of your account, the login cookies will be removed.

Embedded content from other websites

Content on this site may include embedded content (such as videos, images, articles, etc.). Embedded content from other websites behaves in the same way as if the visitor has visited the other website. These other websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content.

Comments

When visitors leave comments on the site, we collect the data shown in the comments form, along with the visitor’s IP address and browser user agent string to help with spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here. Once your comment is approved, your Gravatar profile picture will be visible in the context of your comment.

Analytics

Who we share your data with

By default WordPress does not share any personal data with anyone. For this site, the following third parties are used: WooCommerce and WooCommerce Square plugins, (see their policy here), and the Jetpack plugin (see their policy here).

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue. Other collected information will be retained indefinitely or at the discretion of Grace Possible.

For users that register on our website, we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account with this site, or have left comments, you can request that we erase certain personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service, in this case Aksimet (see below for more details).

How we protect your data

You can view the privacy policies for JetPack, Aksimet, and iThemes for futher information on how your data is protected.

Source: Amazon Web Services

Media

This site uses Amazon Web Services to provide videos available on the website itself. These videos are stored, hosted, and distributed from AWS  and specifically through their products S3 and Cloudfront. Images on and from this website may also be stored on AWS. You can view the privacy policy for AWS here. When viewing any of this content on our website you are subject to the terms of AWS itself.

Source: WooCommerce

We collect information about you during the checkout process in our store. The plugins used on this site to facilitate our selling and your buying is done via WooCommerce and WooCommerce Square.

What we collect and store:

When you visit our site, we’ll track:

  • Products you’ve viewed. We’ll use this to, for example, show you products you’ve recently viewed.
  • Location, IP address, and browser type. We’ll use this for purposes like estimating taxes and shipping.
  • Shipping address. We’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order.

We use cookies to keep track of your cart contents while you are browsing our site. When you make a purchase, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details, and optional account information like a username and password. We’ll use this information for purposes such as:

  • Sending you information about your account and order.
  • Responding to your requests, such as questions, refunds, etc.
  • Processing payments and preventing fraud.
  • Setting up your account for our store.
  • Complying with any legal obligations we have, such as calculating taxes.
  • Improving our store offerings.
  • Sending you marketing messages, if you choose to receive them.

If you create an account, we will store your name, address, email address, and phone number, which will be used to fill in the checkout form for future orders.

We generally store information about you for as long as we need the information, for the purposes for which we collect and use it. Information will be kept until it is no longer needed or until we are no longer legally required to keep it. We will also store comments and reviews, if you choose to leave them.

Payments

We process payments through WooCommerce Square, and some of your data will be passed to Square. This includes information required to process or support the payment, such as the purchase total and billing information. Please see the privacy policies for WooCommerce Square and Square for more information.

Source: iThemes Security

What personal data we collect and why we collect it:
Security Logs

The IP address of visitors, user ID of logged in users, and username of login attempts are conditionally logged to check for malicious activity and to protect the site from specific kinds of attacks. Examples of conditions when logging occurs include login attempts, log out requests, requests for suspicious URLs, changes to site content, and password updates. This information is retained for 60 days.

Who we share your data with

This site is scanned for potential malware and vulnerabilities by Sucuri’s SiteCheck. We do not send personal information to Sucuri. However, Sucuri could find personal information posted publicly (such as in comments) during their scan. For more details, please see Sucuri’s privacy policy.

How long we retain your data

Security logs are retained for 60 days.

Where we send your data

This site is part of a network of sites that protect against distributed brute force attacks. To enable this protection, the IP address of visitors attempting to log in to the site is shared with a service provided by ithemes.com. For more details, see the iThemes Privacy Policy.

Source: JetPack

For marketing and performance services as well as security and backup services, this site uses JetPack.

JetPack records activities of registered users on the site. To deliver this functionality and record activities around site management, the following information is captured: user email address, user role, user login, user display name, WordPress.com and local user ID’s, the activity to be recorded, the WordPress.com-connected site ID of the site on which the activity takes place, the site’s Jetpack version, and the timestamp of the activity. Some activities may also include the visitor’s IP address (for example: login attempts) and user agent. The activities tracked through this feature include logins, comments, monetary transactions (done via WooCommerce and WooCommerce Square), and forms filled out (via Contact Form 7, see policy). JetPack also works via Aksimet to prevent spam.

Source: Akismet

Information is collected about visitors who comment on sites that use the Akismet anti-spam service. The information collected typically includes the commenter’s IP address, user agent, referrer, and site URL (along with other information directly provided by the commenter, such as their name, username, email address, and the comment itself). See Akismet for more details.