Who we are
Our website address is: https://trevellyan.biz.
What personal data we collect and why we collect it
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
Functionality cookies are set for a duration of 347 days to remember a visitor’s blog and post subscription choices if, in fact, they have an active subscription.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. We also set a cookie for 1 day to remember if/when a registered user has successfully completed a math captcha to prove that they’re a real human.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
We collect the commenter’s IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself). This data is submitted to the Akismet service for the sole purpose of spam checking. The comment and its metadata are stored in the database of the website and retained indefinitely.
To initiate and process comment subscriptions, the following information is used: subscriber’s email address and the ID of the post or comment (depending on the specific subscription being processed). In the event of a new subscription being initiated, we also collect some basic server data, including all of the subscribing user’s HTTP request headers, the IP address from which the subscribing user is viewing the page, and the URI which was given in order to access the page (REQUEST_URI and DOCUMENT_URI). This server data used for the exclusive purpose of monitoring and preventing abuse and spam.
The contact form submission data — IP address, user agent, name, email address, website, and message — is submitted to the Akismet service for the sole purpose of spam checking. The actual submission data is emailed directly to the website owner and is stored in the database of the website and retained indefinitely.
If you subscribe to our mailing list, we transmit the information you provide in the signup form, including your email address, to MailChimp. This information is stored in a database for the purpose of sending you email from time to time. It is not shared with anyone else, and you can unsubscribe at any time.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
For users that register on our website, we store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
In order to check login activity and potentially block fraudulent attempts, the following information is used: attempting user’s IP address, attempting user’s email address/username (i.e. according to the value they were attempting to use during the login process), and all IP-related HTTP headers attached to the attempting user.
Data about failed login attempts (these include IP address and user agent) are tracked and synced with a third-party service solely for the purpose of preventing fraudulent logins.
What we collect and store
When you purchase from us, we’ll ask you to provide information including your name, billing address, email address, phone number, credit card/payment details and account information like username and password. We use this information to:
- Send you information about your account and order
- Respond to your requests, including refunds and complaints
- Process payments and prevent fraud
- Set up your account for our store
- Comply with any legal obligations we have, such as calculating taxes
If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.
We generally store information about you until you ask us to delete it. This includes your name, email address and billing and shipping addresses.
Who on our team has access
Site administrators have access to the following information to help fulfill orders, process refunds and support you:
- Order information like what was purchased and when it was purchased
- Customer information like your name, email address, and billing and shipping information.
We accept payments through Stripe. When processing payments, some of your data will be passed to Stripe, including information required to process or support the payment, such as the purchase total and billing information.
What rights you have over your data
If you have made a purchase on this site, or have left comments or submitted a contact form, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Our contact information
How we protect your data
We use several complementary technologies to protect this website and its database. These include, but are not limited to, the use of strong passwords for all administrator accounts, and the above-mentioned Login Protection technology.
What data breach procedures we have in place
We monitor the website for fraudulent activity and we maintain regular backups to facilitate recovery from malicious activity. We aim to respond to any such incident within 24 hours.