Lisa's Natural Herbal Creations collects sales tax in the state of Utah.
I use the USPS for all domestic and international shipping. I have found that they offer the least expensive shipping option for my customers.
SECTION 1 - WHAT DO I DO WITH YOUR INFORMATION?
If you purchase from me, I’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and account information like username and password. I use this information to
-Send you information about your account and order
-Respond to your requests, including refunds and complaints
-Process payments and prevent fraud
-Set up your account for our store
-Comply with any legal obligations I have, such as calculating taxes
-Improve our store offerings
-Send you marketing messages if you choose to receive them
When you purchase something from my store, as part of the buying and selling process, I collect the personal information you give me such as your name, address and email address.
If you create an account, I will store your name, address, email and phone number, which will be used to populate the checkout for future orders. You can edit or change this information anytime you want in your account dashboard.
I generally store information about you for as long as is needed for the purposes for which I collect and use it, and I am not legally required to continue to keep it. For example, I will store order information for four years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses. I’ll delete it sooner if you want me to, just ask.
I will also store product reviews if you choose to leave them. I really love when people leave reviews, it helps others shop for their needs. So, thank you, if you choose to leave a review.
SECTION 2 - CONSENT
If you opt-in to receive my emails, I may use your personal information to provide you with product updates or marketing communications that I believe may be of interest to you. I try to stick to a twice-a-month email schedule, but it doesn’t always work out that way.
If you do not want to receive emails from me after subscribing, you may opt-out by clicking on the unsubscribe link at the bottom of my emails.
I store your communication preferences when you sign up. It helps me make sure I email you exactly how you like to be emailed. This data is retained until you request the removal of your data.
I keep a log of some of the communication that we have with you. I keep these logs to improve our marketing and communication with you and other customers. For example, if I send an email everyone hates, I know not to do that again. These logs are retained until you request removal of your data.
Like most websites around, we collect non-identifying information, such as the browser type, language preference, referring site, and the date and time of each visitor request. We collect this information to better understand how you use our website, so we can keep improving it.
SECTION 3 - DISCLOSURE
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
I may use the information I collect from you when you register, make a purchase, sign up for my newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
To personalize your experience and allow me to deliver the type of content and product offerings in which you are most interested
To improve my website in order to better serve you
To allow me to better service you in responding to your customer service requests
To administer a contest, promotion, survey or other site feature
To quickly process your transactions
To send periodic emails regarding your order or other products and services
SECTION 4 - SHOPIFY
My store is hosted by Shopify Inc. They provide me with the online e-commerce platform that allows me to sell my products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
SECTION 5 - THIRD-PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
SECTION 6 - SECURITY
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
SECTION 7 - COOKIES
Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
SECTION 8 - AGE OF CONSENT
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
SECTION 9 - General Data Protection Regulation (GDPR)
The GDPR requires businesses to protect the personal data and privacy of European Union citizens for transactions that occur within EU member states. It also regulates exportation of personal data outside the EU.
If the GDPR applies to you because you are in the European Union, you have rights under data protection laws in relation to your personal data:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling
These rights are subject to certain rules around when you can exercise them. Learn more about the
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at email@example.com or by mail at
Lisa's Natural Herbal Creations
[Re: Privacy Compliance Officer]
1432 Childs Ave Ogden Utah US 84404