1. Who We Are
References to “we,” “us,” or “our” in this policy refer to the site owners: [GolgiRadio Lab Journal] (the “Site”).
2. What Personal Data We Collect and Why We Collect It
2.1. WooCommerce (Ordering & Checkout)
When you purchase from our store, we collect information you provide during checkout. This may include:
- Name, Billing & Shipping Address: Used to process and deliver your order, and for billing/invoicing.
- Email Address & Phone Number: Used to send order updates and to communicate regarding your purchase or customer service inquiries.
- Payment Details: Processed via our payment processors. We do not store your full payment card details on our servers.
- IP Address, Browser & Device Data: Collected for fraud detection, analytics, and to improve our services.
We retain order information for administrative, tax, and legal purposes. This typically includes your name, email, billing and shipping addresses, and order details.
2.3. Media
If you upload images to the Site, avoid including embedded location data (EXIF GPS). Visitors can download and extract any location data from images on the website.
2.4. Cookies
- Comments: If you leave a comment, you may opt-in to save your name, email, and website in cookies for your convenience. These cookies last for one year.
- Login Page: We set a temporary cookie to check if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
- Logged In: We set up cookies to save your login information and screen display choices. Login cookies last for two days; screen options cookies last for a year. Selecting “Remember Me” extends login persistence to two weeks. Logging out removes these cookies.
- Article Editing: When you edit or publish an article, an additional cookie storing the post ID is set, expiring after one day.
2.5. Embedded Content from Other Websites
Articles on this Site may include embedded content (e.g., videos, images). Embedded content from other websites behaves as though you visited that external site, which may collect data about you, use cookies, embed further third-party tracking, and monitor your interaction. If you have an account and are logged in to those websites, they may track your interaction with embedded content.
3. Who We Share Your Data With
- Payment Processors: To securely process your orders, your payment information is shared with our third-party payment gateway (e.g., Stripe, PayPal).
- Shipping Providers: For physical orders, your shipping details are shared with logistics companies for delivery.
- Password Reset Requests: If you request a password reset, your IP address will be included in the reset email.
- Spam Detection: Visitor comments may be checked through an automated spam detection service.
We do not sell or rent your personal data to any third party.
4. How Long We Retain Your Data
- Comments: Indefinitely, to recognize and approve follow-up comments automatically.
- User Accounts: For users that register on our Site, we store the personal information in their user profile. All users can see, edit, or delete their personal information at any time (except their username). Website administrators can also see and edit that information.
- Order Information: Kept for as long as necessary for accounting, legal compliance, and legitimate business needs.
5. Your Rights Over Your Data
If you have an account on this Site, or have left comments, you can request an exported file of the personal data we hold about you. You can also request that we erase any personal data we hold about you, except for data we are required to keep for administrative, legal, or security purposes.
6. Where Your Data Is Sent
Visitor comments may be checked through an automated spam detection service. Depending on your location and the services used, your data may be transferred to servers outside your country, subject to relevant data protection laws.
7. Security Measures
We take reasonable steps to protect your data from unauthorized access, alteration, or destruction. This includes using secure servers, HTTPS (Secure Sockets Layer) for data transmission, and limiting access to your personal data to necessary personnel and service providers.