Who we are
Our website address is: https://rollyourbones.com.
What personal data we collect and why we collect it
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
Functionality cookies are set for a duration of 347 days to remember a visitor’s blog and post subscription choices if, in fact, they have an active subscription.
We collect the commenter’s IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself). This data is submitted to the Akismet service for the sole purpose of spam checking. The comment and its metadata are stored in the database of the website and retained indefinitely.
To initiate and process comment subscriptions, the following information is used: subscriber’s email address and the ID of the post or comment (depending on the specific subscription being processed). In the event of a new subscription being initiated, we also collect some basic server data, including all of the subscribing user’s HTTP request headers, the IP address from which the subscribing user is viewing the page, and the URI which was given in order to access the page (REQUEST_URI and DOCUMENT_URI). This server data used for the exclusive purpose of monitoring and preventing abuse and spam.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
In order to check login activity and potentially block fraudulent attempts, the following information is used: attempting user’s IP address, attempting user’s email address/username (i.e. according to the value they were attempting to use during the login process), and all IP-related HTTP headers attached to the attempting user.
Data about failed login attempts (these include IP address and user agent) are tracked and synced with a third-party service solely for the purpose of preventing fraudulent logins.
What we collect and store
When you purchase from us, we’ll ask you to provide information including your name, billing address, email address, phone number and credit card/payment details. We use this information to:
- Send you information about your order
- Respond to your requests, including refunds and complaints
- Process payments and prevent fraud
- Comply with any legal obligations we have, such as calculating taxes
We generally store information about you until you ask us to delete it. This includes your name, email address and billing and shipping addresses.
Who on our team has access
Site administrators have access to the following information to help fulfill orders, process refunds and support you:
- Order information like what was purchased and when it was purchased
- Customer information like your name, email address, and billing and shipping information.
We accept payments through Stripe and PayPal. When processing payments, some of your data will be passed to the payment processor, including information required to process or support the payment, such as the purchase total and billing information.
What rights you have over your data
If you have made a purchase or left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Our contact information
How we protect your data
We use several complementary technologies to protect this website and its database. These include, but are not limited to, the use of strong passwords for all administrator accounts, and the above-mentioned Login Protection technology.
What data breach procedures we have in place
We monitor the website for fraudulent activity and we maintain regular backups to facilitate recovery from malicious activity. We aim to respond to any such incident within 24 hours.