*Beginning Note: If you look up at the address bar, you’ll see a little padlock in the corner. If you click on it, you’ll see that your connection (& info) on apackedlunch.com is secure through an SSL certificate.
Subscriptions, donations and one-time payments to apackedlunch.com are processed through either PayPal or Stripe, depending on the service of your interest. (WordPress.com partners with Stripe to process payments.) Here are links to PayPal and Stripe that describe the data encryption used to protect you as a buyer (Jetpack below under ‘4. Jetpack: *Payments Block‘). PayPal & Stripe also provide (automatic receipts &) dispute resolution if, for any ungodly reason, an agreement cannot be reached between you and A Packed Lunch. As a seller via both platforms, A Packed Lunch is never privy to your payment information. Here you can view the privacy policies for Stripe and PayPal.
A Packed Lunch takes your privacy seriously, and will never use/disclose any personally identifying information that you provide for personal gain or third-party purposes, unless it has been expressly agreed upon by you and A Packed Lunch, or unless it is, in good faith, deemed necessary for legal/safety or otherwise extenuating reasons. All information and correspondence that you provide to and share with A Packed Lunch will never be maliciously exposed or saved or stored, but may be saved or stored as a reference “receipt” for the legal protection of both you and A Packed Lunch, and as specifically appropriate to a service that you agree to participate in. As a general rule of thumb for small businesses, your information, also known as invoices, contracts/agreements, also known as (IRS) tax receipts and records, may be kept for a minimum of 3 years and a maximum for however long I do business as A Packed Lunch in the city and state of Boston Massachusetts. Information such as agreements/correspondence is saved/stored in firstname.lastname@example.org and/or a password-protected flash drive, only.
–Please see the IRS article “How Long Should I Keep Records?”
–Please also see your rights as a consumer via The Massachusetts Consumer Protection Law (Mass General Laws Chapter 93A: Regulation of Business Practices for Consumers Protection)
apackedlunch.com uses Jetpack’s WordPress.com Secure Sign On & Subscriptions features to allow users such as (monthly or yearly paying) subscribers to log in to apackedlunch.com using a WordPress account to view otherwise locked content, and without having to continually provide their details. Subscribers are authenticated with WordPress.com. Jetpack’s Subscriptions feature also allows subscribers to opt-in to new subscription-specific content via email, and allows (non-paying) users such as “followers” with or without WordPress accounts to sign up to apackedlunch.com via email only to receive updates when a new *blog post has been published. (Email followers begin following a WordPress site when they provide their email address on a sign-up form.) Subscriptions also allows visitors to apackedlunch.com to subscribe to new comments on a post they’ve commented on. (*This is important guys, so stick with me, because each Jetpack feature has privacy info explaining how Jetpack may use your data & track activity. See: ‘4. Jetpack:‘ below)
Subscribers/”followers” can comment on a WordPress site’s posts and pages (providing a site owner has the feature enabled). Subscriber and email follower usernames and, of course, email addresses are visible to A Packed Lunch. (Followers of apackedlunch.com are only visible to A Packed Lunch by their usernames.) You may cancel (& manage) your subscription(s) at any time from your account.
Cookies are installed by WordPress by default. Cookies are text files with small pieces of information (e.g. password and username) that are created by a website and stored on your computer through your browser. Cookies, along with browsing history, help web browsers like Google Chrome customize & so speed up your browsing sessions. Cookies may be persistent or temporary, or until you clear cookies from your own computer.
If you leave a comment on a WordPress site, you may opt-in to saving your name, email address and website in cookies so that you don’t have to fill in your details when commenting again. These cookies will last for one year.
If you visit a WordPress login page, they will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, WordPress will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for one year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
Automattic’s Privacy Notice for Visitors to Our Users’ Sites
Akismet Commenter Information: We collect information about visitors who comment on Sites that use our Akismet anti-spam service. The information we collect depends on how the User sets up Akismet for the Site, but typically includes the commenter’s IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address…oh, and the comment itself, of course).
Embedded content from other websites
Who we share your data with
By default WordPress does not share any personal data with anyone. If you request a password reset, your IP address will be included in the reset email.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so WordPress can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on a WordPress website (if any), WordPress also stores the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
*Noteworthy of WordPress.com Stats
Data Visibility and Retention
Any piece of data explicitly identifying a specific user (IP address, WordPress.com ID, WordPress.com username, etc.) is not visible to the site owner when using this feature. For example, a site owner can see that a specific post has 285 views, but he/she cannot see which specific users/accounts viewed that post.
–Stats logs — containing visitor IP addresses and WordPress.com usernames (if available) — are retained by Automattic for 28 days and are used only for the purpose of powering this feature.
So you won’t be completely bored to tears, you can click here to see Jetpack’s privacy info for each of the features they provide. Currently, only the following features apply to apackedlunch.com: Activity, Comment Likes, Jetpack Comments, Payments Block & Subscriptions, WordPress.com Stats, Search, Infinite Scroll, Notifications, Video Hosting & WordPress.com Secure Sign On. However, some standout info:
–Data Used: To facilitate new signup and renewals, the following is sent to Stripe (governed by Stripe TOS): Name, Credit Card number, CVV, Expiry date. Note – the credit card details are not stored by us – this data is collected and stored by Stripe. WordPress.com systems are fully PCI compliant.
–Data Synced: We create a new WordPress.com account for the user, or use the account associated with the email a customer gives us. An explanation of WordPress.com data used can be found here. History of signups and billing facilitated via this feature is stored on WordPress.com servers for accounting and subsequent renewal purposes. For the purpose of renewing subscriptions, on our servers we store: Safely encrypted Stripe ID of the credit card connected to the subscription, User id that initiated the purchase, Details about the product, Payment history for the subscription, Last 4 digits of the credit card and the brand – what is known in the industry as “safe details”. Also, we connect the ID of the credit card to the WordPress.com user id, which allows for one-click payments on other subscription products sold on the WordPress.com network.
*Notifications (for receiving notifications of new comments and Likes on WordPress.com and Jetpack sites, in the admin bar and on a desktop & mobile device)
–Data Used: IP address, WordPress.com user ID, WordPress.com username, WordPress.com-connected site ID and URL, Jetpack version, user agent, visiting URL, referring URL, timestamp of event, browser language, country code. Some visitor-related information or activity may be sent to the site owner via this feature. This may include: email address, WordPress.com username, site URL, email address, comment content, follow actions, etc.
5. YOUR RIGHTS WOOHOO!
As part of the European Union’s General Data Protection Regulation (also known as GDPR), you can–as a WordPress account holder, or as someone who has left comments–request access to and deletion of your data (even if you don’t reside in a country in the EU Lol). (*This does not include any data WordPress & A Packed Lunch are obliged to keep for administrative, legal, or security purposes.) In either case, an email generated by A Packed Lunch (using either your username or email address) will then be sent to you for confirmation. For export requests, you will receive a ZIP file containing your personal data from WordPress and certain plugins. (As of now, the only user-relevant plugins that apackedlunch.com uses is Jetpack & Akismet.) Your personal data, including data collected by participating plugins may also be deleted at your request by A Packed Lunch (& honored even if I, for any reason, must restore apackedlunch.com to a previous version).
If you ever receive an email or contact from an entity or account soliciting payment or your personal information using the name A Packed Lunch or any such likeness, please disregard and contact A Packed Lunch right away. A Packed Lunch will never contact you outside of the boundaries of agreed-upon terms and conditions of a particular service, or just in a crazy unprofessional, (un)solicited manner.
All information on apackedlunch.com is copyright protected, unless otherwise stated or legally agreed upon by A Packed Lunch and you (and whatever creative ideas you may have 😊). So pretty much, all rights reserved … until a more lucrative idea comes along. I’m a big champion of sharing and building upon creativity and the public domain, while still being able to retain some advantage over what “I’ve” created. God Bless,
A Packed Lunch/Kindra