Who we are
Our website address is: https://www.onions-usa.org.
What personal data we collect and why we collect it
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
On some pages, you can make requests to our company. The personal information collected on these pages may include:
- Email address
- Phone number
This information is used to contact you about our services, which you have requested and consented to in our contact form.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Who we share your data with
We do not share your data with anyone.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service. Our contact form asks customers to enter sensitive information. That information is protected by 256-bit encryption via SSL (Secure Sockets Layer) (More information about how SSL works can be found here).
Your contact information
Your contact information is kept private.
How we protect your data
To prevent unauthorized access, maintain data accuracy, and ensure the correct use of information, we have put in place appropriate physical, electronic, and managerial procedures to safeguard and secure the information we collect online. The servers that store personally identifiable information are in a secure environment, in a locked facility with 24/7 monitoring in place.
What data breach procedures we have in place
Our website undergoes an annual security audit to identify common security issues. In the event of a data breach, we will work with our host or the third-party service provider affected to determine the cause of the breach so it can be prevented from happening again. We will notify users who submitted a contact form on the site, this is the only user data we store for any time period. We will also notify the Colorado attorney general within 30 days if the number of potentially affected users is more than 500.
What third parties we receive data from
The content or services of third-party suppliers are incorporated into our site as part of the display, functionality, or user experience, such as fonts. The incorporation of third-party content is always subject to the third-party supplier being aware of your IP address; they cannot send content to your browser without an IP address. Your IP address is therefore required in order for the content to be shown or the service provided.
- We use external fonts from Google, Inc., (‘Google Fonts’). Google Fonts are incorporated when a Google server is accessed, usually in the USA. Google is certified under the EU-US Privacy Shield Agreement, thereby guaranteeing compliance with European data protection laws. For more information: https://www.google.com/intl/en/policies/privacy/.
- We use Font Awesome fonts loaded from a CDN on the site. Font Awesome requires an IP address to be collected and stored at the CDN location and collects data about what icon files are downloaded and when. For more information: https://fontawesome.com/privacy.
While we make every effort to preserve your privacy, personal information may be disclosed when required by law where we have a good-faith belief that such action is necessary to comply with a judicial proceeding, court order or legal process.
What automated decision making and/or profiling we do with user data
We do not have automated decision making processes or software, nor do we believe in profiling any data, other than by organizing it according to addresses and products bought.