Privacy Policy

Who we are

Our website address is: https://adventureinimagination.com.

What personal data we collect and why we collect it

While you visit our site, we’ll track:

  • Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
  • Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
  • Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!

We’ll also use cookies to keep track of basket contents while you’re browsing our site.

When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:

  • Send you information about your account and order
  • Respond to your requests, including refunds and complaints
  • Process payments and prevent fraud
  • Set up your account for our store
  • Comply with any legal obligations we have, such as calculating taxes
  • Improve our store offerings
  • Send you marketing messages, if you choose to receive them

If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.

We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for 10 years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service Privacy Policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms

We keep contact form submissions for 24 months for customer service purposes, but we do not use the information submitted through them for marketing purposes.

Cookies

If you leave a comment on our site you may opt in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

Data Issues Contact information

Your data is handled exclusively by our IT systems. If you wish to correspond with us on any issue relating to your data, please contact Christine Brown at [email protected]

Additional information

How we protect your data

We take appropriate and reasonable technical and organizational measures designed to protect Personal Information from loss, misuse, unauthorized access, disclosure, alteration, and destruction, taking into account the risks involved in the processing and the nature of the Personal Information. If you have any questions about the security of your Personal Information please contact Christine Brown at [email protected]

Accounts require a username and password to log in. Members must keep their username and password secure, and never disclose it to a third party.

What third parties we receive data from

What we collect and store

Who on our team has access

Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:

  • Order information like what was purchased, when it was purchased and where it should be sent, and
  • Customer information like your name, email address, and billing and shipping information.

Our team members have access to this information to help fulfill orders, process refunds and support you.

Who we share your data with & what we share.

We share information with third parties who help us provide our orders and store services to you;

This is currently PayPal, Akismet and MailChimp. Please see below for information regarding their privacy policies.

Payments and PayPal

We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information.

Please see the PayPal Privacy Policy for more details.

When shopping, we keep a record of your email and the cart contents for up to 30 days on our server. This record is kept to repopulate the contents of your cart if you switch devices or needed to come back another day. Read our privacy policy here.

Akismet Anti Spam Service

We collect information about visitors who comment on Sites that use our Akismet anti-spam service. The information we collect typically includes the commenter’s IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself).

Mailchimp

1. The Basics

A. About Us

Mailchimp is an online marketing platform operated by The Rocket Science Group LLC, a company headquartered in the State of Georgia in the United States (“we,” “us,” “our,” and “Mailchimp“).

Our Service enables our Members to, among other things, send and manage email campaigns across channels, serve advertisements, and create Websites and Landing Pages. We also provide other related services, such as real-time data analytics and insights to help our Members track and personalize their marketing activities. Find out more about our Service here.

B. Key Terms

In this privacy policy, these terms have the following meanings:

“Affiliate” means an entity that directly or indirectly Controls, is Controlled by or is under common Control with an entity.

Contact” is a person a Member may contact through our Service. In other words, a Contact is anyone on a Member’s Distribution List or about whom a Member has given us information. For example, if you are a Member, a subscriber to your email marketing campaigns would be considered a Contact.

“Control” means an ownership, voting or similar interest representing fifty percent (50%) or more of the total interests then outstanding of the entity in question. The term “Controlled” shall be construed accordingly.

Distribution List” is a list of Contacts a Member may upload or manage on our platform and all associated information related to those Contacts (for example, email addresses).

“Mailchimp Site(s)” has the meaning given to it in our Standard Terms of Use.

Member” means any person or entity that is registered with us to use the Service.

“Mobile App(s)” means any one or all of the Mailchimp applications available for Members to use on their mobile devices.

Personal Information” means any information that identifies or can be used to identify an individual directly or indirectly. Examples of Personal Information include, but are not limited to, first and last name, date of birth, email address, gender, occupation, or other demographic information.

“Service” has the meaning given to it in our Standard Terms of Use.

Visitor” means, depending on the context, any person who visits any of our Mailchimp Sites, offices, or otherwise engages with us at our events or in connection with our marketing or recruitment activities.

you” and “your” means, depending on the context, either a Member, a Contact, or a Visitor.

Privacy for Contacts

A. Information We Collect

The Personal Information that we may collect or receive about you broadly falls into the following categories:

(i) Information we receive about Contacts from our Members: A Member may provide Personal Information about you to us through the Service. When a Member uploads their Distribution List or integrates the Service with another website or service (for example, when a Member chooses to connect their e-commerce account with Mailchimp), or when you sign up for a Member’s Distribution List on a Mailchimp or other signup form, the Member may provide us with certain contact information or other Personal Information about you such as your name, email address, address, or telephone number. You may have the opportunity to update some of this information by electing to update or manage your preferences via an email you receive from a Member.

(ii) Information we collect automatically: When you interact with an email campaign that you receive from a Member or browse or purchase from a Member’s connected store, we may collect information about your device and interaction with an email. We use cookies and other tracking technologies to collect some of this information. Our use of cookies and other tracking technologies is discussed more below and in more detail in our Cookie Statement available here.

  • Device information: We collect information about the device and applications you use to access emails sent through our Service, such as your IP address, your operating system, your browser ID, and other information about your system and connection.
  • Usage data: It is important for us to ensure the security and reliability of the Service we provide. Therefore, we also collect usage data about your interactions with campaigns (and/or emails) sent through the Service, which may include dates and times you access campaigns (and/or emails) and your browsing activities (such as what pages are viewed and which emails are opened). This information also allows us to ensure compliance with our Standard Terms of Use and Acceptable Use Policy, to monitor and prevent service abuse, and to ensure we attain certain usage standards and metrics in relation to our Service. We also collect information regarding the performance of the Service, including metrics related to the deliverability of emails and other electronic communications that our Members send through the Service. This information allows us to improve the content and operation of the Service and facilitate research and perform analysis into the use and performance of the Service.

(iii) Information we collect from other sources: From time to time, we may obtain information about you from third-party sources, such as social media platforms, and third-party data providers.

B. Use of Personal Information

We may use the Personal Information we collect or receive about you in reliance on our (and where applicable, our Members’) legitimate interests for the following purposes:

  • To enforce compliance with our Standard Terms of Use and applicable law. This may include utilizing usage data and developing tools and algorithms that help us prevent violations.
  • To protect the rights and safety of Members, third parties, or Mailchimp. For example, sometimes we review the content of our Members’ email campaigns to make sure they comply with our Standard Terms of Use. To improve that process, we have software that helps us find email campaigns that may violate our Standard Terms of Use. We, or our third-party service provider, may review those particular email campaigns, which may include your contact information. This reduces the amount of spam being sent through our servers and helps us maintain high deliverability.
  • To meet legal requirements, including complying with court orders, valid discovery requests, valid subpoenas, and other appropriate legal mechanisms.
  • To provide information to representatives and advisors, including attorneys and accountants, to help us comply with legal, accounting, or security requirements.
  • To prosecute and defend a court, arbitration, or similar legal proceeding.
  • To respond to lawful requests by public authorities, including to meet national security or law enforcement requirements.
  • To provide, support and improve the Service. For example, this may include sharing your information with third parties in order to provide and support our Service or to make certain features of the Service available to our Members. When we share Personal Information with third parties, we take steps to protect your information in a manner that is consistent with applicable privacy laws. For further information about how we share information, refer to Section 5 below.
  • To perform data analytics projects. Our data analytics projects use data from Mailchimp accounts, including your Personal Information, to provide and improve the Service. We use information, like your purchase history, provided to us by Members, so we can make more informed predictions, decisions, and products for our Members. For example, we use data from Mailchimp accounts to enable product recommendation, audience segmentation, and predicted demographics features for our Members. If you prefer your data not to be used in this manner, you can opt out of data analytics projects at any time by completing this form or emailing us at [email protected]
  • To carry out other business purposes. To carry out other legitimate business purposes, as well as other lawful purposes about which we will notify you.

C. Cookies and Tracking Technologies

We and our third-party partners may use various technologies to automatically collect and store certain device and usage information (as discussed above) when you interact with a Member’s email campaign or connected store, and this may include using cookies and similar tracking technologies, such as pixels and web beacons or if a Member is using our Mobile App, we may collect this information through our SDKs deployed on our Members mobile device. For example, we use web beacons in the emails we send on behalf of our Members. When you receive and engage with a Member’s campaign, web beacons track certain behavior such as whether the email sent through the Mailchimp platform was delivered and opened and whether links within the email were clicked. Both web beacons and SDKs allow us to collect information such as your IP address, browser, email client type, and other similar data as further described above. We use this information to measure the performance of our Members’ email campaigns, and to provide analytics information and enhance the effectiveness of our Service, and for the other purposes described above.

Our use of cookies and other tracking technologies is discussed in more detail in our Cookie Statement available here.

D. Your Data Protection Rights

Depending on the country in which you reside, you may have the following data protection rights:

  • To access; correct; update; port; delete; restrict or object to our processing of your Personal Information.
  • For more information about how you can exercise these rights, please see our Data Subject Requests form. You also have the right to complain to a data protection authority about our collection and use of your Personal Information. For more information, please contact your local data protection authority. Contact details for data protection authorities in the EEA are available here.

As described above, for much of the Personal Information we collect and process about Contacts through the Service, we act as a processor on behalf of our Members. In such cases, if you are a Contact and want to exercise any data protection rights that may be available to you under applicable law or have questions or concerns about how your Personal Information is handled by Mailchimp as a processor on behalf of our individual Members, you should contact the relevant Member that is using the Mailchimp Service, and refer to their separate privacy policies.

If you no longer want to be contacted by one of our Members through our Service, please unsubscribe directly from that Member’s newsletter or contact the Member directly to update or delete your data. If you contact us directly, we may either forward your request to the relevant Member or provide you with the identity of the Member to enable you to contact them directly.

We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. We may ask you to verify your identity in order to help us respond efficiently to your request.

General Information

A. How We Share Information

We may share and disclose your Personal Information with our Affiliates and to the following types of third parties for the purposes described in this privacy policy (for purposes of this section, “you” and “your” refer to Members, Contacts, and Visitors unless otherwise indicated). Our Affiliates include Courier Holdings Ltd. located in the United Kingdom. You can learn more about Courier and its privacy practices here.

(i) Our service providers: Sometimes, we share your information with our third-party service providers working on our behalf for the purposes described in this privacy policy. For example, companies we’ve hired to help us provide and support our Service or assist in protecting and securing our systems and services and other business-related functions.

Other examples include analyzing data, hosting data, engaging technical support for our Service, processing payments, and delivering content.

We use YouTube’s API services in connection with our Service to provide certain features. As such, you acknowledge and agree that by signing up for an account and using the Service, you are also bound by Google’s Privacy Policy. In addition to the rights set forth in Section 2, you may manage your YouTube API data by visiting Google’s security settings page at https://security.google.com/settings/security/permissions

In connection with our Service, we also use a third-party service provider, Twilio, Inc. We use Twilio’s API, which allows us to build features into our Mailchimp application to enable us to communicate with our Members through texting and calling, and their “Authy” product, which we use for two-factor authentication for our application. If you are a Member, Twilio may need to collect and process certain Personal Information about you as a controller to provide such services. To learn more about Twilio’s privacy practices, please visit https://www.twilio.com/legal/privacy

(ii) Advertising partners: We may partner with third-party advertising networks, exchanges, and social media platforms (like Facebook) to display advertising on the Mailchimp Sites or to manage and serve our advertising on other sites, and we may share Personal Information of Members and Visitors with them for this purpose. We and our third-party partners may use cookies and other similar tracking technologies, such as pixels and web beacons, to gather information about your activities on the Mailchimp Sites and other sites in order to provide you with targeted advertising based on your browsing activities and interests. For more information, please see our Cookie Statement available here.

(iii) Any competent law enforcement body, regulatory body, government agency, court or other third party where we believe disclosure is necessary (a) as a matter of applicable law or regulation, (b) to exercise, establish, or defend our legal rights, or (c) to protect your vital interests or those of any other person.

(iv) A potential buyer (and its agents and advisors) in the case of a sale, merger, consolidation, liquidation, reorganization, or acquisition. In that event, any acquirer will be subject to our obligations under this privacy policy, including your rights to access and choice. We will notify you of the change either by sending you an email or posting a notice on our Mailchimp Site.

(v) Any other person with your consent.

B. Legal Basis for Processing Personal Information (EEA and UK Persons Only)

If you are located in the EEA or UK, our legal basis for collecting and using the Personal Information described above will depend on the Personal Information concerned and the specific context in which we collect it.

However, we will normally collect and use Personal Information from you where the processing is in our legitimate interests and not overridden by your data-protection interests or fundamental rights and freedoms. Our legitimate interests are described in more detail in this privacy policy in the sections above titled “Use of Personal Information”, but they typically include improving, maintaining, providing, and enhancing our technology, products, and services; ensuring the security of the Service and our Mailchimp Sites; and supporting our marketing activities.

If you are a Member, we may need the Personal Information to perform a contract with you. In some limited cases, we may also have a legal obligation to collect Personal Information from you. If we ask you to provide Personal Information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your Personal Information is mandatory or not, as well as of the possible consequences if you do not provide your Personal Information.

Where required by law, we will collect Personal Information only where we have your consent to do so.

If you have questions or need further information concerning the legal basis on which we collect and use your Personal Information, please contact us using the contact details provided in the “Questions and Concerns” section below.

C. Your Choices and Opt-Outs

Members and Visitors who have opted in to our marketing emails can opt out of receiving marketing emails from us at any time by clicking the “unsubscribe” link at the bottom of our marketing messages.

Also, all opt-out requests can be made by emailing us using the contact details provided in the “Questions and Concerns” section below. Please note that some communications (such as service messages, account notifications, billing information) are considered transactional and necessary for account management, and Members cannot opt out of these messages unless you cancel your Mailchimp account.

D. Our Security

We take appropriate and reasonable technical and organizational measures designed to protect Personal Information from loss, misuse, unauthorized access, disclosure, alteration, and destruction, taking into account the risks involved in the processing and the nature of the Personal Information. For further information about our security practices, please see our Security page available here. If you have any questions about the security of your Personal Information, you may contact us at [email protected]

Mailchimp accounts require a username and password to log in. Members must keep their username and password secure, and never disclose it to a third party. Because the information in a Member’s Mailchimp account is private, account passwords are hashed, which means we cannot see a Member’s password. We cannot resend forgotten passwords either. We will only provide Members with instructions on how to reset them.

E. International Transfers

(i) We operate in the United States

Our servers and offices are located in the United States, so your information may be transferred to, stored, or processed in the United States. While the data protection, privacy, and other laws of the United States might not be as comprehensive as those in your country, we take many steps to protect your privacy, including offering our Members a Data Processing Agreement available here.

(ii) Data transfers from Switzerland, United Kingdom, or the EEA to the United States

Mailchimp participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. We are committed to subjecting all Personal Information received from EEA member countries, United Kingdom, and Switzerland, respectively, in reliance on each Privacy Shield Framework, to each Framework’s applicable Principles. To learn more about the Privacy Shield Frameworks, and to view our certification, visit the U.S. Department of Commerce’s Privacy Shield website available here.

A list of Privacy Shield participants is maintained by the Department of Commerce and is available here.

Mailchimp is responsible for the processing of Personal Information we receive under each Privacy Shield Framework and subsequently transfer to a third party acting as an agent on our behalf. We comply with the Privacy Shield Principles for all onward transfers of Personal Information from the EEA, United Kingdom, and Switzerland, including the onward transfer liability provisions.

With respect to Personal Information received or transferred pursuant to the Privacy Shield Frameworks, we are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge to you) at https://feedback-form.truste.com/watchdog/request. Under certain conditions, more fully described on the Privacy Shield website, here, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.

Members located in Switzerland, United Kingdom, and the EEA are subject to our Data Processing Addendum available here, as described in our Standard Terms of Use.

You may opt out of any marketing materials we send to you through an unsubscribe mechanism. If you have requested not to receive further direct marketing messages, we may continue to provide you with messages that are not regarded as “direct marketing” under the Australian Privacy Act, including changes to our terms, system alerts, and other information related to your account as permitted under the Australian Privacy Act and the Spam Act 2003 (Cth).

  • Our servers are located in the United States. In addition, we or our subcontractors may use cloud technology to store or process Personal Information, which may result in storage of data outside Australia. It is not practicable for us to specify in advance which country will have jurisdiction over this type of offshore activity. All of our subcontractors, however, are required to comply with the Australian Privacy Act in relation to the transfer or storage of Personal Information overseas.
  • We may also share your Personal Information outside of Australia to our business operations in other countries. While it is not practicable for us to specify in advance each country where your Personal Information may be disclosed, typically we may disclose your Personal Information to the United States, Canada and the European Union.
  • You may access the Personal Information we hold about you. If you wish to access your Personal Information, please contact us directly by emailing us at persona[email protected] We will respond to all requests for access within a reasonable time.

If you think the information we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading, we will take reasonable steps, consistent with our obligations under the Australian Privacy Act, to correct that information upon your request. If you find that the information we have is not up to date or is inaccurate or incomplete, please contact us in writing at [email protected], so we can update our records. We will respond to all requests for correction within a reasonable time.

  • If you are unsatisfied with our response to a privacy matter, you may consult either an independent advisor or contact the Office of the Australian Information Commissioner for additional help. We will provide our full cooperation if you pursue this course of action.

F. Retention of Data

We retain Personal Information where we have an ongoing legitimate business or legal need to do so. Our retention periods will vary depending on the type of data involved, but, generally, we’ll refer to these criteria in order to determine retention period:

  • Whether we have a legal or contractual need to retain the data.
  • Whether the data is necessary to provide our Service.
  • Whether our Members have the ability to access and delete the data within their Mailchimp accounts.
  • Whether our Members would reasonably expect that we would retain the data until they remove it or until their Mailchimp accounts are closed or terminated.

When we have no ongoing legitimate business need to process your Personal Information, we will either delete or anonymize it or, if this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible.

G. California Privacy

The California Consumer Privacy Act (“CCPA”) provides consumers with specific rights regarding their Personal Information. You have the right to request that businesses subject to the CCPA (which may include our Members with whom you have a relationship) disclose certain information to you about their collection and use of your Personal Information over the past 12 months. In addition, you have the right to ask such businesses to delete Personal Information collected from you, subject to certain exceptions. If the business sells Personal Information, you have a right to opt-out of that sale. Finally, a business cannot discriminate against you for exercising a CCPA right.

When offering services to its Members, Mailchimp acts as a “service provider” under the CCPA and our receipt and collection of any consumer Personal Information is completed on behalf of our Members in order for us to provide the Service. Please direct any requests for access or deletion of your Personal Information under the CCPA to the Member with whom you have a direct relationship.

Consistent with California law, if you choose to exercise your applicable CCPA rights, we won’t charge you different prices or provide you a different quality of services. If we ever offer a financial incentive or product enhancement that is contingent upon you providing your Personal Information, we will not do so unless the benefits to you are reasonably related to the value of the Personal Information that you provide to us.

H. Do not Track

Certain state laws require us to indicate whether we honor “Do Not Track” settings in your browser. Mailchimp adheres to the standards set out in this Privacy Policy and does not monitor or follow any Do Not Track browser requests.

I. Changes to this Policy

We may change this privacy policy at any time and from time to time. The most recent version of the privacy policy is reflected by the version date located at the top of this privacy policy. All updates and amendments are effective immediately upon notice, which we may give by any means, including, but not limited to, by posting a revised version of this privacy policy or other notice on the Mailchimp Sites. We encourage you to review this privacy policy often to stay informed of changes that may affect you. Our electronically or otherwise properly stored copies of this privacy policy are each deemed to be the true, complete, valid, authentic, and enforceable copy of the version of this privacy policy that was in effect on each respective date you visited the Mailchimp Site.

J. Questions & Concerns

If you have any questions or comments, or if you have a concern about the way in which we have handled any privacy matter, please use our contact form to send us a message. You may also contact us by postal mail or email at:

For EEA, Swiss and UK Residents:

For the purposes of EU data protection legislation, The Rocket Science Group LLC d/b/a Mailchimp is the controller of your Personal Information. Our Data Protection Officer can be contacted at [email protected].