WooCommerce.com Marketplace Support Privacy Policy

Hey there! Your privacy is extremely important to us here at SomewhereWarm.

To better protect your personal data, we are providing this WooCommerce.com Marketplace Support Privacy Policy (“Privacy Policy“), which applies to information that we collect about you when you contact our team, directly or via WooCommerce.com, in order to receive our Support Service for a product you have purchased under the WooCommerce.com Terms of Service.

This Privacy Policy supplements the WooCommerce.com Terms of Service, Privacy Policy and other applicable policies (“Terms and Policies“) and requires no further action on your part. It is effective as of May 25, 2018 (2018-05-25).

Scope of this Privacy Policy

As a WooCommerce.com Marketplace Developer, SomewhereWarm is fully committed to WooCommerce.com Privacy Policy, which governs the collection, use and sharing of personal information between you and WooCommerce.com.

This Privacy Policy does not supersede the WooCommerce.com Terms and Policies. It is provided to further explain how we use and share the information you provide to us when contacting our support team, directly or via WooCommerce.com.

Information We Collect

We only collect and store the information that you provide to us. This is necessary in order to fulfill our commitments to you under the WooCommerce.com Terms and Policies. The amount and type of information you provide depends on the nature of your request. It may include:

  • your name;
  • your email;
  • the product that your request is in reference to;
  • the start date and expiry date of the subscription for that product;
  • a description of the nature of your request, such as a description of an issue you need help with;
  • the website that your request is reference to;
  • technical data needed to answer to your enquiry, such as your website’s WooCommerce System Status Report, or details about your hosting environment;
  • other details provided while working with our personnel, which may or may not include personal information.

In some cases, we may ask WooCommerce.com personnel to confirm that you have an active subscription for the product referenced in your request.

Additionally, our team may ask you for temporary access to your website in order to collect information necessary to answer to your request. This includes (but is not limited to) information that, depending on the context, our team will use to:

  • assess the applicability of our products to your specific use case;
  • replicate a reported issue, isolate its cause and try or suggest fixes.

Beyond our commitments to you under the WooCommerce.com Terms and Policies, we have no interest for and will not request, collect, store or disclose any other personal information whose purposes and means of processing is controlled by you.

How We Use Your Information

The information we collect from you is used to:

  • respond to your requests;
  • further develop, improve and personalize our products;
  • monitor and prevent any problems with our products;
  • protect the rights and property of SomewhereWarm and others;
  • in general, for the purpose of providing the Support Service and fulfilling our commitments to you and WooCommerce.com under the WooCommerce.com Terms and Policies and all other applicable agreements.

Note that, periodically, we may conduct research by analyzing information on an aggregate basis. Aggregated data cannot be used to identify you or other data subjects.

For details regarding our legal bases for collecting and using information, please refer to the WooCommerce.com Terms and Policies.

Sharing Information

We share information in the limited circumstances presented in the WooCommerce.com Privacy Policy.

To provide the Support Service to you we employ independent contractors, vendors and suppliers (“Third Party Vendors“) who provide services and products to us, such as hosting, email hosting and help desk software. In the course of providing products or services to us, these Third Party Vendors may have access to your personal information. We require that these Third Party Vendors:

  • protect the privacy of your personal information in a way that is consistent with the WooCommerce.com Privacy Policy and this Privacy Policy; and
  • not use or disclose your personal information for any purpose other than providing us with the products or services for which we contracted or as required by law.

To better protect your personal data, we are providing a list of Third Party Vendors who may process your information in the course of providing products or services to us:

Third Party Vendor Purpose
Help Scout Inc. Help desk services
Linode LLC Cloud infrastructure hosting
Google LLC Email hosting

How We Protect Your Information

We collect personal information only to the extent strictly necessary for the purpose of providing the Support Service, in accordance with our commitments to you under the WooCommerce.com Terms and Policies and any further written instructions from you. Additionally, all personal information that you disclose to our team is treated as confidential.

We take reasonable steps to protect all information you provide to us from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no online service is ever fully secure or error free. In particular, email sent to or from us may not be secure. Please take special care in deciding what information you send to us via email, and avoid giving our team access to production websites.

Additionally, no website can fully eliminate security risks. Third parties may circumvent our security measures to unlawfully intercept or access personal information or private communications. We will post a reasonably prominent notice to the Website if any such security breach is discovered and notify you and any relevant regulators or authorities of any security incident that may have resulted in an unlawful interception of personal information.

Your Responsibilities as a Data Controller

Please keep in mind that it is your responsibility to:

  1. Ensure that you have all necessary rights to share any personal information in connection with the provision of our Support Service.
  2. Obtain all necessary data subject consents, and maintain a record of such consents, including any consent to use personal data that is obtained from third parties. Should such consent be revoked by a data subject, you are responsible for communicating the fact of such revocation to us.
  3. Remove or anonymize any personal information on your website, if required to do so, before providing access to our team. For example, you may create a staging website, remove all user and customer data on the staging site, and then give our personnel access to the staging site.
  4. Take all necessary security precautions and measures to prevent third parties from unlawfully or accidentally accessing your website and and processing, using, deleting, or damaging personal data, confidential information and intellectual property.
  5. In general, understand your legal obligations to protect personal data as a data Controller and other data that may be confidential.

When providing our team with temporary access to your website, it is very important to:

  1. Never share any login details with us directly.
  2. Take all necessary measures to prevent unauthorized access to your website, for example by enabling two-factor authentication for the temporary user account you created for our team.
  3. Delete this temporary user account when we are finished working with you, and never keep it active for more than 3 days after receiving our last reply.
  4. Never give our team access to a production version of your website. Always create a staging/test version of your site and if necessary take care to remove any personal or confidential information.

Your Rights Over Your Data

For information about your right to request the restriction of certain uses and disclosures of personally identifiable information, please refer to the WooCommerce.com Privacy Policy.

You may contact us with a request to exercise any of your rights.

Note that it is not technologically possible to update or remove each and every record of the information you have provided to us. The need to back up data to protect information from inadvertent loss means that a copy of your information may exist in a form that cannot be accessed. Promptly after receiving your request, all personal information stored in databases we actively use, and other readily searchable media will be updated, corrected, changed or deleted, as appropriate, as soon as and to the extent reasonably and technically possible.

Changes to this Privacy Policy

We may amend this Privacy Policy from time to time. When we do, we will also revise its Effective Date. We encourage you to periodically review this Privacy Policy to stay informed about how we are protecting the personal information we collect from you.

Questions

If you have any questions about the way we handle your Privacy, or any requests, please contact us at privacy@somewherewarm.com.

Glossary

We“, “Us“, “Our” and “Our Team” are references to SomewhereWarm SMPC, a company registered and incorporated in Greece with registration number 141275601000;

You” and “Your” refers to the individual, company or organization that requests our Support Service for a product purchased under the WooCommerce.com Terms and Policies;

Effective Date” means the effective data of this Privacy Policy;

Data Subjects” refers to: i) consumers or users of goods or services provided by; or ii) any personnel or subcontractors of; an individual, company or organization requesting our Support Service under the WooCommerce.com Terms and Policies;

Personal Data” and “Personal Information” refers to any data relating directly or indirectly to an identifiable data subject, and does not include any data that is anonymized, aggregated, de-identified and/or compiled on a generic basis and which does not name or identify a specific individual, directly or indirectly;

Controller” is the party that determines the purposes and means of the processing of personal data under the EU’s General Data Protection Regulation.