Add a Privacy Policy to Your Squarespace Site

# Privacy Policy

**Last updated:** [Insert Date]

Welcome to Ember & Oak ("we," "us," or "our"). We operate the website [emberandoak.com](https://emberandoak.com) and sell handmade candles online. Your privacy matters to us, and this policy explains what information we collect, how we use it, and the choices you have.

---

## Information We Collect

When you visit our website, place an order, or sign up for our newsletter, we may collect the following information:

- **Personal details you provide:** your name, email address, and shipping address when you place an order.
- **Order information:** products purchased, order totals, and transaction details (payment information is processed securely by our payment provider — we do not store your full card details).
- **Newsletter sign-ups:** your email address if you subscribe to our mailing list.
- **Automatically collected data:** information like IP address, browser type, device information, referring site, pages visited, and time spent on the site, gathered through Squarespace Analytics.

---

## How We Use Your Information

We use the information we collect to:

- Process and ship your orders.
- Communicate with you about your purchases (order confirmations, shipping updates, customer service).
- Send you our newsletter and product updates, if you have opted in.
- Improve our website, product offerings, and customer experience.
- Comply with legal obligations (such as tax and recordkeeping requirements).

We do not sell your personal information to third parties.

---

## Cookies & Tracking

Our website uses cookies and similar tracking technologies to help the site function properly and to understand how visitors use it. Cookies may be used to:

- Remember items in your cart.
- Keep you signed in during your visit.
- Measure site traffic and performance via Squarespace Analytics.

You can control or disable cookies through your browser settings. Please note that disabling cookies may affect your shopping experience.

---

## Third-Party Services

We work with trusted third-party providers to run our business. These services may process limited personal information on our behalf:

- **Squarespace** – hosts our website and provides Squarespace Analytics. See Squarespace's [Privacy Policy](https://www.squarespace.com/privacy).
- **Mailchimp** – manages our email newsletter subscriptions. See Mailchimp's [Privacy Policy](https://www.intuit.com/privacy/statement/).
- **Payment processors** (e.g., Stripe, PayPal) – securely handle payment transactions.
- **Shipping carriers** – deliver your orders to your provided shipping address.

These providers are only permitted to use your data to perform services for us.

---

## Your Rights Under GDPR & CCPA

Depending on where you live, you may have the following rights regarding your personal data:

**If you are in the European Union (GDPR):**
- The right to access the personal data we hold about you.
- The right to correct inaccurate or incomplete data.
- The right to request deletion ("right to be forgotten").
- The right to object to or restrict processing.
- The right to data portability.
- The right to withdraw consent at any time (for example, by unsubscribing from our newsletter).
- The right to lodge a complaint with your local data protection authority.

**If you are a California resident (CCPA):**
- The right to know what personal information we collect and how it is used.
- The right to request deletion of your personal information.
- The right to opt out of the sale of personal information (we do not sell your data).
- The right not to be discriminated against for exercising your rights.

To exercise any of these rights, please email us at **hello@emberandoak.com**.

---

## Data Retention

We keep your personal information only as long as necessary:

- **Order records:** retained for up to 7 years to meet tax and legal requirements.
- **Newsletter subscribers:** retained until you unsubscribe or ask us to delete your information.
- **Analytics data:** retained according to Squarespace's default retention settings.

When your information is no longer needed, we securely delete or anonymize it.

---

## International Data Transfers

We ship to and serve customers in both the United States and the European Union. Your personal data may be transferred to, stored, or processed in a country outside your own. Where required by law, we use appropriate safeguards (such as Standard Contractual Clauses) to protect your data during such transfers.

---

## Children's Privacy

Our website and products are not intended for children under the age of 13 (or 16 in the EU). We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

---

## Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes to our practices or for legal reasons. When we do, we will revise the "Last updated" date at the top of this page. We encourage you to review this policy periodically.

---

## Contact Us

If you have questions about this Privacy Policy or would like to exercise your privacy rights, please contact us:

**Ember & Oak**
Email: **hello@emberandoak.com**
Website: [emberandoak.com](https://emberandoak.com)

---

---

## How to Add This Privacy Policy to Your Squarespace Site

Follow these steps to publish this policy on your Squarespace website:

1. **Log in** to your Squarespace account and open your site dashboard.
2. In the left-hand menu, click **Pages**.
3. Click the **+ (plus)** icon and choose **Blank Page** (you may also file it under "Not Linked" so it doesn't appear in your main navigation).
4. Name the page **"Privacy Policy"**.
5. Click into the page, add a **Text Block**, and paste this entire policy into it.
6. Update the **"Last updated"** date at the top.
7. Click **Save**.

**To link the policy in your footer:**

1. Go to any page on your site and scroll to the footer.
2. Click **Edit Footer** (or **Edit** on the footer section).
3. Add a **Text Block** or **Navigation** element in the footer.
4. Insert the text "Privacy Policy" and link it to your new Privacy Policy page.
5. Click **Save** — your policy will now appear on every page of your site.

That's it! Your privacy policy is live and accessible to

# Privacy Policy

**Last updated:** [Insert date]

---

## Introduction

Ember & Oak ("we," "us," "our," or "Company") operates the website emberandoak.com (the "Site"). We are committed to protecting your privacy and ensuring you have a positive experience on our Site and when conducting business with us.

This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data. By accessing or using our Site, you agree to the terms of this Privacy Policy.

---

## Information We Collect

We collect information you provide directly to us and information collected automatically when you visit our Site.

**Information You Provide:**
- Name
- Email address
- Shipping address
- Phone number (optional)
- Payment information (processed securely through Squarespace)
- Any messages or inquiries you send us

**Information Collected Automatically:**
- IP address
- Browser type and version
- Pages visited on our Site
- Time and date of your visit
- Referring website
- Device type

---

## How We Use Your Information

We use the information we collect to:
- Process and fulfill your orders
- Send order confirmations and shipping updates
- Respond to your inquiries and customer service requests
- Send marketing emails and newsletters (only with your consent via Mailchimp)
- Improve our Site, products, and services
- Prevent fraud and ensure Site security
- Comply with legal obligations

We do not sell your personal information to third parties.

---

## Cookies & Tracking

Our Site uses cookies and similar tracking technologies to:
- Remember your preferences
- Understand how you use our Site
- Improve user experience
- Track analytics through Squarespace Analytics

You can control cookies through your browser settings. Disabling cookies may affect Site functionality.

---

## Third-Party Services

**Squarespace:** Our Site is hosted on Squarespace, which may collect information subject to their Privacy Policy.

**Squarespace Analytics:** We use Squarespace's built-in analytics tools to understand visitor behavior and Site performance. This data is anonymized and used only to improve our Site.

**Mailchimp:** We use Mailchimp to manage our newsletter. When you sign up, your email is shared with Mailchimp in accordance with their Privacy Policy. You can unsubscribe at any time using the link in any email.

**Payment Processing:** Payment information is processed securely through Squarespace's payment processors and is not stored on our servers.

---

## Your Rights Under GDPR and CCPA

**If you are located in the EU (GDPR):**
- Right to access your personal data
- Right to correct inaccurate data
- Right to request deletion of your data
- Right to restrict processing
- Right to data portability
- Right to object to processing
- Right to withdraw consent at any time

**If you are located in California (CCPA):**
- Right to know what personal information is collected
- Right to delete personal information (with exceptions)
- Right to opt-out of the sale of personal information
- Right to non-discrimination for exercising your rights

To exercise any of these rights, contact us at hello@emberandoak.com with your request.

---

## Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this policy, including:
- Order fulfillment: Until your order is complete
- Customer service: For 3 years after your last interaction
- Marketing: Until you unsubscribe from our newsletter
- Legal compliance: As required by law

---

## Children's Privacy

Our Site is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we become aware that a child has provided us with personal information, we will take steps to delete such information and terminate the child's account.

---

## International Data Transfers

We ship to customers in the US and EU. If you are located in the EU, please note that your data may be transferred outside the EU for order fulfillment. By providing your information, you consent to this transfer in accordance with GDPR.

---

## Data Security

We take reasonable measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the internet is 100% secure. We encourage you to use strong passwords and contact us immediately if you suspect unauthorized access.

---

## Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Your continued use of our Site following changes constitutes your acceptance of the updated policy.

---

## Contact Us

If you have questions about this Privacy Policy, your personal information, or wish to exercise your rights, please contact us:

**Ember & Oak**  
Email: hello@emberandoak.com  
Website: emberandoak.com

We will respond to your inquiry within 30 days.

---

## Setup Instructions

1. Log in to your Squarespace account
2. Navigate to **Pages** in the left sidebar
3. Click the **+** button to create a new page
4. Select **Blank Page**
5. Name the page "Privacy Policy"
6. Copy and paste the entire policy above into the page content area
7. Click **Publish**
8. Go to **Website Settings** > **Footer** and add a link to your Privacy Policy page
9. Update the "Last updated" date at the top with today's date

Your privacy policy is now live and accessible to your customers.

**Last updated:** [Month Day, Year]

## Privacy Policy

Ember & Oak (“we,” “us,” or “our”) respects your privacy and is committed to protecting your personal information. This Privacy Policy explains what information we collect through emberandoak.com, how we use it, and the choices you may have regarding your information.

This policy applies to our website, online store, newsletter sign-ups, and related services.

## Information We Collect

We may collect the following personal information when you visit our website, place an order, sign up for our newsletter, or contact us:

- Name
- Email address
- Shipping address
- Order details
- Information you provide when contacting us

We may also collect certain website usage information automatically, such as:

- IP address
- Browser type
- Device information
- Pages visited
- Time spent on the site
- Referring website or source

This information may be collected through cookies, analytics tools, and similar tracking technologies.

## How We Use It

We use your information to:

- Process and fulfill orders
- Send order confirmations, shipping updates, and customer service messages
- Respond to questions or support requests
- Send marketing emails and newsletters if you choose to subscribe
- Improve our website, products, and customer experience
- Monitor website performance and visitor activity
- Comply with legal or regulatory obligations

We only use your personal information where we have a valid reason to do so, including fulfilling a contract, complying with legal obligations, pursuing legitimate business interests, or based on your consent where required.

## Cookies & Tracking

Our website may use cookies and similar technologies to help the site function properly, remember visitor preferences, and understand how people use the site.

Cookies may be used to:

- Enable website features and checkout functions
- Analyze traffic and visitor behavior
- Improve site performance
- Support marketing and email sign-up features

You can usually control or disable cookies through your browser settings. Please note that disabling some cookies may affect how the website functions.

## Third-Party Services

We use third-party services to operate our website and business. These providers may collect, process, or store personal information on our behalf.

### Squarespace

Our website is hosted on Squarespace. Squarespace may collect personal information you provide through the site, such as order details and contact information, and may also collect technical and usage data needed to operate the website.

### Squarespace Analytics

We use Squarespace Analytics to understand how visitors use our site. This may include information such as:

- Page views
- Traffic sources
- Device and browser information
- General location information
- Shopping and checkout activity

This helps us improve our website and customer experience.

### Mailchimp

If you sign up for our newsletter, your name and email address may be collected and stored by Mailchimp so we can send you email updates, promotions, and news about Ember & Oak.

You can unsubscribe from marketing emails at any time by clicking the unsubscribe link in any email or by contacting us directly.

## How We Share Information

We do not sell your personal information.

We may share your information only in limited situations, such as:

- With service providers that help us run our website, process orders, send emails, or analyze site traffic
- When necessary to comply with laws, regulations, legal processes, or government requests
- To protect our rights, property, or safety, or that of our customers or others
- As part of a business transfer, if our business is ever sold or reorganized

## International Customers

We ship to customers in the United States and the European Union. If you are located outside the country where our website or service providers operate, your information may be transferred to and processed in other countries.

By using our website or placing an order, you understand that your information may be transferred to countries that may have different data protection laws than your country of residence.

## Your Rights under GDPR/CCPA

Depending on where you live, you may have certain privacy rights regarding your personal information.

### For individuals in the European Economic Area, UK, or similar regions

You may have the right to:

- Access the personal information we hold about you
- Request correction of inaccurate information
- Request deletion of your personal information
- Object to or restrict certain processing
- Request portability of your information
- Withdraw consent where processing is based on consent

### For California residents

If applicable under the California Consumer Privacy Act (CCPA) or similar laws, you may have the right to:

- Know what personal information we collect and how we use it
- Request deletion of your personal information
- Request correction of inaccurate personal information
- Opt out of the sale or sharing of personal information, if applicable

We do not sell your personal information.

To exercise any of these rights, please contact us using the email listed below. We may need to verify your identity before processing your request.

## Data Retention

We keep personal information only for as long as reasonably necessary for the purposes described in this policy, including:

- Fulfilling orders
- Providing customer service
- Maintaining business and tax records
- Meeting legal, regulatory, or accounting requirements
- Managing newsletter subscriptions and unsubscribe requests

When we no longer need your information, we will delete it or securely store it as required by law.

## Data Security

We take reasonable steps to protect your personal information from unauthorized access, loss, misuse, or disclosure. However, no internet transmission or electronic storage system is guaranteed to be completely secure, so we cannot guarantee absolute security.

## Children's Privacy

Our website and products are not directed to children under 13, and we do not knowingly collect personal information from children under 13.

If you believe a child has provided personal information to us, please contact us and we will take appropriate steps to delete that information.

## Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or website services.

When we make changes, we will update the “Last updated” date at the top of this page. Your continued use of the website after changes are posted means you accept the updated policy.

## Contact Us

If you have questions about this Privacy Policy or would like to exercise your privacy rights, please contact us at:

**Ember & Oak**  
**Email:** hello@emberandoak.com  
**Website:** emberandoak.com

## Squarespace Setup Instructions

1. In Squarespace, go to **Pages**.
2. Click the **+** icon to add a new page.
3. Choose **Blank Page**.
4. Name the page **Privacy Policy**.
5. Paste this full policy into a text block.
6. Update the **Last updated** date at the top.
7. Save and publish the page.
8. Add a link to this page in your **site footer** so visitors can easily access it.

Of course. Here is a complete, ready-to-paste privacy policy for Ember & Oak, tailored to your Squarespace site and business operations.

***

Last updated: [Date]

## Privacy Policy for Ember & Oak

Welcome to Ember & Oak. Your privacy is important to us. This Privacy Policy explains how

## Last updated: [Insert Date, e.g., October 10, 2023]

Welcome to the Privacy Policy for Ember & Oak, a small handmade candle shop at emberandoak.com. We respect your privacy and are committed to protecting your personal information. This policy explains how we collect, use, and safeguard your data when you visit our site, place orders, or sign up for our newsletter. By using our site, you agree to these practices.

## Information We Collect

We collect limited personal information to process orders and provide services. This includes:

- **Order details**: Name, email address, shipping address, and payment information (processed securely via Squarespace Commerce).
- **Newsletter signups**: Email address via Mailchimp.
- **Site usage**: Automatically collected data like IP address, browser type, and pages visited through Squarespace Analytics.
- **Contact form submissions**: Name and email if you reach out to us.

We do not collect sensitive information like race, religion, or health data.

## How We Use It

Your information helps us:

- Process and ship orders to US and EU customers.
- Send order confirmations, shipping updates, and promotional emails (you can unsubscribe anytime).
- Improve our site and products based on analytics.
- Respond to your inquiries via hello@emberandoak.com.

We never sell your data to third parties.

## Cookies & Tracking

We use cookies to enhance your experience:

- **Essential cookies**: For site functionality, like maintaining your cart.
- **Analytics cookies**: Squarespace Analytics tracks visits anonymously to understand site performance (e.g., page views, traffic sources).
- **Marketing cookies**: Mailchimp cookies for newsletter tracking.

You can manage cookies via your browser settings. Note: Disabling cookies may limit site features. We comply with EU cookie laws (e.g., consent banners via Squarespace).

## Third-Party Services

We partner with trusted services that may access your data:

- **Squarespace**: Hosts our site, processes payments, and provides Analytics (data stored in the US; see their [Privacy Policy](https://www.squarespace.com/privacy)).
- **Mailchimp**: Manages newsletters (US-based; EU data protections apply; see their [Privacy Policy](https://mailchimp.com/legal/privacy/)).
- **Shipping carriers** (e.g., USPS, UPS): Receive shipping addresses for delivery only.

These providers are GDPR/CCPA compliant and use secure transfers.

## Your Rights under GDPR/CCPA

If you're in the EU (GDPR) or California (CCPA), you have rights:

- **Access**: Request a copy of your data.
- **Correction**: Update inaccurate info.
- **Deletion**: Ask us to erase your data (except for legal obligations like order records).
- **Opt-out**: Unsubscribe from emails or sales (CCPA); object to processing (GDPR).
- **Portability**: Get your data in a usable format.

Email hello@emberandoak.com to exercise rights. We'll respond within 30-45 days. No discrimination for CCPA requests.

## Data Retention

We keep data only as needed:

- Order info: 7 years for legal/tax reasons.
- Newsletter emails: Until you unsubscribe or request deletion.
- Analytics: Aggregated and anonymized after 26 months (Squarespace standard).

Data is securely deleted or anonymized afterward.

## Children's Privacy

Our site is not for children under 16 (EU) or 13 (US). We do not knowingly collect data from kids. If we learn of such data, we'll delete it promptly. Parents/guardians: Contact us at hello@emberandoak.com.

## Changes to This Policy

We may update this policy to reflect changes. We'll notify you via email or a site notice. Check back periodically. Continued use after changes means acceptance.

## Contact Us

Questions? Email us at **hello@emberandoak.com**. We're a small shop and respond within 48 hours.

---

**Setup Instructions:**  
1. Log in to your Squarespace dashboard.  
2. Go to **Pages** > **+** (Add Page) > **Blank Page**.  
3. Title it "Privacy Policy" and paste the full policy above into a **Text Block**.  
4. Style as needed (e.g., add H2 formatting if not auto-detected).  
5. Save and publish.  
6. Link it in your site footer: Edit Footer > Add Link > Select the Privacy Policy page.  
Replace **[Insert Date]** with today's date and customize links if needed. You're all set!