- I do not share your information. The only organizations with potential access to your information are the essential suppliers and associates who help me manage my business, this website, its services, and products. Their access to your stored information is typically restricted to providing automated data storage and processing.
- In order provide the level of customer service that I would expect to receive, I do keep most of the information I collect indefinitely so that should you contact me today, tomorrow, next week or in ten years’ time I’ll know what products you’ve purchased and what communications we may have exchanged.
- I will be open and honest with you about what information I collect, what I use it for, and who has access to it.
- Maintaining the security of my website and business records is vital to me, and to ensure that The Blue Bottle Tree retains your trust. For this reason I will continue to invest in premium security products.
If you’ve got any questions about this policy, my use of your information, or need to change, delete, or download information I may hold about you, please visit the Manage my data page.
2. The Blue Bottle Tree
The Blue Bottle Tree is a trading subsidiary of Davis-Allman LLC, a limited company registered in the State of Missouri, United States of America. The Blue Bottle Tree is managed by Ginger Davis Allman who acts as the Data Controller for the purposes of GDPR.
Davis Allman LLC is co-owned and operated by Ginger Davis Allman and Gary Allman.
The Blue Bottle Tree
610-A E. Battlefield #102
Springfield, MO 65807
3. GDPR Compliance Statement
We’ve (I’m good, but I couldn’t do all this on my own!) performed a data and data processing audit, poked around under the hood, checked the oil, kicked the tires, and then examined and contemplated how I collect and use the data I hold about my customers and subscribers. The results have been reviewed, and where necessary we have documented, amended, and enhanced my data collection, processing, retention, management, and security activities in-line with the regulations set out in GDPR. This process has been undertaken in a manner appropriate to the business’s turnover and resources.
In plain language: The Blue Bottle Tree is a family-run business, and we have reviewed, documented, and implemented whatever we have found to be necessary for a business our size to be compliant with the General Data Protection Regulation.
4. Your Data
If you visit The Blue Bottle Tree
Our server will record the site you came from — if you were following a link — the time, your IP address, country, browser, computer operating system, and where you go next. This information is only used on very rare occasions for diagnostic and/or security purposes when we are trying to track down the cause of a problem. This information is deleted each month.
Our website security software also monitors your IP address and country of origin. Only the last 2,000 records are kept so they get purged very quickly — unless, that is, you try to hack into our website (where’s the ‘wag your finger’ emoticon when you need it?) In which case your information is recorded so that the security software can monitor future accesses and block you if you are very naughty.
We use Google Analytics to monitor and analyze how people use The Blue Bottle Tree. We’ve set Analytics so that it automatically anonymizes IP addresses so that we can’t track back a visitor’s use of the site to an individual. Analytics does collect generalized location data, the time, referring website, the type of device and software you are using. All of which has helped guide us in developing the website. Google, being Google, may know a whole lot more about you, and some of that information is available to us statistically. For example, the age range of visitors, interests, how many visitors are male or female — but all of this information is aggregated together to make it anonymous.
In plain language: Software monitors what you do, and information about your location and device. This is so that I can improve the service I provide and to protect my site from hackers and malware. Detailed information is deleted monthly, and the data I have access to is anonymized so I have no idea who you are.
If you comment on an article on our website
In plain language: This one’s obvious, don’t expect to hide behind a cloak of anonymity if you want to make a comment.
If you make a purchase
I get to know what you purchased, how much you paid, your email address, and your name. Basically the essentials I need to be able to check that your order is correctly fulfilled, that you haven’t just ordered something you’ve previously purchased, and to assist me in helping you with any problems you might have.
You’ll be added to our emailing database of customers which is held and managed by MailerLite. That information will be used to advise you of the release of updates to the products you’ve purchased, and if you’ve signed up specifically to receive emails, you’ll receive regular, ongoing emails from me too — See “If you sign up to receive email updates”, below.
The order fulfillment emails I send to you include ‘beacons’ which are typically tiny image files, which enable me to see if an email has been opened, and I can track if you’ve downloaded your purchase — again essential for people having difficulties.
I do not have access to your payment details, that information is only available to whichever service you chose for your payment — either Stripe or PayPal. Got a question about your payment? Contact whichever provider you selected.
In plain language: I only collect and keep the information I need to fulfill your order and deal with any future inquiries. I do not have your payment details — that’s between you and PayPal or Stripe.
If you sign up to receive email updates
You’ll be added to our emailing database which is held and managed by MailerLite. The emails I send to you include ‘beacons’ which are typically tiny image files, which enable me to see if an email has been opened. This enables me to see how well-read my emails are, and I also use the information to manage the size of my email list.
Sending email costs money and the more people I send mail to, the more it costs. To manage my costs, at ad-hoc intervals I send a reminder to people who haven’t been reading my emails, and I only retain those people who specifically request that I don’t remove them from my mailing lists.
If you complete a review or testimonial
If you contact me with a question
I’ll keep your email address, and copies of your correspondence indefinitely, so that each time you contact me I can remind myself of any previous conversations.
What Third Parties Have Access to Your Information
First off, to be very clear, we do not actively share your information with anyone. However, we do have a number of suppliers that provide services that help us in processing, managing, storing, responding to, and most important, protecting your information.
If You Visit TheBlueBottleTree.com
- DropBox Inc., United States: Website & database backup storage
- Defiant Inc:, United States Website security services, intrusion prevention, malware scans etc.
- Automattic Inc., United States: Website security services, additional intrusion prevention. Scan comments for spam.
- Google – Alphatbet Inc, United States: Website analytics. Anonymized data about which pages have been visited and country of origin. Google will also organize this data by other information it may already know about you, enabling statistical analysis, but we can’t tie this information back to you.
- Time Capsule – Revmakx LLC , United States: Website backup.
- WPX Hosting – K Media Tech, LLC, Bulgaria: Website hosting and website backup.
If You Make A Purchase
- MailerLite, Lithuania: Email and marketing logistics. MailerLite keeps a record of your name, email address, email preferences, your orders, the emails you’ve been sent and if you’ve opened them.
- PayPal, United States: Payment handling, we have no access to this data, apart from your name, email address, and order details.
- Stripe, United States: Payment handling, we have no access to this data, apart from your name, email address, and order details.
- Quickbooks, -Intuit Inc., United States: Business accounting. Holds information on your name, email address and your order.
- Cloud Business, LLC, United States: Syncs order data between PayPal, Stripe, and Quickbooks, but does not store your data.
If You Sign Up To Receive Email Updates
- MailerLite (Lithuania) provides our Email and marketing logistics. MailerLite keeps a record of your name, email address, email preferences, your orders, the emails you’ve been sent, and if you’ve opened them. Your information is still retained after you ask us to stop sending you emails. This is primarily so that we can maintain a record of your request to stop sending you emails! It also lets us have the information on hand should you want to sign up again in the future.
If you contact me with a question
- Google – Alphatbet Inc, United States: provides my email services.
General Business Activities
- Microsoft Inc, United States: Cloud-based data storage
- Dropbox Inc, United States: Cloud-based data storage
- Quickbooks – Intuit Inc., United States: Business accounting. Holds information on your name, email address and your order.
5. Information Requests
We will comply with any bona fide requests for information from law enforcement and government agencies that we are legally obliged to provide, as set out in the laws of the State of Missouri, and the United States of America.
A cookie is a small text file that may be stored on your computer or mobile device that contains data related to a website you visit. It may allow a website “remember” your actions or preferences over a period of time, or it may contain data related to the function or delivery of the site. Cookies can be set by the owner of the website or in some cases by third party services the website owner allows to present other information, run content or provide other functionality such as analytics.
If you leave a comment on our site you may opt-in to save your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account with The Blue Bottle Tree and you log in to this site, a temporary cookie will be set to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
In plain language: If, for example I include a YouTube video, a picture from Flickr, or a Pinterest post, I have no control over what information they might collect — you’ll need to check with them.
7. How Long we Keep your Data and Removing Your Data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users who register on my website, we also store the personal information you provide in your user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Sales data is kept indefinitely — it helps us remind you if you’ve already bought a product, and inform you if I update a product you’ve bought. We are legally obliged to keep sales information for a minimum of six years.
If you contact me with a question I will keep your correspondence indefinitely so that I can refer back to it should you contact me with a further inquiry.
Your sign-up information is kept indefinitely. Your information is still retained after you ask us to stop sending you emails. This is primarily so that we can maintain a record of your request to stop sending you emails, and to have the information on hand should you want to sign up again in the future!
Otherwise known as the dreaded ‘Analytics’. This is collected anonymously and retained for 26 months. We use this information to assess changes and trends over time.
The maintenance of your presence on social media is the responsibility of the social media application’s providers (Facebook, Instagram, Twitter etc..) Social Media applications provide tools to delete comments and posts, and to close your accounts. It is your, and the social media provider’s responsibility to manage this.
In plain language: for example, do not ask us to delete your Facebooks comments and posts on our Groups or Pages. That’s your and Facebook’s responsibility.
Some Technical Stuff
Our server logs are automatically deleted every calendar month.
Our website security software only retains data of the last 2,000 accesses (so that clears very quickly, often in minutes)
Our security software keeps records of the internet addresses of people attempting to break into or damage the system — it uses this data to block their access, in some cases on a permanent basis.
In plain language: We clear out our automatically collected information regularly, and only retain data on the proverbial ‘bad actors’, so that we can monitor / block their activity in the future.
7. Take a Deep Breath
If you’ve made it this far, give yourself a well-earned pat on the back.
8. Data Management Policy
It is my policy to:
- Not share your information with anyone except:
- The technology suppliers that provide essential services and facilities needed to deliver my website, my products, and to enable me to provide the level of support and customer service I believe you deserve.
- in response to bona fide requests for information from law enforcement and government agencies that we are legally obliged to provide, as set out in the laws of the State of Missouri, and the United States of America.
- Myself, and any persons acting on my behalf to assist me in building, maintaining, and developing The Blue Bottle Tree and my associated business.
- To always be transparent in my collection of personal data, and use ‘double opt-in techniques’ on all my sign-ups.
- Limit use of this website to adults only. Please see my Terms and Conditions.
- Any persons employed to work on my website or business will be required to operate within the policies set out here.
- Technology suppliers with access to user/visitor data will be required to have appropriate GDPR compliance agreements.
- New developments will include a specific review of their information storage requirements, and these will be minimized wherever practicable
It is my policy to:
- Review this policy at least once a year. Or whenever we make a significant change to the underlying systems or processes.
- New developments will include a specific review of the information storage requirements, and the amount of personal information saved will be minimized wherever practicable.
- We will retain technical data (server and Security logs) for a maximum of 30 days.
- Aggregated Marketing Data will be held for a maximum of 26 months.
- All other data will be held indefinitely.
- We will purge my mailing lists of users who do not open my emails. The purges will take place on on a regular (but ad hoc) basis.
It is my Policy to:
- Review this policy at least once a year. Or whenever we make a significant change to the underlying systems or processes
- Employ recognized industry leading suppliers for the security systems deployed on our servers and computer systems.
- Enable access to the website only via secure links.
- Ensure that all administrative systems’ passwords are as strong as the systems allow.
- Inform in a timely manner via email any people whose data may have been revealed should our server or business computer systems be compromised in a manner that exposes their personal data.
- Use automated systems to monitor the security of the computer systems.
- Keep security software up to date via automated system updates.
- To monitor technical news services for upcoming threats and take any practical steps available to protect our systems.
It is my policy to:
- Restrict access to personal data to the minimum number of suppliers/people necessary to provide the services to be expected from The Blue Bottle Tree.
- Ensure the necessary security measures are in place to protect data on our webserver and business computers.
- We will review this policy at least once a year. Or whenever we make a significant change to the underlying systems or processes