Privacy Policy

Your privacy matters to us!

Heaven not Harvard should be a safe place to learn, share, and communicate about the precious word of God and our savior Jesus Christ and how to live with a Kingdom mindset and raise our children for Heaven, not Harvard. I will do my utmost to protect your data and will never use your data without your express permission.

But the reality is I don’t really understand a lot of how all this computer stuff works. I just write the pretty words, which is why I use trusted sites and apps with developers and lawyers who DO understand all this mumbo jumbo (links to their disclosures are included on this page).

I just want to inspire you to read your Bible and pray and live more focused on eternity than today, but today, in order to keep bringing you inspiring content, I have to make sure this site is compliant with the GDPR for my European users to the best of my ability.

If I missed something, please extend some grace and shoot me an email with your questions (heavennotharvardmom@gmail.com) because I can’t currently afford a fancy web developer to assist me with the technical stuff.

I want to keep everything legal, but the only cookies I really understand have chocolate chips.

I do hope all users can rest assured that we strive to keep everything completely confidential. Now for all the boring technical bits . . .

Who we are

This website address is: http://heavennotharvard.com and you can reach me (Jennifer DeFrates) via email at HeavennotHarvardmom@gmail.com if you have any questions or concerns.

Most of the important data we collect is done through Automattic plug-ins (Jetpack, WooCommerce, Gravatar, etc.) who maintain an extremely high level of protection for any information they collect.

What personal data we collect and why we collect it

Email List

If you choose to sign up for our email mailing list, we collect your first name, email address, email preferences, and IP address using MailerLite’s email hosting service. You can read their detailed privacy policy here. We collect this data in order to tailor the email experience & updates relevant and appropriate for you.

We want to make sure you get the content you asked for and you may opt out of any segment of our newsletter or unsubscribe at any time from the newsletter.

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Data Used: Commenter’s name, email address, and site URL (if provided via the comment form), timestamp, and IP address. Additionally, a jetpack.wordpress.com IFrame receives the following data: WordPress.com blog ID attached to the site, ID of the post on which the comment is being submitted, commenter’s local user ID (if available), commenter’s local username (if available), commenter’s site URL (if available), MD5 hash of the commenter’s email address (if available), and the comment content. If Akismet (also owned by Automattic) is enabled on the site, the following information is sent to the service for the sole purpose of spam checking: commenter’s name, email address, site URL, IP address, and user agent.

Activity Tracked: The comment author’s name, email address, and site URL (if provided during the comment submission) are stored in cookies. Learn more about these cookies.

Data Synced (?): All data and metadata (see above) associated with comments. This includes the status of the comment and, if Akismet is enabled on the site, whether or not it was classified as spam by Akismet.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms

If you choose to contact me via my Speaker page, your contact information is transmitted to me via my JetPack plug in (their privacy policy), but we only ask for your name, email, and website if applicable.

Data Used: If Akismet is enabled on the site, the contact form submission data — IP address, user agent, name, email address, website, and message — is submitted to the Akismet service (also owned by Automattic) for the sole purpose of spam checking. The actual submission data is stored in the database of the site on which it was submitted and is emailed directly to the owner of the form (i.e. the site author who published the page on which the contact form resides). This email will include the submitter’s IP address, timestamp, name, email address, website, and message.

Data Synced (?): Post and post meta data associated with a user’s contact form submission. If Akismet is enabled on the site, the IP address and user agent originally submitted with the comment are synced, as well, as they are stored in post meta.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year. If you would like your comment or information deleted, please contact me via email, heavennotharvardmom@gmail.com

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

So far, I’m the only one who publishes on my site, but if I ever invite someone to do so, here is the disclaimer. If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Advertiser Cookies

We do use advertisers that use cookies to provide you with advertising that appeals to you. However, we have done our best to set parameters for these ads that are consistent with our faith and strongly held family values. Please email HeavennotHarvardmom@gmail.com if you see an ad that is not family friendly on this site.

Heaven not Harvard is a participant in several affiliate programs including Share-a-Sale, ChristianBook.com and the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to ChristianBook.com, Amazon.com, or the various Share-a-Sale participants.

WooCommerce Services

Data Used: For payments with PayPal or Stripe: purchase total, currency, billing information. For taxes: the value of goods in the cart, value of shipping, destination address. For checkout rates: destination address, purchased product IDs, dimensions, weight, and quantities. For shipping labels: customer’s name, address as well as the dimensions, weight, and quantities of purchased products.

Data Synced (?): For payments, we send the purchase total, currency and customer’s billing information to the respective payment processor. Please see the respective third party’s privacy policy (Stripe’s Privacy Policy and PayPal’s Privacy Policy) for more details. For automated taxes we send the value of goods in the cart, the value of shipping, and the destination address to TaxJar. Please see TaxJar’s Privacy Policy for details about how they handle this information. For checkout rates we send the destination ZIP/postal code and purchased product dimensions, weight and quantities to USPS or Canada Post, depending on the service used. For shipping labels we send the customer’s name, address as well as the dimensions, weight, and quantities of purchased products to EasyPost. We also store the purchased shipping labels on our server to make it easy to reprint them and handle support requests.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

By default WordPress does not collect any analytics data. However, many web hosting accounts collect some anonymous analytics data. We use BlueHost as our hosting service. They are also GDPR compliant (see BlueHost privacy policy). From time to time, we may also use a WordPress plugins that provide analytics services. Currently, we use Jetpack and Google Analytics to measure our analytical data (see below).

Data Used: Please refer to the appropriate Google Analytics documentation for the specific type of data it collects. For sites running WooCommerce (also owned by Automattic) and this feature simultaneously and having all purchase tracking explicitly enabled, purchase events will send Google Analytics the following information: order number, product id and name, product category, total cost, and quantity of items purchased. Google Analytics does offer IP anonymization, which can be enabled by the site owner.

Activity Tracked: This feature sends page view events (and potentially video play events) over to Google Analytics for consumption. For sites running WooCommerce-powered stores, some additional events are also sent to Google Analytics: shopping cart additions and removals, product listing views and clicks, product detail views, and purchases. Tracking for each specific WooCommerce event needs to be enabled by the site owner.

Gravatar Hovercards

Data Used: This feature will send a hash of the user’s email address (if logged in to the site or WordPress.com — or if they submitted a comment on the site using their email address that is attached to an active Gravatar profile) to the Gravatar service (also owned by Automattic) in order to retrieve their profile image.

Infinite Scroll

Data Used: In order to record page views via WordPress.com Stats (which must be enabled for page view tracking here to work) with additional loads, the following information is used: IP address, WordPress.com user ID (if logged in), WordPress.com username (if logged in), user agent, visiting URL, referring URL, timestamp of event, browser language, country code.

Activity Tracked: Page views will be tracked with each additional load (i.e. when you scroll down to the bottom of the page and a new set of posts loads automatically). If the site owner has enabled Google Analytics to work with this feature, a page view event will also be sent to the appropriate Google Analytics account with each additional load.

Who we share your data with

We only share your data with WooCommerce when you make a purchase or with MailerLite when you join our email list. Some data is automatically collected by JetPack and Google Analytics, and WordPress.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service. Although, I do approve many personally!

Your contact information

Unless you register as a user on the site (see above) or as an email subscriber, or make a purchase, or leave a comment (see above), we do not collect your contact information.

If you provide your first name and an email address, it is used only to email you the requested newsletter.

If you make a purchase, the information you provide via WooCommerce, is only used to charge your purchase.

Additional information

How we protect your data

All our data is secured using the best options available via WordPress.

What data breach procedures we have in place

All data breaches that are not covered by the policies of a plug-in or partner, will be dealt with by our primary author who will make sure that any data breach is swiftly handled by hiring someone I cannot afford on a homeschool mom’s salary.

What third parties we receive data from

We receive very limited data from third parties. We might be able to see how many users arrived her from Facebook or Pinterest, but no personal data is connected that we can see.

What automated decision making and/or profiling we do with user data

N/A

Industry regulatory disclosure requirements

N/A

I will update this privacy policy in the event I realize I did something wrong or actually begin to understand any of the technical mumbo jumbo. This policy is in effect May 24, 2018.