At Divinitea, our focus is on delivering a quality tea & tea ware, while building a positive customer experience. We want you to keep coming back for the teas you love! An important part of that effort involves treating your private information with care and respect. We go through great effort to protect your information and use it responsibly. We do not sell your information to third parties, and we use your private information only to fulfill the services you request.
- How information is used when placing an order
- How information is used when creating a customer account
- How information is used in our contact form
- How information is used in our wholesale request form
- How information is used when signing up to our mailing list
- Information we collect automatically
- Special Circumstances
- Security Measures
How information is used when placing an order
When placing an order on our website, we collect name, contact information, billing address, shipping address, in addition to items ordered. This information is saved into our website for order processing and accounting purposes. In addition, order information is submitted via email, minus credit card information, to our order processing staff to inform them of new orders, and entered locally into accounting software system.
For shipping fulfilment, order information is handled through ShipStation, a shipping service. Credit card data is not transferred to ShipStation. Due to our service agreement, ShipStation does not use customer order information for marketing purposes, and only uses the customer order information to fulfill their service requirements. This may include sharing mailing address and general package information with the United States Postal Service or other shipping providers to receive an accurate shipping quote for printing postage, and rates from mail insurance providers.
For security reasons, we do not directly collect or process credit card information on our website. Instead we utilize a payment gateway service provider. During checkout, there are two payment options: “Credit Card” and “PayPal.”
“Credit Card” payment method is handled through Authorize.net, a well-established payment processor. Authorize.net collects credit card information and all relevant order information, such as billing & shipping address, in addition to order details. This information is utilized to verify customer’s identity, ensure the required funds are available for their respective order, charge customer’s credit card and associate the charge with the appropriate order. At checkout, the customer may choose to save credit card information on Authorize.net for future use on Divinitea.com or manually enter credit card information on each order. While the customer may still remain on Divinitea’s website, this processing is handled by Authorize.net directly.
“PayPal” payment method is handled through PayPal’s servers. PayPal collects credit card information and all relevant order information, such as billing & shipping address, in addition to order details. This information is utilized to verify customer’s identity, ensure the required funds are available for their respective order, charge customer’s credit card and associate the charge with the appropriate order.
When an order is placed, we will email customer order confirmation. After an order is processed and shipped, we will inform customer of tracking information where applicable, and that the order is complete. At a later date, we may email customer asking for feedback on the order, such as for a product review.
Tea of the Month Club – Special Notes
Tea of the Month Club is a subscription service that allows automated monthly payment for teas. To achieve this, a payment profile is saved on Authorize.net or PayPal, depending on the payment method chosen at checkout for the first tea club subscription order. By subscribing to a Tea of the Month Club subscription, customer is authorizing automated monthly payments from one of the services mentioned above. Customer may change payment information, tea club subscription information, or cancel a tea club subscription at any time through their customer account, or contacting customer service.
Duration of Storage – Order Information
For customer service and accounting purposes, order details are stored indefinitely. This includes order id, customer contact information, billing address, shipping address, and items ordered.
How information is used when creating a customer account
Before placing an order, or during the checkout process, visitors to Divinitea.com have the opportunity to create or log into a customer account. A customer account provides the visitor with ability to save their billing address, shipping address and credit card profile for future orders. In addition, registered customers will receive rewards points on their orders that may be applied to discounts on future orders.
Upon registering, customers will receive a user ID, and will have the opportunity to set their password. A customer account interface will allow the customer to view order history, manage account information, view rewards points information, any tea club subscriptions associated with the account, and saved credit card profiles.
Customer accounts may be deleted by Divinitea staff by contacting email@example.com. Please note for tax and accounting purposes, order history will be preserved in our systems. In addition, deleted customer accounts will permanently lose all earned rewards points.
How information is used in our contact form
Information submitted in our contact form is collected and submitted via email to our support staff. The information submitted in the form is used to fulfill any support request in the submission form.
By default, information submitted in our contact form is reviewed internally, and no information is submitted to a third party unless the nature of the support request requires third party communication. For example, if a customer is experiencing an issue accessing the website on their browser, and internal staff is unable to resolve the problem, we may bring in our web development specialist to evaluate the problem.
In general, if we determine that contact form submissions do not require followup, we will delete that email. If a contact form submission may require followup, we will save the contact form submission in our email history indefinitely, in case of further followup support requests.
All email history from an email address may be deleted by Divinitea if a request is sent directly from that email address to firstname.lastname@example.org. Please note that some email correspondence may be retained if they are required to fulfill legal, contractual, or accounting obligations.
How information is used in our wholesale request form
Information submitted in our wholesale request form is collected and submitted via email to our wholesale account managers. The information is reviewed to establish suitability for setting up a wholesale account.
By default, information submitted in our wholesale request form is reviewed internally. In the case of a wholesale request in a region where we already have a wholesale client, we may reach out to the existing wholesale client to receive their permission to establish a new wholesale client in their area of operation. We may include a brief summary of the applicant to the existing wholesale client.
We may contact our web development specialist for technical support, such as if wholesale client requires digital assets.
Wholesale request forms are kept indefinitely, to retain a record of when first contact with a business was established, and to maintain records on the business. Wholesale request forms may be deleted upon request if they are not required for wholesale customer service. Please contact email@example.com for more information.
How information is used when signing up to our mailing list
A mailing list signup form is posted on our website, in addition to an opt-in checkbox at checkout and in Divinitea’s contact forms. The mailing list signup is always optional. Divinitea will ask for name, email address, and optionally, birthday info to send a birthday wish.
Divinitea’s mailing list is for the purpose of communicating discounts, promotions, and news at Divinitea, and other tea related information. Subscribers may opt out at any time by clicking the ‘Unsubscribe’ link in Divinitea mailing list emails.
Subscriber name, email, and any other signup information, if filled out, will be saved until the subscriber unsubscribes to Divinitea’s mailing list.
Divinitea does not collect email subscribers for the purpose of selling email subscriber lists to third parties.
Information We Collect Automatically
We also collect some information automatically:
- Log Information: To maintain our firewall and improve customer account security, we collect information that web browsers, mobile devices, and servers typically make available, such as the browser type, IP address, unique device identifiers, language preference, referring site, the date and time of access, operating system, and mobile network information. If we notice abusive activity originating from a specific IP address, such as attempted transmission of malware or spam, we may throttle or otherwise restrict traffic from this IP address for a duration of our choosing.
- Location Information: We may determine the approximate location of your device from your IP address. We collect and use this information to improve website speed by delivering content from a server as close to your location as possible. We also collect generic, anonymized location information for our analytics reports.
We may disclose information about website visitors in response to a subpoena or court order. We may also disclose personal information if we believe it was used for unlawful purposes, such as identity theft or attempted malware activity.
Our website is protected under a third-party dedicated firewall service. In addition, the service regularly scans our servers for malware. Website software is regularly updated to ensure the latest security updates are in place.
All website activity is fully encrypted using Security Socket Layer (SSL). Credit card information is not stored on our server. Instead, it is directly transmitted to our merchant provider’s PCI compliant servers.
Credit card data collected from phone orders is shredded after the order has been processed.
- May 29, 2018: Revised to elaborate on mailing list subscribers and to elaborate on emails customers receive when orders are first received and when they are shipped or otherwise completed.
- May 26, 2018: Revised to comply with GDPR regulations, in addition to clarify Divinitea’s use of personal data.