Effective Date: 22nd May, 2018
Review your website and look for areas where you collect personal data, bearing in mind the modified GDPR definition of “personal data.”
Through commerce and subscription letter
Some questions to consider:
- Do you collect personal data on your site using third-party services? (e.g., Google Analytics, a Form Block connected to MailChimp and Google Drive). You should read the privacy policies of those services.
- Do you download or export data from your site into another system?
- Do you combine the personal data you collect with other sources of data?
- Are you gathering information you don’t need?
Once you’ve identified your data collection activities, consider making a page on your site that documents:
- What information you collect.
Name, address (delivery), email address (payment and newsletter).
- Why you collect that information.
Name & address to post packages to, email for communication, mailing lists and newsletters.
- Who you share that information with.
Information not shared with anyone. Payments processed through Squarespace and Stripe, newsletter subscriptions and lists stored on MailChimp.
- Any other information required under the GDPR.
12. End Users’ personal information
Our customers who have created a site using Squarespace are responsible for what they do with the personal information they collect, directly or through Squarespace, about their End Users. This section is directed to such customers.
a. Your relationship with End Users
You're solely responsible for complying with any laws and regulations that apply to your collection and use of your End Users’ information, including personal information you collect about them from us or using Squarespace functionality or cookies or similar technologies.
We’re not liable for your relationship with your End Users or how you collect and use personal information about them (even if you collect it from us or using Squarespace functionality or cookies or similar technologies) and we won’t provide you with any legal advice regarding such matters.
b. End User payment information
Your End Users’ payment information may be processed via third party eCommerce Payment Processors with which you integrate your Account, in accordance with such eCommerce Payment Processors’ terms and policies. We transmit your End Users’ complete payment information when they initially provide or update it only so that we can pass it along to the eCommerce Payment Processors you agree to use. We don’t collect or store your End Users’ payment information.