Privacy Policy

Effective Date: (09/07/2023)

Last Updated: (09/07/2023)

The website www.SamanthasForgetMeNots.com (our “Website”) is owned by Samantha Johnson. At Samantha’s Forget Me Not (“we,” “us,” or “our”), we care about your privacy and how we collect, use, or share the information you provide to us. We are committed to protecting your privacy and personal information through our compliance to this Privacy Policy.

By visiting our Website, you agree that any information that you contribute or provide to us is subject to this Privacy Policy. As a visitor or user of this Website, you agree to all terms contained in this Privacy Policy and the accompanying Terms of Use.

This policy details your right to choose some of the ways we collect, use, and disclose your data. Through your use of our Website, you may be asked to indicate your choice to opt out of receiving “cookies” or unsubscribe to our mailing list.

This policy applies to any information collected on this Website and information you provide to us offline, including, but not limited to, information you provide via phone and email. 

If you have any questions about this Privacy Policy, please contact us at hello@jessicawhitaker.co.

Children’s Online Privacy Protection Act (COPPA)

You must be 18 years old or older and have the requisite mental capacity to agree to this Privacy Policy to gain access to our Website. In compliance with COPPA (Children’s Online Privacy Protection Act.), this Website is not for use by those under the age of 13 or those under the age of 18 without parental consent. We do not knowingly collect personal information from children under the age of 13, nor do we specifically market to children under the age of 13. 

The Children’s Online Privacy Protection Act (COPPA), enforced by the Federal Trade Commission, sets forth requirements of websites and online services to protect children’s safety and privacy. If you are under the age of 13, do not send us any personal information. We encourage parents to continually monitor their children’s internet usage. If we learn that we have unknowingly collected or received personal information from a minor under the age of 13, we will delete this information, and/or attempt to obtain parental consent. If you have any reason to believe we may have unknowingly collected data from a minor under the age of 13, please let us know by contacting us at hello@jessicawhitaker.co.

What Data We Collect

When you visit our Website, join our email list, contact us through our Website, interact with us on social media, and make purchases on our Website, we collect different types of information from you. 

This may include the collection of personal data by which you may be identified personally like your name, email address, telephone number, postal address, demographic information (age, gender, education level etc.), and any other identifying information. 

Data collected may also include financial data that is transmitted when you order, purchase, exchange, or return a product or service from our Website or any mobile apps. This data may include credit card or bank details related to your payment method, which is transferred to our third-party payment processors PayPal, Apple Pay, Squarespace and Stripe. You should review the privacy policies of these third-party payment processors. 

We may also collect derivative data when you visit and use our Website including your IP address, the date and time of your visit, your country of origin, and the type of browser you used. Furthermore, if you access our Website via a mobile device or app, we may collect information from your device such as location information, model and manufacturer, and device ID.

Through social networking websites and apps, like Facebook, Twitter, Instagram, and other social networking sites, we may access publicly available information such as your name, account username, profile photo, email address, age, location, gender, and any other publicly displayed information. You may limit this access by changing your privacy settings on each social networking site. 

If you provide us with additional information to participate in a survey or giveaway, that information will also be subject to the terms of this policy.

How and Why We Collect Data

Through your consent, we collect information that you provide to us manually. For example, if you join our email list through opting in for a free resource or otherwise subscribing, based on your consent to receive direct marketing materials, all emails you receive from us will state the sender of the email clearly and give you instructions on how to unsubscribe from our email list or contact us with any questions or concerns to ensure compliance with the CAN-SPAM Act. Our legal basis for collecting this information is your consent. 

We may also collect or send standard “cookies” to identify your browser or device information from time to time and collect information through Automatic Data Collection Technology. We may use session cookies that expire when you close your browser and persistent cookies that remain on your computer until you delete them. You can accept or decline cookies in your web browser settings. No personal identifiable information will be included in cookies and, other than the methods described above, we will not use any other mechanisms to capture data on our website. Our legal basis for collecting this information is our legitimate interests in monitoring and improving our website, business operations, marketing efforts, and proper protection of our business against risks.

To obtain statistical data and provide you with relevant information, we may also collect data on the way you use our website including your browsing activity, browsing patterns, IP address, device information, internet connection, and other actions via Google Analytics and Facebook Pixels. We may also receive personal data from other third-parties like Google, PayPal, and other third-party payment processing companies. We use these technologies in compliance with all policies of the third-party providers. Our legal basis for collecting this information is our legitimate interests in monitoring and improving our website, business operations, marketing efforts, and proper protection of our business against risks.

The personal data we collect is used to create and administer your account, generate a personalized profile for you, compile statistics on site use, analyze trends, correspond with you, interact on social media with you, deliver targeted advertising, process payment, refunds, deliver any goods or services you purchased, communicate new products and services we think you might be interested in, updated you on products and services, request feedback from you, resolve and troubleshoot disputes and problems, prevent fraudulent use of our website, and assist law enforcement when necessary. Our legal basis for collecting this information is our legitimate interests in monitoring and improving our website, business operations, marketing efforts, and proper protection of our business against risks.

How Long Your Data Will Be Stored

We use reasonable measures to ensure that your information remains confidential. Personal information is stored through a data management system. For as long as you choose to remain on our email list, we will retain a minimum amount of personal information including your name, email address, and your behavior on our Website. Any additional personal information will be retained as long as necessary to fulfill legal obligations, resolve disputes, or as reasonably determined.

Information Protection and Security

We use commercially reasonable methods to safeguard the personal data you provide to us and the personal data we collect automatically. We use reasonable online security measures and reputable third-party vendors that are compliant with generally accepted security and safety measures including a Secure Sockets Layer (SSL) on our website to help secure information. Please note that we cannot guarantee that all information transferred will be secure and, if we become aware of a data breach, we will notify the necessary parties in a timely manner of all the information we have.

By using our website, you agree that, should your information be intercepted in this way without our knowledge, consent, or permission, you will hold harmless Samantha’s Forget Me Nots, including a release of any and all claims related to use of such information by such an unauthorized party.

Due to the nature of our business and information collection activities, we have determined that we do not process sensitive data on a large scale, nor do our core activities involve processing operations that require regular or systematic monitoring of data subjects. For these reasons, we have concluded it is not necessary to appoint a Data Protection Officer.

Providing Your Personal Data to Others

For very limited purposes, like legal assistance, accounting, or technical support, we may we share your confidential information with necessary third parties and any parties who access your information will keep your information confidential. To the best of our ability, we will not share your personal data with any unnecessary parties. If, in good faith, we determine that disclosure of your information is necessary to protect the rights of our business or comply with the law, prevent or mitigate a crime, or protect the rights or safety of our other website users, we may do so. We may also disclose necessary information in the event of a sale of Samantha’s Forget Me Nots.

Third-Party Sharing

We are not responsible for the policies or information handling of third-party websites or third-party apps. 

Your Rights

Pursuant to this policy and applicable laws, you have certain rights when it comes to controlling and protecting your private data:

You have a right to request that your information be deleted and no longer retained. Upon your request, we will remove your information from our database. 

You have a right to “unsubscribe” by hitting the “unsubscribe” button at the bottom of any email we send you at any time. 

You may also contact us to request access to information that Samantha’s Forget Me Nots retains about you be updated, edited, or deleted from our database at any time. 

You have the right to contact us about information on how your data is collected, stored, or used, and request a copy of the data we have. 

You may also contact us to restrict how we process your data in certain circumstances.

You have the right to be forgotten, which means you can withdraw your consent to give us your personal information by clicking the “unsubscribe” button at the end of any email you receive from us. 

You may contact us at:

 

Samantha’s Forget Me Nots

SamanthaBPhotography@gmail.com

Columbus, Ohio 43214

United States

CAN SPAM Act

In compliance with CANSPAM, we agree to allow users to unsubscribe using a link provided at the bottom of every email, honor opt-out requests, monitor compliance of third-party email services, not use false or misleading email addresses or email subjects, identify advertisements in a reasonable manner, and provide the physical address of our business. 

California Online Privacy Protection Act (CalOPPA)

Pursuant to CalOPPA, we agree that users can visit our site anonymously and we will add a link to this privacy policy on our home page or the first significant page after entering our website. Any changes to this Privacy Policy will be published on our privacy policy page. 

If you are a California resident, once a year and free of charge, you have the right to obtain from us: information about what data we disclose to third-party marketers, and the names and addresses of each third-party we disclose your personal data to.


If you are a California resident under the age of 18, you have the right to request that we remove any data that you publicly post on our Website. Note that we may not be able to completely remove that data from our systems.

You may use the contact information listed above to make such requests.

GDPR Compliance and Privacy Shield Notice

To comply with the European Union’s General Data Protection Regulation (“GDPR”), we confirm that we have lawful grounds for processing the information we collect from you and a legitimate interest to respond to user inquiries. At any time, you may request that your information be deleted or edited. No sensitive personal data is collected. To the best of our ability, we have researched and concluded that all third-party data processors we use have advised us they are compliant with the General Data Protection Regulations as well.

Our Website is hosted by servers located in the United States. Appropriate safeguards, namely the EU-US Privacy Shield, protect the transfer of data internationally from individuals residing in the European Union to our servers in the United States. If you reside in the EU, we collect and transfer your personal data to the U.S. only with your consent, to perform a contract with you, or to fulfill a compelling legitimate interest of Jessica Whitaker LLC. Whenever appropriate and feasible, we enter into model clauses and data processing agreements with vendors to protect your privacy. 

Legal Basis for Storage of Data Collected under GDPR

Art. 6(1) lit. (a) of the GDPR serves as the legal basis for processing data for which we have obtained your consent to process.

Art. 6(1) lit. (b) of the GDPR serves as the legal basis for processing your personal data when it is necessary to fulfill a contract or a contract-like relationship with you. 

Art. 6(1) lit. (c) of the GDPR serves as the legal basis for processing your personal data to fulfill a legal obligation.

Art. 6(1) lit. (f) of the GDPR serves as the legal basis for processing your personal data when it is necessary to safeguard our or a third-party’s legitimate business interests, or your fundamental rights, freedoms, or interests that do not require the protection of your personal data.

Third Party Links Are Not Covered by This Policy

If we provide links to third-party websites, please note that any information collected on those websites is not covered by this Privacy Policy. If you click on a link and access another website, this Privacy Policy does not attach. By using our Website, you acknowledge and agree that we are not responsible for the policies or practices of any third-parties. You should review of the privacy policies of each individual website you visit.

Jurisdiction and Applicable Law

The servers and parties that make this Website available are located within the United States. Any matters relating to the Website will be governed by the laws of the United States and the State of Ohio, as well as the General Data Protection Regulation (GDPR), as it applies to residents of the European Union.

Updates and Changes to Privacy Policy

The terms of this Privacy Policy may change from time to time. Please refer back to this policy regularly. By accessing and using this Website, you agree to any such changes we make to this Privacy Policy.

Contact Information

Please read and review this Privacy Policy carefully. If you have any questions about this policy, your rights herein, or would like to review, update, or delete your information from our database, please contact us at:

SamanthaBPhotography@gmail.com

Columbus, Ohio 43214

United States