Who I am
Our website address is: https://graziadolls.com.
What personal data I collect and why I collect it
When visitors leave comments on the site I collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you leave a comment on my site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, I will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Who I share your data with
By default WordPress does not share any personal data with anyone. I don’t use third parties to run this website
I use Etsy as a shop place. If you want to come to my shop, you will open my shop on Etsy Flamingostory. Etsy has own privancy policy.
How long I retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), I also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data I hold about you, including any data you have provided to us. You can also request that we erase any personal data I hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
Your contact information
Procedures for starting, suspending and terminating work in an IT system
1. Before starting work in the IT system:
1) log into the system using only login and password reserved for themselves in a way that prevents disclosure to unauthorized persons – the password can not contain less than 8 characters, the person creating them is obliged to do so in such a way as to make it difficult to read, by introduction to the password: special characters, numbers, uppercase letters, etc.,
2) check the correct functioning of computer equipment and systems,
3) in the case of finding a breach of the security of the IT system or the condition indicating the existence of such a possibility, take appropriate steps in accordance with the rules of conduct in the event of a breach of personal data protection.
2. In the case of data processing in the presence of third parties and periodic interruption of work (leaving the computer) at least: activate the screen saver or otherwise block the use of your user account by other people. It is recommended in such cases:
1) using the mechanism of temporary blocking access to the computer by running a screen saver with a password (the password should coincide with the login password to the system);
2) ending work in the IT system – logging out of the system.
3. After processing personal data on a given day, log out of the IT system.
4. Information media and printouts with personal data that are not intended to be shared shall be stored in conditions that prevent unauthorized access to them.
Devices and information systems for personal data processing, powered by electricity, should be protected against the loss of this data due to power failure or disturbances in the power supply network. This protection should be constructed in such a way as to enable data to be saved in all running applications and to make a backup copy.
1. Security copies should be made once a month.
2. Backup is done by downloading data to an external disk.
3. Backup copies should be periodically checked for their continued suitability for data recovery in the event of system failure and immediately deleted after their usefulness ceases.
4. Backups that have been damaged or become unnecessary shall be deprived of the data being stored in a manner that prevents their reproduction.
5. If the recording is not possible, the copies shall be destroyed in a way that makes it impossible to read or reproduce the data contained on the backup medium.
The manner and duration of storage and the rules for the liquidation of information carriers
1. Computer printouts from the system, containing personal data, are prepared only for operational purposes.
2. A computer printout from the system, containing personal data, after proper description and marking, is subject to the rules on the protection of personal data processed using traditional methods.
3. Prints from personal data files, created and used for working purposes, are permanently destroyed.
1. Antivirus protection is implemented by installing appropriate antivirus software.
2. The IT system is regularly checked for the presence of computer viruses.
3. Detected threats are removed immediately from the IT system.
4. Before proceeding to the disposal of the virus, data contained in the system are protected against loss.
Repair of the system processing personal data
Computer devices, hard drives, or other IT data carriers intended for repair, are deprived of personal data stored before them.
Rules for the use of portable equipment
1. During transport and storage of portable equipment used to process personal data outside the area intended for processing personal data indicated in the Security Policy, special care is taken.
2. In order to prevent access to this data to an unauthorized person, the following is applied:
1) in the case of a computer – securing access to a computer with a password;
2) in the case of a telephone – a security device in the form of a pin and a fingerprint reader
3) for applications that process personal data – password protection.