Privacy Policy

Who We Are

Arenas Foto Wedding Photography provides wedding and couple’s photography services, as well as prints and photo books.  Arenas Foto Wedding Photography is a registered corporation in Costa Rica.  For any privacy-related questions, you can reach us at info(at)arenasfoto.com.

Who We Share Your Data With

We do not share or sell our users’ private personal information with or to anyone. The data we collect is for the purpose of analyzing visitor behavior, to determine what content is most beneficial to visitors and structure the site to make it more available, and to identify and protect our site from malicious attacks.

We use third-party services (data processors) across our site. We list the specific third-parties in use (with links to their privacy policies) in the sections below.

We disclose potentially personally-identifying and personally-identifying information only to our employees and contractors that (i) need to know that information in order to process it on our behalf or to provide services, and (ii) that have agreed, in writing, not to disclose it to others. Some of those employees, contractors and affiliated organizations may be located outside of your home country; by using our websites and services, you consent to the transfer of such information to them. We will not rent or sell potentially personally-identifying and personally-identifying information to anyone.

We may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.

If we ever were to engage in any onward transfers of your data with third parties for a purpose other than which it was originally collected or subsequently authorized, we would provide you with an opt-out choice to limit the use and disclosure of your personal data.

Cookies

A cookie is a string of information that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns. We use cookies across our site to help identify and track visitors, their usage of our services, and their website access preferences. We describe the specific cookies used in the sections below. Visitors who do not wish to have cookies placed on their computers should set their browsers to refuse cookies before using our websites, with the drawback that certain features may not function properly without the aid of cookies.

What Personal Data We Collect and Why We Collect It

Why We Collect Data

The data we collect is for the purpose of analyzing visitor behavior to determine what content is most beneficial to visitors and structure the site to make it more available to better visitor engagement with the purpose of gaining more clients, and to identify and protect our site from malicious attacks.

Email/Contact Forms

We use Google/G Suite to process all internal email and communication with our customers. Google’s privacy policy is available here: https://policies.google.com/privacy.

Customers who use the contact form on websites will have their email address, IP address, and any data provided in the contact form or body of the email stored in G Suite archives, and in the contact form submission log on our website for one month.

Security Applications

We have various security applications installed on our site that inspect all visits to our site to ensure our site’s security.  These security applications identify and check the IP address of visitors against a list of blacklisted IP in order to prevent IP addresses on said blacklist from accessing our site.  Some of these security plugins also record IP address of all visitors to our site, enabling us to review IP logs for visitors with malicious intent that were not stopped by the firewall in order to block them from accessing our site in the future.   

Embedded Content from Other Websites

Embeds are pieces from other websites that are shown from time to time on our websites. They behave in the exact same way as if the visitor has visited the other website and may use cookies or capture information. Typically, embedded content is from websites that share videos, images, or other content. These services may collect your IP Address, your User Agent, store and retrieve cookies on your browser, embed additional third-party tracking, and monitor your interaction with that embedded content, including correlating your interaction with the content with your account with that service, if you are logged in to that service.

Links to the privacy policies of the most common services have been included below.

Analytics

We use Google Analytics for tracking visitors and aggregating information about the traffic to our websites. The Google Analytics privacy policy can be found here: https://policies.google.com/privacy. You can learn more about how to opt-out of tracking in Google Analytics here: https://tools.google.com/dlpage/gaoptout/.

We’ve turned on the IP Anonymization feature in Google Analytics. You can learn more about this here: https://support.google.com/analytics/answer/2763052?hl=en

Paying Customers

For payment transactions, we use PayPal and Stripe. PayPal’s privacy policy can be found here: https://www.paypal.com/webapps/mpp/ua/privacy-full. Stripe’s privacy policy can be found here: https://stripe.com/us/privacy.

If you purchase using PayPal, we ask for:

  • Full Name: To personalize your account experience.
  • Email Address: So we can deliver our products and contact you if needed.
  • Billing Address: For payment verification
  • Billing Country: For tax purposes.

If you purchase using your credit card, we ask for all of the above, and:

  • Credit Card Information: So we can process your payment. This data is sent to Stripe, and is never stored on our server.
  • Billing City and Zip/Posal Code: To verify your credit card purchase.

What Rights You Have over Your Data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Web Services

All web servers and hosting are managed by Cloudways. This includes website hosting, backups, web database, file storage, APIs, and log files. Cloudways’ privacy policy can be found here: https://www.cloudways.com/en/terms.php#privacy

Affiliates

If you come to our site through a link provided by one of our affiliates, a cookie will be added to your browser in order to remember the affiliate. This cookie will remain in your browser for 60 days, or until you delete it.

Website and Database Backup & Management

We use Cloudways’ internal backup system and Updraft Plus to website files and database.  

Cloudways Privacy Police: https://www.cloudways.com/en/terms.php#privacy

UpdraftPlus Privacy Policy: https://updraftplus.com/data-protection-and-privacy-centre/

How We Protect Your Data

The security and reliability of our service is our number one priority.  See wordpress.org/about/security for details on the security of the WordPress core itself.  Prevention is best when it comes to security, and as a first step, we follow all WordPress Security Standards on our site and server.  All staff only have access to systems that are directly required to complete the functions of their job. All staff (including any contractors) undergo initial training to ensure proper understanding of all security-related processes.

We also use various security applications on our website to protect it from malicious attacks and breaches, and have implemented various security strategies on our server to further secure our website and data base in addition to the security features already implemented by our hosting provider.

What Data Breach Procedures We Have in Place

Should any event occur where customer data has been lost, stolen, or potentially compromised, our policy is to alert our customers via email no later than 48 hours of our team becoming aware of the event. We will also report such incident to any required data protection authority. We will work closely with any customers affected to determine next steps such as any end-user notifications, needed patches, and how to avoid any similar event in the future.

Privacy Policy Changes

Although most changes are likely to be minor, EDGE22 Studios may change its Privacy Policy from time to time, and in EDGE22 Studios’ sole discretion.

Changelog

May 21, 2018 – Updated language of the policy to be more user-friendly, specifically outlining requirements in preparation for meeting the GDPR.

Do NOT follow this link or you will be banned from the site!