PRIVACY AND COOKIE POLICY

PRIVACY POLICY / COOKIE POLICY

Last updated August 15, 2024

AGREEMENT TO OUR LEGAL TERMS

We are M&M Luminous Haven ('Company', 'we', 'us', or 'our'), a company registered in Australia.

We operate the website mmluminoushaven.com (the 'Site'), as well as any other related products and services that refer or link to these legal terms (the 'Legal Terms') (collectively, the 'Services').

These Legal Terms constitute a legally binding agreement made between you, whether personally or on behalf of an entity ('you'), and M&M Luminous Haven, concerning your access to and use of the Services. You agree that by accessing the Services, you have read, understood, and agreed to be bound by all of these Legal Terms. IF YOU DO NOT AGREE WITH ALL OF THESE LEGAL TERMS, THEN YOU ARE EXPRESSLY PROHIBITED FROM USING THE SERVICES AND YOU MUST DISCONTINUE USE IMMEDIATELY.

We will provide you with prior notice of any scheduled changes to the Services you are using. The modified Legal Terms will become effective upon posting or notifying you by mmluminoushaven@gmail.com, as stated in the email message. By continuing to use the Services after the effective date of any changes, you agree to be bound by the modified terms.

The Services are intended for users who are at least 18 years old. Persons under the age of 18 are not permitted to use or register for the Services.

We recommend that you print a copy of these legal terms for your records.

TABLE OF CONTENTS

1.     ANALYTICS

2.     COOKIES
2.1. TYPES OF COOKIES
2.2. NECESSARY AND REQUIRED COOKIES
2.3. CROSS SITE REQUEST FORGERY (CSRF)
2.4. ANALYTICS AND PERFORMANCE COOKIES

3.     VISITOR DATA
3.1. FORM BLOD SUBMISSIONS
3.2. MEMBER SITE SUBSCRIBERS
3.3. WEBSITE VISITORS
3.4. USE OF SHARE BUTTONS
3.5. BLOG COMMENTS

4.     CUSTOMER ACCOUNTS

5.     EMAILS
5.1. ABANDONED CART EMAILS
5.2. MARKETING EMAILS
5.3. ORDER AND ACCOUNT EMAILS

6.     FONTS

7.     SCHEDULING

8.     SQUARESPACE PAYMENTS

9.     CONTACT

 

1. ANALYTICS

This website collects personal data to power our site analytics, including:

-       Information about your browser, network, and device

-       Web pages you visited prior to coming to this website

-       Your IP address

This information may also include details about your use of this website, including:

-       Clicks

-       Internal links

-       Pages visited

-       Scrolling

-       Searches

-       Timestamps

We share this information with Squarespace, our website analytics provider, to learn about site traffic and activity.

2. COOKIES

This website uses cookies and similar technologies, which are small files or pieces of text that download to a device when a visitor accesses a website or app. For information about viewing the cookies dropped on your device, visit The cookies Squarespace uses.

These necessary and required cookies are always used, which allow Squarespace, our hosting platform, to securely serve this website to you.

These analytics and performance cookies are used on this website, as described below, only when you acknowledge our cookie banner. This website uses analytics and performance cookies to view site traffic, activity, and other data.

2.1. TYPES OF COOKIES

We use Necessary cookies so visitors can navigate and use key features on your site and Non-essential, or analytics and performance cookies, that collect information on how users interact with our site.

2.2. NECESSARY AND REQUIRED COOKIES

We use a variety of necessary cookies for obtaining information including but not limited to;

-       Customer accounts

-       Shopping cart and checkout

-       URL directs

 

NAME

PURPOSE, TYPE AND DURATION

_acloggedin

-       Supports login by Acuity Scheduling client if the client has an account

-       Cookie

-       January 1 of following year

_client_acloggedin

-       Supports login by Acuity Scheduling if the client has and account

-       Cookie

-       January 1 of the following year

_dd_cookie_test

-       Tests if cookies are supported

-       Cookie

-       Expires instantly

_dd_s

-       Tracks browser errors

-       Cookie

-       Four hours

_dd_site_test

-       Tests if cookies are supported

-       Cookie

-       Expires instantly

_grecaptcha

-       Helps reduce spam in Acuity Scheduling

-       Local storage

-       No expiry

_ssid

-       Remembers devices for anti-fraud purposes

-       Cookie

-       Four years

CART

-       Shows when a visitor adds a product to their cart

-       Cookie

-       Two weeks

CHESCKOUT_WEBSITE

-       Identifies the correct site for checkout when checkout on your domain is disabled

-       Cookie

-       session

Client_username

-       Remembers a logged in Acuity Scheduling clients username between visits

-       Cookie

-       One year

Clientuser

-       Stores the Acuity Scheduling clients username, OAuth2 Access Toke, and OAuth2 Refresh Token. This cookie is required for functionality of logged-in clients

-       Cookie

-       30 days

Commerce-checkout-state

-       Stores state of checkout while the visitor is completing their order in Paypal

-       Sessionstorage

-       Session

Crumb

-       Prevents cross-site request forgery (CSRF)

-       Cookie

-       Session

hasCart

-       Tells Squarespace that the visitor has a cart

-       Cookie

-       Two weeks

Locked

-       Prevents the password-protected screen from displaying if a visitor enters the correct site-wide password

-       Cookie

-       Session

orderStatusSessionToken

-       Authenticates a visitor who logs into an order status page

-       Cookie

-       One year

PHPSESSID

-       Securely authenticated a visitor during their checkout in Acuity Scheduling

-       Cookie

-       One month

RecentRedirect

-       Prevents redirect loops if a site has custom URL redirects. Redirect loops are bad for SEO

-       Cookie

-       365 days

Remember_client

-       Remembers Acuity Scheduling client’s login details if they have an account

-       Cookie

-       365 days

siteUserCrumb

-       Prevents cross-site request forgery (CSRF)

-       Cookie

-       Three years

SiteUserInfo

-       Identifies a visitor who logs into a customer account

-       Cookie

-       Three years

SiteUserSecureAuthToken

-       Authenticates a visitor who logs into a customer account

-       Cookie

-       Three years

Squarespace-announcement-bar

-       Prevents the announcement bar from displaying if a visitor dismisses it

-       Local storage

-       Persistent

Squarespace-likes

-       Shows when you’ve already “liked” a blog post

-       Localstorage

-       persistent

Squarespace-popup-overlay

-       Prevents the promotional pop-up from displaying if a visitor dismisses it

-       Localstorage

-       Persistent

Squarespace-video-player-options

-       Remembers video player selected preferences (volume,playback speed and quality) for videos uploaded directly to Squarespace

-       Localstorage

-       Persistent

Ss_cookieAllowed

-       Remembers if a visitor agreed to placing analytic cookied on their browser if a site is restricting the placement of cookies

-       Cookie

-       30 days

Ss_sd

-       Ensures that visitors on the Squarespace 5 platform remain authenticated during their sessions

-       Cookie

-       Session

Test

-       Investigates if the browser supports cookies and prevents errors

-       Cookie

-       Session

TZ

-       Enables a Acuity Scheduling clients appointments to display correctly based on their time zone preferences

-       Localstorage

-       Persistent

2.3. CROSS SITE REQUEST FORGERY (CSRF)

CSRF is an attack vector that tricks a browser into taking unwanted action in an application when someone’s logged in

2.4. ANALYTICS AND PERFORMANCE COOKIES

Analytics and performance cookies are used to collect information about how the visitors interact with the site. This data is stored and used to populate the data in analytics, such as traffic sources, unique visitors and cart abandonment.

NAME

PURPOSE AND DURATION

Ss_cid

-       Identifies unique visitors and tracks a visitor’s sessions on a site

-       2 years

Ss_cpvisit

-       Identifies unique visitors and tracks a visitor’s sessions on a site

-       2 years

Ss_cvisit

-       Identifies unique visitors and tracks a visitor’s sessions on a site

-       30 minutes

Ss_cvr

-       Identifies unique visitors and tracks a visitor’s sessions on a site

-       2 years

Ss_cvt

-       Identifies unique visitors and tracks a visitor’s sessions on a site

-       30 minutes

 

 

3. VISITOR DATA

When you buy something on this website, we collect personal information from you to fulfill the order. We may collect information like your:

-       Billing and shipping address

-       Details relating to your purchase (for example, your shirt size)

-       Email address

-       Name

-       Phone number

We share this information with Squarespace, our online store hosting provider, so that they can provide website services to us.

Our payment processor(s) STRIPE will also collect payment information from you. You can read their privacy policy at https://stripe.com/privacy.

As you go through checkout, this site may auto-complete your shipping and billing address by sharing what you type with the Google Places API and returning suggestions to you to improve your checkout experience.

3.1 FORM BLOCK SUBMISSIONS

When you submit information to this website via webform, we collect the data requested in the webform in order to track and respond to your submissions. We share this information with Squarespace, our online store hosting provider, so that they can provide website services to us. We also share this information with Zapier for data porting.

3.2 MEMBER SITE SUBSCRIBERS

When you subscribe and purchase a membership on this website, we collect personal information from you to enable your member sites access. We may collect information like your:

-       Billing and shipping address

-       Details relating to your subscription

-       Email address

-       Name

-       Phone number

We share this information with Squarespace, our website hosting provider, so that they can provide exclusive member site hosting services to us.

As you go through checkout, this site may auto-complete your shipping and billing address by sharing what you type with the Google Places API and returning suggestions to you to improve your checkout experience.

3.3 WEBSITE VISITORS

This website is hosted by Squarespace. Squarespace collects personal data when you visit this website, including:

-       Information about your browser, network and device

-       Web pages you visited prior to coming to this website

-       Web pages you view while on this website

-       Your IP address

Squarespace needs the data to run this website, and to protect and improve its platform and services. Squarespace analyzes the data in a de-personalized form.

3.4 USE OF SHARE BUTTONS

This website includes share buttons which enable you to share pages or other content from this site to associated third party services. If you click a share button, these third parties may receive your personal data, including:

-       Information about your browser, network and device

-       Details about the web page or content you shared or proposed to share

-       Your IP address

3.5 BLOG COMMENTS

This website includes commenting functionality on some pages which enables you to post a comment. This website collects personal data when you post a comment, including:

-       Your name (which will be displayed as part of your posted comment)

-       Your email address (optional, to let you know if someone replies to your comment)

-       Your website URL (optional)

This website includes “likes” functionality on some blog posts which enables you to “like” a post. This website collects personal data when you like a post to try to prevent the same person from liking the same post during the same visit, including:

-       Information about your browser, network and device

-       Details about the web page or content you shared or proposed to share

-       Your IP address 

4. CUSTOMER ACCOUNTS

If you create a customer account on this website, we collect personal information to improve our checkout experience and customer service.

This information may include your:

  • Billing and shipping address(es)

  • Details about your orders (for example, your shirt size)

  • Email address

  • Name

  • Phone number

We share this information with Squarespace, our website hosting provider, so they can provide website services to us.

5. EMAILS

Email content and details will be stored by M&M Luminous Haven and may be subject to targeted and non-targeted marketing campaigns. Contact us at any time to be removed from marketing campaigns and ongoing contact. Choosing to opt out of marketing campaigns and ongoing contact may result in your membership account being deleted and associated data being lost.

5.1 ABANDONED CART EMAILS

You’ll receive an automated email within 24 hours after you abandon your shopping cart, if all of the following occur:

  • You enter your email address at checkout, or are logged into your customer account.

  • You add a product which is in stock to your shopping cart.

  • You close your browser or leave this website without completing your purchase.

You can unsubscribe from these messages at the bottom of the email.

The email will link back to this website, where you can pick up where you left off and complete your purchase.

5.2 MARKETING EMAILS

We may send you marketing emails, which you can unsubscribe from by clicking the link at the bottom of the email. We share your contact information with Squarespace, our email marketing provider, so they can send these emails on our behalf.

5.3 ORDER AND ACCOUNT EMAILS

We may email you with messages about your order or account activity. For example, we may email you to tell you that:

  • You’ve created a customer account

  • Your customer account password has been reset or updated

  • You’ve made a purchase

  • Your order has shipped

It’s not possible to unsubscribe from these messages.

We share your contact information with Squarespace, our website hosting provider, so they can send these emails to you on our behalf.

6. FONTS

This website serves font files from and renders fonts using Google Fonts and Adobe Fonts. To properly display this site to you, these third parties may receive personal information about you, including:

  • Information about your browser, network, or device

  • Information about this site and the page you’re viewing on it

  • Your IP address

7. SCHEDULING

When you schedule an appointment by booking on this website, we collect personal information from you to complete the booking. We may collect information like your:

  • Name

  • Email address

  • Phone number

  • Details relating to your appointment (for example, who referred you)

  • Files you uploaded

We share this information with Squarespace, our scheduling service provider, so that they can provide online booking services to us.

8. SQUARESPACE PAYMENTS

When you make a purchase from us on this website, we use Squarespace Payments as our payment solution. Squarespace Payments is a fully integrated, native payment solution provided to us by our online store service provider Squarespace. Squarespace Payments makes use of the following third party service providers which will also receive your personal information and process it in accordance with their privacy policies:

Stripe - payment processing services. You can read Stripe’s privacy policy at https://stripe.com/privacy.

Sift - fraud monitoring and detection services. You can read Sift’s privacy policy at https://sift.com/service-privacy.

 9. CONTACT

You can contact us at any time at mmluminoushaven@gmail.com with any enquiries relating to this policy.