HauntedThemes.com is owned and operated by HauntedThemes SRL ("Haunted Themes", "we" or "us"). We are a company that builds web software so that people (our "Clients") can use to power their website or their client's website (our "Service"). People who run their websites on Ghost platform (Ghost is a trademark of The Ghost Foundation), or web development agencies that build websites for their clients on Ghost, can purchase our themes to assist them in the creation of those websites. We develop pre-made templates that change the way your website looks. Clients can make their websites available to their customers ("End Users") and may in turn collect information from them. We are not responsible for the use of your information by any Clients, and disclaim any liability related thereto.
Respect of Privacy
Before or at the time of collecting personal information, we will identify the purposes for which information is being collected.
We will collect and use of personal information solely with the objective of fulfilling those purposes specified by us and for other compatible purposes, unless we obtain the consent of the individual concerned or as required by law.
We will only retain personal information as long as necessary for the fulfillment of those purposes.
We will collect personal information by lawful and fair means and, where appropriate, with the knowledge or consent of the individual concerned.
Personal data should be relevant to the purposes for which it is to be used, and, to the extent necessary for those purposes, should be accurate, complete, and up-to-date.
We will protect personal information by reasonable security safeguards against loss or theft, as well as unauthorized access, disclosure, copying, use or modification.
We will make readily available to customers information about our policies and practices relating to the management of personal information.
We are committed to conducting our business in accordance with these principles in order to ensure that the confidentiality of personal information is protected and maintained.
Haunted Themes and GDPR
The General Data Protection Regulation (GDPR) is considered to be the most significant piece of European data protection legislation to be introduced in the European Union (EU) in 20 years and will replace the 1995 Data Protection Directive. The GDPR enhances EU individuals' privacy rights and places significantly enhanced obligations on handling data.
In the next points we explain how Haunted Themes handles its compliance. If we did not answer your questions in this article, you can still contact us and drop us an email.
Information We Hold
User data is safely stored on our systems in Europe, London.
Haunted Themes collects account information for each user: email address and IP address in certain cases. We log user activity when it comes to login, in order to provide a secure authentication. We store the IP address for 10 minutes in this case.
System logs including IP, user agents and time of connection solely used for debugging and lawful purpose and retained maximum 1 year.
Haunted Themes does not share, or resell, any kind of user data. The data is not used for advertising or analytics. Our business model is solely based on paid subscriptions.
Communicating Privacy Information
As of now our intention is to service DSR requests (such as delete and export) manually. If you have an account with us, you may access, correct, or request that we delete your personal data by contacting us at firstname.lastname@example.org. Haunted Themes replies to all access requests (positively or negatively) under 1 month, the legal limit from GDPR. We offer this free of charge for our users.
If you are under 18, or the age of majority in the jurisdiction in which you reside, you may only use the Haunted Themes website and Haunted Themes Services with the consent of your parent or legal guardian.
Cookies & Tracking
When someone visits Haunted Themes, we collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site.
We use an authentication cookie that identifies a user for the duration of the session once that user logs into the website.
If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. The Help menu on the menu bar of most browsers also tells you how to prevent your browser from accepting new cookies, how to delete old cookies, how to have the browser notify you when you receive a new cookie and how to disable cookies altogether.
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org.
Third Party Services
Our website employs the use the various third party services. Through the use of our website, these services may place anonymous cookies on the Visitor's browser and may send their own cookies to the Visitor's cookie file.
Is an analytics service offered by Google that tracks and reports website traffic.
We use this tool to measure how users interact with website content.
Google Analytics Terms of Service
Google Analytics Opt-out
A fast and reliable transactional email service.
We use this tool to send transactional emails from our passwordless authentication system.
Postmark EU Data Protection
A marketing automation platform and an email marketing service.
We use this tool to send newsletters to our subscribed users.
An online service which offers a subscription library of high-quality fonts.
We use this tool to make our website's fonts nice.
Hosting and backend infrastructure.
We use this tool to host our infrastructure, that is based on England, London.
A session recording and heat mapping service provided by Hotjar Ltd.
We use this tool to track user activity on our website.
Hotjar honors generic "Do Not Track" headers. This means the browser can tell its script not to collect any of the User's data. This is a setting that is available in all major browsers.
Hotjar's Commitment to the GDPR
In order to process orders we require all relevant personal information, such as your name, address, email address, and information concerning the payment method you have chosen. Payments are handled securely by our payments provider Paddle.com. This partner company has his own data protection policies. We encourage you to read these policies thoroughly before using the Service, and check that you agree with them. To enable payments to be processed and invoiced, the partner company stores references to payment details (these are primarily e-mail addresses and status information). The actual payment details (including credit card and bank details) do not pass through our servers and systems. Paddle acts as a Merchant of Record.
Paddle GDPR Readliness
We do not sell, rent, loan, or lease your contact information to others, unless we have your specific permission to do so or we are required by law or litigation to disclose your personal information. We may also find it necessary to disclose information about you if we determine that it is an issue concerning national security, law enforcement, or other issues of public importance.