Exchanged Store | Privacy Policy
⚠ Work in Progress
This privacy policy is a working draft and is not yet complete or legally reviewed. Several sections contain placeholder text awaiting final decisions. It is published here for transparency while those decisions are resolved. Please check back for the finalized version.
Privacy Policy
This Privacy Policy explains how [BUSINESS LEGAL NAME] (“we,” “us,” “our”) collects, uses, and protects information when you visit exchanged.store (the “Site”).
The Site runs on WordPress and is hosted by Hostinger. It uses the Avada theme and the plugins described throughout this policy.
- Site owner: [SITE OWNER]
- Contact for privacy questions: [contact email]
- Mailing address: [POSTAL ADDRESS]
- Effective date: [EFFECTIVE DATE]
The Short Version
You can browse the Site and use the interactive timeline without an account or login.
We keep only a simple, anonymous count of page views to understand which content is useful — not tied to your identity.
We use standard tools for security (Wordfence), spam filtering (Akismet), and site performance and features (Jetpack, Hostinger), some of which process technical data such as your IP address.
If you choose to be notified when the store opens, we collect your email address only — stored on our own server, used for one notification, nothing more unless you ask.
Once the store is active: if you make a purchase, we collect the information needed to process your order and payment.
We do not sell your personal information.
Information We Collect
Information You Give Us
Store opening notification — if you sign up to be notified when the store opens, we collect your email address only. It is stored on our own server, used for one notification email, and nothing further unless you ask.
Purchases (applies once the store is active) — when you place an order through WooCommerce, we collect your name, billing and shipping address, email, phone, order contents, and related details. Payment card details are entered on and handled by our payment processor, [PAYMENT PROCESSOR] — we do not store full card numbers.
Customer account (if enabled) — if you create an account, we store your account details and order history.
Contact / forms — if you contact us or submit a form, we receive what you send (name, email, message).
Comments (if enabled) — if you comment on a post, WordPress stores the comment, your provided name and email, and your IP address.
Information Collected Automatically
Server / hosting logs — our host, Hostinger, processes standard technical data (such as IP address, browser type, and pages requested) to serve and secure the Site.
Security monitoring — Wordfence processes technical request data, including IP addresses and login attempts, to detect and block malicious activity.
Usage analytics — Independent Analytics records aggregate, privacy-focused usage statistics (such as page views and referring sites) on our own server. It is designed to be cookieless and not to identify individuals.
Spam filtering — Akismet checks form submissions for spam, which involves sending submission data to Akismet’s service.
Information Stored in Your Browser
The timeline saves a small amount of information locally in your own browser to power its features. This stays on your device — it is not a cookie and is not sent to us.
Reading list — items you add are saved in your browser’s local storage so your list persists between visits. Clear it anytime with the Clear button in the timeline’s 📚 List menu.
View memory — your zoom, position, and selections are briefly kept for the current browser session and erased when you close the tab.
The timeline sets no cookies.
Cookies and Similar Technologies
A cookie is a small file a website stores in your browser. The Site uses cookies and similar storage for the purposes below.
| Source | Purpose | Notes |
|---|---|---|
| WordPress (core) | Keeps you logged in; remembers comment author details | Only set for logged-in users or commenters |
| WooCommerce (once active) | Shopping cart and checkout session | Necessary for the store to function |
| Jetpack | Security, performance, and site features | Depends on active modules |
| Wordfence | Security monitoring | May set a security cookie depending on configuration |
| Independent Analytics | Usage statistics | Cookieless — no cookie set |
| MailPoet | Email subscription management | Only for subscribers |
| Exchanged Timeline | Reading list and view memory | Uses local and session storage only — no cookies |
You can control or delete cookies and local storage through your browser settings.
How We Use Information
We use the information we collect to:
- Operate, secure, and maintain the Site.
- Notify you when the store opens, if you have asked us to.
- Process and fulfill orders and payments (once the store is active).
- Respond to your messages and requests.
- Filter spam and prevent abuse.
- Understand, in aggregate, how the Site is used and improve it.
- Send emails you have asked for.
- Comply with legal obligations such as tax and record-keeping.
We rely on appropriate legal bases for processing — performing a contract for orders, your consent for marketing and notification emails, and our legitimate interests in security and Site improvement. [Adjust to your jurisdiction before publishing.]
Third-Party Services We Use
Some features rely on third parties that may process limited data on our behalf or as independent controllers. Each has its own privacy policy.
Automattic (Jetpack & Akismet) — Jetpack provides security, performance, and feature modules; Akismet provides spam filtering. These services may receive technical data such as IP addresses and submitted content.
Policies: automattic.com/privacy · jetpack.com/support/privacy · akismet.com/privacy
Wordfence — website security and firewall; processes IP and request data and may share attack data with its threat-intelligence network.
Policy: wordfence.com/privacy-policy
Hostinger — web hosting provider; processes hosting and server log data.
Policy: hostinger.com/privacy-policy
Independent Analytics — first-party analytics stored on our own server; not a third-party data sale.
Vendor: independentwp.com
MailPoet — email subscription management for store opening notifications. Subscriber data is stored on our own server. Emails are sent through our own hosting mail server.
Policy: mailpoet.com/privacy-notice
WooCommerce Tax (once the store is active) — calculates tax via WooCommerce’s tax service, which involves sending order totals and location to that service.
Payment processor (once the store is active) — [PAYMENT PROCESSOR] handles your payment.
Policy: [PROCESSOR PRIVACY URL]
Rank Math SEO, Members, Hostinger Tools — operational and administrative tools that do not, in normal use, collect visitor personal data for our marketing purposes.
We do not sell your personal information.
Payments
This section applies once the store is active.
Payments are processed by [PAYMENT PROCESSOR]. When you pay, your payment details are provided directly to the processor under their privacy policy and security standards (PCI-DSS). We receive confirmation and order information needed to fulfill your purchase, but not your full payment card number.
Data Retention
Store opening notifications — your email address is kept until the store opens and the notification is sent, or until you unsubscribe, whichever comes first.
Order and transaction records (once the store is active) — kept as long as needed to fulfill orders and to meet tax, accounting, and legal obligations. [Confirm retention period for your jurisdiction — typically 6–7 years.]
Security and server logs — kept for a limited period for protection and troubleshooting.
Analytics data — retained in aggregate. [State retention period if your settings define one.]
Email subscription data — kept until you unsubscribe or ask us to remove it.
Browser storage — the timeline’s reading list and view memory stay on your device until you clear them. They are not retained by us.
Your Rights and Choices
Depending on where you live, you may have rights to access, correct, delete, port, or restrict the processing of your personal information, and to object to certain processing.
To make a request, contact us at [contact email]
Store opening notifications — unsubscribe anytime via the link in any email we send, or contact us directly and we will remove you immediately.
Marketing emails (if enabled) — unsubscribe anytime via the link in any email.
Browser storage — clear the timeline’s reading list with its Clear button, or clear all site data in your browser settings. Full instructions are on the Timeline Privacy notice.
Personal data requests — WordPress includes built-in tools we can use to export or erase the personal data associated with your email address on request.
You may also lodge a complaint with your local data-protection authority. [Confirm applicable authority for your jurisdiction before publishing.]
Children’s Privacy
The Site is not directed to children under [13 / 16 — confirm for your jurisdiction], and we do not knowingly collect personal information from them. If you believe a child has provided us information, contact us at [contact email] and we will delete it promptly.
International Data Transfers
Some of our service providers — including Automattic and Wordfence — may process data in the United States or other countries. Where required, such transfers rely on appropriate safeguards. [Confirm transfer mechanisms with each processor before publishing.]
Security
We use industry-standard measures to protect information on this Site, including a web application firewall and malware scanning (Wordfence), HTTPS encryption, and access controls.
No method of transmission or storage is completely secure. We work to protect your data and respond to incidents appropriately, but we cannot guarantee absolute security.
Changes to This Policy
We may update this policy from time to time. Material changes will be posted on this page with a revised effective date. We encourage you to check back periodically.
Contact Us
Questions or requests about this policy or your information:
[BUSINESS LEGAL NAME]
[POSTAL ADDRESS][contact email]