1. Core Principles
When you use the Services, we collect the following information, and use it only as described below:
2.1. Account Information. This may include your name, address, email address and phone number. We use this information in the ways you would expect, such as to set up your account, create a transaction, or contact you.
2.2. Third Party Account Information. If you use Third Party Services, such as social media or photo-sharing services, you may provide us with your Third Party Services account information, such as your username (note that we don’t store any passwords you use to access Third Party Services). We transmit, and may store, such account information, only as needed to provide the Services, and only in accordance with the terms and policies of the Third Party Services.
2.3. Payment Information. When you initially provide or update your payment information, we transmit it via an encrypted connection to our Payment Processor, PayPal. PayPal uses and processes your payment information in accordance with PayPal Policy. We don’t store your payment information, other than your zip code and country, which we require for billing and to comply with tax and other government regulations.
2.4. Communications With Us. When you send us emails or other communications, such as customer support inquiries, we maintain those communications and their contents so that we can resolve your inquiries or otherwise assist you.
2.5. Public Comments On The Services. We maintain any comments, contributions to discussions or messages submitted to users of the Services, in order to provide the Services.
When you use the Services, we may share your information only as described below:
3.1. Following The Law. We may disclose your information to third parties if we determine that such disclosure is reasonably necessary to comply with the law, protect our rights or prevent fraud or abuse of Squarespace or our users. When we receive law enforcement or national security requests for information, we strongly believe in privacy and transparency. We scrutinize such requests carefully and challenge vague, overbroad or otherwise unlawful requests. And when legally permitted, we provide our users with notice that their information is being requested. This notice is provided so that you have the opportunity to challenge such requests.
3.3. Business Transfers. If we're involved in a reorganization, merger, acquisition or sale of our assets, your information may be transferred as part of that deal.
While no service is completely secure, we have a security team dedicated to keeping your information safe. We employ security measures such as using firewalls to protect against intruders, building redundancies throughout our network (so that if one server goes down, another can cover for it) and testing for and protecting against network vulnerabilities. Payment information is transmitted using HTTPS encryption, and we maintain a PCI DSS certification.
We'll retain your personal information for as long as we need it to provide you with the Services. You can ask for your personal information to be deleted at any time by deleting your Account or contacting us at email@example.com. Please note that there may be latency in deleting your personal information from our servers and backup storage, and we may retain your personal information in order to comply with the law, protect our rights, resolve disputes or enforce our agreements.
To modify or delete the personal information you have provided to us, simply log into the Services and update your profile. We may retain certain information as required by law or for necessary business purposes. On request, we'll provide you with a copy of your personal information that we maintain. This request may be subject to a fee not exceeding the prescribed fee permitted by law.
We may periodically email you service-related announcements. We'll also send you emails related to your transactions. We may also send you marketing or promotional communications, but you can opt out of receiving subsequent marketing or promotional communications by clicking the link marked unsubscribe (or a similar phrasing) that’s included in those communications.
9. End User Information
9.3. End User Payment Information. Your End Users’ payment information may be processed via third party eCommerce Payment Processors with which you integrate your Account, in accordance with such eCommerce Payment Processors’ terms and policies. We transmit your End Users’ complete payment information when they initially provide or update it, only so that we can pass it along to the eCommerce Payment Processors you agree to use. We don’t collect or store your End Users’ payment information.