SparkFun assumes the following responsibilities:
If you register an account with SparkFun, we’ll have access to your e-mail address and any additional contact information you choose to provide us. If you place an order, we retain a record of the contents of the order, delivery and billing address information, and any communication you might have with our Customer Service or Tech Support teams about the order. If you use features such as commenting, in-stock notifications, and comment reply notifications, we retain record of this fact.
If you browse sparkfun.com, with or without a login, we know for a limited time that a user at your IP address has visited pages on the site. (See the “Logging and Log Retention” section below.)
We collect data on what products and content you browse in order to offer better value to you through personalized email, and to see which products/content are the most useful to you.
We send mail to users when orders are placed, shipped, or ready for local pickup. We may also be in contact when an order requires payment before shipping, or if other issues prevent us from fulfilling an order.
We will notify users if we believe their privacy has been compromised, if it is within our power to do so. For example, if we discover a customer’s account user login information has been exposed elsewhere on the web, or if we are compelled to disclose information to law enforcement.
We offer a set of opt-in email subscriptions for things such as newsletters, in-stock notifications for products, and comment reply notifications. You can control your subscriptions (when logged into your account) on the Email Notifications page. All new customers are signed up to our main newsletter by default, and SparkFun may at any time add all new and all existing customers to existing and new newsletters at our discretion.
We may occasionally send you an email that you did not request or trigger with an action of any kind in order to promote a certain aspect of our site, products, or services.
If you email us, chat with us, or call us on the telephone for support we can and most of the time will record the interaction. This is done so for training and audit purposes and the private conversations between customers and support staff are never sold to or shared with third parties (except when a third party tool, such as email or our chat service, is used to make the interaction possible).
In order to understand traffic to our sites and diagnose technical problems, we log individual web requests. These logs include time of request, individual IP address, referer, and user agent strings. We may retain these logs for up to 60 days, although individually-identifying information will be obscured after one week.
In order to prevent fraud and detect malicious behavior, we log IP addresses for specific actions, such as creating a customer account and placing an order. This information is automatically deleted after no more than 60 days.
Except in the case of malicious traffic, we will not share log data with any third party, unless compelled by legal process to do so.
Our analytics software, Piwik, also sets a cookie that helps keep track of how many unique visitors we’re getting and where they come from, unless you’re browsing with Do Not Track enabled.
We do our best to serve all content securely over HTTPS.
Do Not Track is a standard for telling sites that you don’t want to be tracked. It’s aimed at sites you don’t visit directly, like advertisers and social media platforms.
SparkFun supports the Do Not Track standard. While third party plugins with access to visitor browsing data are extremely limited on sparkfun.com all are disabled for visitors passing a Do Not Track HTTP header. This includes third party tools for analytics, live chat, and web optimization (described below).
We use GMail, and mail sent to or from sparkfun.com addresses generally passes through Google’s servers.
Promotional and informative mail sent to mailing lists, such as the newsletter, is sent using MailChimp (see “Third Party Services” below). Users can opt into and out of these lists using tools on sparkfun.com or MailChimp. Automated mail sent from a triggering event, like a back-in-stock notification, is sent from sparkfun.com directly. All users with accounts can manage all subscriptions via the Email tab in Account Settings.
We offer shipping through third parties: FedEx, UPS, and the United States Postal Service (via a service called Endicia). We pass delivery addresses, phone numbers, and invoices to these companies to the extent required for quoting shipping prices and successful delivery of orders.
We comply with United States export regulations and authorities. We use Visual Compliance to automatically screen billing and delivery addresses for potential export control violations. This entails transmission of customer billing and delivery address information to Visual Compliance servers.
Credit Card payments are processed through FirstData. All credit card data including the cardholder name, credit card number, expiration date, CVV, and full billing address are sent to FirstData via an API for processing. Details regarding what products a customer is purchasing and other demographic information are not sent to FirstData.
Each transaction is logged by retaining the transaction amount, the cardholder name, the last four digits of the credit card, and the card expiration date. No other credit card data is stored at any point on SparkFun servers. This is in full compliance with the PCI-DSS, which you can read more about in our Compliance Policy.
PayPal is offered as a payment method. When using PayPal on sparkfun.com a user must provide their PayPal email address. The user will then be directed to paypal.com to complete their payment, after which they will be redirected to sparkfun.com to complete the order.
SparkFun uses Google Universal Analytics and Piwik to track aggregate behavior of visitors on sparkfun.com.
SparkFun also utilizes Google Analytics Demographics and Interest Reporting. This means we combine personally identifiable information about your SparkFun account, browsing, and shopping habits and merge it with Google’s tracking cookies, all of which goes to Google. This is enabled by default for all visitors to SparkFun.com. You can opt out of this by enabling Do Not Track headers in your browser or installing and enabling the Google Analytics Opt-Out Browser Add-on.
We serve image files (like product images) and other resources from Amazon’s CloudFront.
Uses can choose to display a Gravatar associated with the email address on their account. This will expose a hash of the address to the public web and to Gravatar, which may be a privacy concern.
We use Swiftype to provide search results on sparkfun.com for products, blog posts, tutorials, wish lists, and other content. The text of search strings is sent from our servers to Swiftype. We do not send any information about customers to Swiftype.
We maintain accounts on various social media platforms, including Facebook, Twitter, Google+, Pinterest, Flickr, GitHub, YouTube, Ello, and Instagram, and Tumblr. While some of these platforms are themselves invasive of user privacy, we will do our best to apply the principles outlined in the rest of this policy to our use of social media.
We do not make use of third-party social media badges or widgets which function as trackers.
We use ViralHeat to manage and try to make some sense of the whole social media universe.