Privacy and Data Handling Policy

This policy is Roundabout’s framework for handling the confidential information of our customers. We take security and customer privacy very seriously at Roundabout Books. All our employees are expected to responsibly handle customer PII only for the purposes of order fulfillment and customer service. Employees who use or access confidential information are trained to understand the confidentiality of PII, and to appropriately safeguard that information. They are also expected to understand the consequences that might result from improperly handled PII.

We have taken measures to ensure the safety of our shop’s devices and applications as well. All of our store’s devices are password-protected, and applications we use to manage shipping are also password-protected. Passwords are routinely changed every 60 days and the new passwords are stored in a secure location. Unused ports on store devices have been disabled.

Address data is retrieved during shipping solely for the purposes of creating address labels. We then create labels and issue tracking numbers for our customers, and to answer customer service requests. Only authorized employees may access the customer service interface, and that access is supervised by Raymond Neal, the owner of Roundabout Books. No data is shared with any other entity or application.

On devices where Amazon PII is retrieved, that data is anonymized and deleted within 30 days unless we are required to keep it longer by United States law, in which case it is deleted as soon as is legally allowed. Data is encrypted at rest using AES-256. Data is encrypted during network communications using SSL.