Privacy & Safety
Who are we?
What information do we collect?
We might collect or receive personal data from you via our website, forms, or brand pages, social media or otherwise. Sometimes you give this to us directly (e.g. when you contact us, when you purchase from our websites or stores), sometimes we collect it (e.g. using cookies to understand how you use our websites). What information we collect from you depends on the interaction you have with our company.
Ordering from our website
When ordering from our site we collect all the details necessary to process and fulfil the order. These include: name, email address, phone number, postal address, and card details or payment information. We use this information in the following ways:
- To process and fulfil your order,
- To contact you about your order by email or phone number
- To create reports and analyse customer behaviour
- To send you more relevant marketing material (if you’ve opted in to our newsletters).
This processing constitutes profiling under the GDPR and we process your personal data in this way as it is in our legitimate interest to offer you a personalised experience on our site and to provide you with personalised marketing.
If you do not opt in to our marketing emails, we will not send you marketing material. However, we will still email you details about your order. The lawful basis for contacting you and storing your data is ‘legitimate interest’.
Opting in to our newsletter
When you opt in to our newsletter we collect your email address. We use this to send you our newsletters, including offers and promotions to you.
If at any time you wish to stop being sent our newsletter from us, you can contact us at email@example.com and request to be removed.
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website. For more information about cookies, please visit www.allaboutcookies.org.
Keeping your data
We keep all personal information we have for as long as we need to provide our services. We are under legal obligation to keep all transactional data for 6 years. We may keep it longer than this if we still require it for trend analysis and reporting unless you request for it to be deleted. We keep your personal data until you request your data to be removed from our marketing database.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. We store all data we collect on servers within the European Economic Area (“EEA”). In some cases when but we may also transfer your data outside of the EEA to secure servers. Where this is the case the data transfer will be carried out in compliance with applicable laws.
Who has access to your personal information?
We will not sell, distribute or lease your personal information to third parties unless we are required by law to do so. In some cases, we need to share your data with third parties in order to fulfil the services we offer. However, these parties will only use your personal information to fulfil our services. We do not allow our 3rd parties to use your information for their own marketing, to fulfil services for other companies or to pass it on.
We use various 3rd parties including:
Payment providers – So we can take your order
Fulfilment companies – so we can process your order and get it delivered to you
Data analysis companies – to analyse your data and improve the on-site experience
Marketing companies – to improve our service and your experience
When we are legally obligated to we may also share your personal information with governmental and law enforcement agencies.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
Controlling your personal data
Under the GDPR your rights are as follows. You can read more about your rights in details here;
the right to be informed;
the right of access;
the right to rectification;
the right to erasure;
the right to restrict processing;
the right to data portability;
the right to object; and
the right not to be subject to automated decision-making including profiling.
We strive to protect your data and use it only as discussed in this policy. If for any reason you have a complaint on how we have managed your data please get in contact with us by email at firstname.lastname@example.org
Email email@example.com and we'll be happy to help.
- Credit/Debit Cards
- Offline Payments
Our store is hosted on Wix, the checkout process is powered by Braintree, Paypal Inc. Braintree provides us with the online e-commerce payment system that allows us to sell our products and services to you. Your data is stored through Braintree data storage, databases and the general Braintree application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Braintree stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted. All direct payment gateways adhere to the standards set by PCIDSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers. For more insight, you may also want to read Braintree’s legal agreements (https://www.braintreepayments.com/legal).