Little Weaver Arts Ltd (“we”, “us”, “our”) are committed to the protection of your privacy and the security of your personal data.
This policy explains how we handle and use the data we collect from you in order to fulfil our obligations in a manner consistent with your rights under the law, including the General Data Protection Regulation (GDPR), effective from 25th May 2018.
The data controller is Little Weaver Arts Ltd, company number 10299979, registered office address Crown Chambers, Princes Street, Harrogate, North Yorkshire, United Kingdom, HG1 1NJ.
https://www.littleweaverarts.com/ is owned and operated by Little Weaver Arts Ltd., hosted in the UK by Wonder Media https://www.wondermedia.co.uk/privacy-and-terms/privacy-statement/ and powered by WordPress https://wordpress.org/about/privacy/ Our ecommerce platform is provided by WooCommerce (part of WordPress, owned by Automattic Inc. https://automattic.com/automattic-and-the-general-data-protection-regulation-gdpr/).
WHAT INFORMATION WE COLLECT FROM YOU
We collect information you give us voluntarily when you place an order, create an account on our website, enter a competition or contact us directly by email, phone, letter or via social media. This information may include your name, address, email address and phone number.
Our website also collects information about each visit you make using cookies. Cookies are small text files that are placed on your device to help the site provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping baskets, and provide anonymised tracking data to third party applications like Google Analytics. As a rule, cookies will make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser or looking at https://www.aboutcookies.org/ which offers guidance for all modern browsers
HOW WE USE YOUR INFORMATION
We only use your information for the specific purpose indicated at the point of consent i.e. when you provide information voluntarily in order to receive goods, services or information from us. For example, if you have placed an order with us, we may contact you to update you on the status of that order, but you will not receive other communications from us unless you have explicitly asked to receive them.
In order to fulfil our obligations to you when supplying goods, services or information, we will share your information with certain third-party service providers:
All payments made on our website are processed through Stripe and PayPal. These companies process your payment details on our behalf – you can view their data protection policies at https://stripe.com/gb/privacy and https://www.paypal.com/uk/webapps/mpp/ua/privacy-prev
We do not store any customer payment information (i.e. debit or credit card details) on our own servers – these details are held in our accounts with Stripe and PayPal and are tokenized, ensuring they cannot be viewed by any third-party, including us.
We take the issue of data security very seriously and have put all reasonable measures in place to prevent your personal information from being lost, stolen or otherwise accessed, altered or transferred without your authorisation.
Our website is SSL certificated, which means all data you provide is fully encrypted to prevent it being read by third parties. Your web browser will indicate that our site provides a secure ecommerce environment by showing a locked padlock icon. Once we have received your information we will use strict procedures to keep it secure and safe – please be aware however that the transmission of data via the internet can never be 100% secure and is done entirely at your own risk
We also advise that when creating an account with us you use a strong password (a mixture of uppercase and lowercase letters, numbers and symbols) and take care to keep this password confidential – do not share it with anyone.
Access to your information is strictly limited to those employees and aforementioned third-parties who have a need to know in order for us to fulfil our obligations to you.
We have put processes in place to identify any suspected security breach and will notify you and the Information Commissioner’s Office (ICO) of any such breach in cases where we are legally required to do so.
WHERE AND HOW WE STORE YOUR DATA
Your data is stored on our secure servers hosted in the UK, or, where you have given consent, either by entering payment details to complete a purchase, or by opting in to our email newsletter, it will be handled by our third-party processors both inside and outside the EU to fulfil the specific purpose understood at the point of consent. This includes PayPal (EU), Stripe (US) and MailChimp (US). Stripe and Mail Chimp are certified to the EU-US and Swiss-US Privacy Shield Framework.
We will retain your data for as long as is necessary to fulfil our obligations to you, or as long as you permit us to keep it. We will review the data we hold on an annual basis and delete any personal information that no longer serves a purpose useful to you.
YOUR RIGHTS UNDER THE GENERAL DATA PROTECTION REGULATION
You have the following rights under the GDPR:
We make no guarantee that our website and social media pages are free from errors, defects or viruses and accept no liability for any losses that may occur from reliance on information contained within those sites.
Our website may contain links to the websites and/or social media pages of other organisations, such as retailers or media outlets. Please note that we bear no responsibility for the web content or privacy policies of these organisations and advise caution when visiting them.
To exercise your rights as laid out in this policy, or to make any other enquiry or request, please email us at firstname.lastname@example.org
This policy was last updated on 17th May 2018