when we collect your data & what we do with it:
when you order from us
when you use our store to order items, your name, email address and/or phone number and physical address are collected so that we can fulfil your order. these details are used only to fulfil your order. they will not be added to any email lists or given to third parties.
after we fulfil your order, you will receive emails of special offers and discounts only if you explicitly opt-in to receiving these communications at the checkout stage. our checkout is set by default to not add your details to such communications unless you opt-in by checking the relevant box.
email marketing communications
we only send email marketing communications to those customers and subscribers who have explicitly opted-in to receive this communication. we use a third party supplier called mailchimp to handle this email and you can read their policy on how they handle your information here: https://mailchimp.com/legal/privacy/
we have put in place security measures to prevent your personal data from being accidentally lost, used, altered, disclosed, or accessed without authorisation. we allow access to your personal data only to those employees and partners who have a business need to know such data. they will only process your personal data on our instructions and they must keep it confidential.
we have procedures in place to deal with any suspected personal data breach and will notify you & any applicable regulator of a breach if we are legally required to.
when will we share your personal data?
we may have to share your personal data with the parties set out below:
- service providers who provide i.t and system administration services
- professional advisers including lawyers, bankers, auditors and insurers
- government bodies that require us to report processing activities
we require all parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. we only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.
we reserve the right to disclose or share your personal data in order to comply with any legal requirements, enforce our terms and conditions, or any other agreement we enter into with you, or to protect the rights, property, or safety of our business and other customers. this includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
countries outside of the european economic area (e.e.a) do not always offer the same levels of protection to your personal data, so european law has prohibited transfers of personal data outside of the e.e.a unless the transfer meets certain criteria.
many of our third parties service providers are based outside the european economic area (e.e.a) so their processing of your personal data will involve a transfer of data outside the e.e.a. they include:
- shopify whose platform provides the hosting and functionality of this e-commerce store https://www.shopify.com/legal/privacy
- mailchimp who we use to provide our newsletter https://mailchimp.com/legal/privacy/
- shopify payments (provided by stripe) who we use to process payments https://stripe.com/gb/privacy
- googlemail who are our email service provider https://policies.google.com/privacy?hl=en-GB
all the third party providers we use have committed to privacy practices that are compliant with the general data protection regulations of the european union.
whenever we transfer your personal data out of the e.e.a, we do our best to ensure a similar degree of security of data by ensuring at least one of the following safeguards is implemented:
we will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the european commission; or
where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanisms approved by the european commission which give personal data the same protection it has in europe; or
where we use providers based in the united states, we may transfer data to them if they are part of the e.u-u.s privacy shield which requires them to provide similar protection to personal data shared between the europe and the u.s.
if none of the above safeguards is available, we may request your explicit consent to the specific transfer. you will have the right to withdraw this consent at any time.
data retention - how long we keep your data
we will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
we shall keep your data for the period of time you hold an account with us, to enable us to contact you, keep a record of your past orders and supply you with any new orders. we shall not keep your personal information for any longer than necessary to fulfil our obligations to you or to meet our legitimate business interests or legal requirements. for tax purposes the law requires us to keep basic information about our customers (including contact, identity, financial and transaction data) for six years after they stop being customers.
you have the right to see the information we hold on you, to have it corrected, to have it deleted, or to withdraw your consent to our processing of your data.
if you would like to know what information we hold on you or would like to have all the information we hold about you deleted, or any other question or request connected to your data, please contact us with your request. we will get back to you within 2 business days.
a cookie is a text file containing a small amount of data which is downloaded to your computer when you visit a website for the first time. they play an important role in helping to enhance the user experience and performance of a website. cookies can remember your preference settings on a website and in some cases cookies are essential to enable you to move around a website and use its features.
full list of cookies used by shopify:
- _session_id storefront allows shopify to store information about your session (referrer, landing page, etc..) - unique token / sessional
- _shopify_visit storefront & checkout.shopify.com used by our internal stats tracker to record the number of visits to the shop - persistent for 30 minutes from the last visit
- _shopify_uniq storefront & checkout.shopify.com counts the number of visits to a store by a single customer - expires midnight (relative to the visitor) of the next day
- cart storefront stores information about the contents of your cart - unique token / persistent for 2 weeks
- _secure_session_id storefront stores session information for the checkout process - unique token / sessional
- storefront_digest storefront if the shop has a password, this is used to determine if the current visitor has access - unique token / indefinite
opting out of cookies
you can block cookies being stored on your computer through the settings on your browser. however, this will block cookies on every site you visit, and will prevent the functioning of many websites, including this one.