PERSONAL INFORMATION WE COLLECT
When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information.”
We collect Device Information using the following technologies:
- “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier.
- “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
- “Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Site.
Additionally, when you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, shipping address, payment information (including credit card numbers, sent via our third-party gateway Stripe), email address, and phone number. We refer to this information as “Order Information.”
We also collect information when you contact us through our “Get in touch” contact form or if emailing us directly. This information includes your name, email address, and order number.
HOW DO WE USE YOUR PERSONAL INFORMATION?
We use the Order Information that we collect generally to fulfill any orders placed through the Site (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations). Additionally, we use this Order Information to:
- Communicate with you
- Screen our orders for potential risk or fraud
- Where we have your permission, provide you with information or advertising relating to our products or services.
We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).
HOW WE PROTECT YOUR DATA
To protect our customer’s data we ensure we’re using the latest up-to-day software, services and we constantly maintain our website to ensure any security bugs are patched. We also encrypt passwords using MD5 Password hashing and ensure our staff is trained to handle your data in a legal and safe manner.
WHAT DATA BREACH PROCEDURES DO WE HAVE IN PLACE
We have a number of data breach procedures in place once we’re aware of such instances.
- Our staff knows how to escalate a security incident to the appropriate person in our organization to determine whether a breach has occurred.
- If a breach results in a risk to people’s rights and freedoms we shall formally report it to the ICO within 72 hours.
- We will contact our affected customers without delay.
- We will inform all non-affected customers of our data breach for extra safety measures.
If you have noticed a potential security vulnerability on our website please contact us immediately via email@example.com
SHARING YOUR PERSONAL INFORMATION
We share your Personal Information with third parties as described above. For example, we use WordPress & Woocommerce to power our online store. We also use Google Analytics to help us understand how our customers use the Site, Hotjar which records users behavior across the website to allow us to improve the user experience, MailChimp for our email newsletter as we may store a record of your email and the cart contents for up to 30 days on their server and Stripe to power or payment gateway.
Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful requests for information we receive, or to otherwise protect our rights.
As described above, we may use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you.
If you are a European resident, you have the right to access the personal information we hold about you and to ask that your personal information is corrected, updated, or deleted. If you would like to exercise this right, please contact us immediately via firstname.lastname@example.org
Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information may be transferred outside of Europe, including to Canada and the United States.
When you place an order through the Site, we will maintain your Order Information for our records unless and until you ask us to delete this information.
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at email@example.com