How Do I Know My Credit Or Debit Card Details Are Safe On Your Site?
We recognise that security is a major concern when shopping online. We have put a very secure system in place so you can feel completely at ease when shopping on our site.
When you make a purchase or attempt to make a purchase through the Site, we only collect information from you that is necessary to fulfil your order. This information includes your name, billing address, shipping address, payment information, email address, and phone number. We refer to this information as “Order Information.”
When you make a payment on our website you may provide payment information such as your credit/debit card or other payment details. We use secure form integration with a Payment Card Industry compliant third-party payment service (SagePay) to process all credit/debit card payments. This means that any transactions occur on the secure server of SagePay. All information you input is securely encrypted. No data concerning credit/debit cards is stored on our site. This does mean that you have to re-enter your card details every time you place an order with us, but this does ensure increased security.
You also have the option to pay through PayPal. Again, we do not store any credit/debit card/PayPal account information on our servers. You can view the SagePay and PayPal privacy policies here:
You have the option to create an account with the Site to make ordering quicker and easier. When creating an account you will be asked to give certain information, including your name, billing address, shipping address, email address and telephone number. This information is stored so that it is easier for you to make orders. When logged into your account you will be able to access and update the above information. You will also be able to view any previous orders.
We do not pass this information onto any third party.
Deleting Your Account
You may request that your account is deleted by emailing us at firstname.lastname@example.org and we will delete your account and all its data.
Once deleted, your data cannot be reinstated.
How Do I Know Your website is secure?
We take the the safeguarding of collection, transmission and storage of data very seriously.
We use industry standard Secure Sockets Layer (SSL) technology which allows for the encryption of personal information (our secure URL’s begin with hhtps:// as opposed to http://). The security symbol of your browser (often shown as a padlock) will help you confirm that you are communicating with a secure server.
Our site is protected by online security, which offers us receive real-time information on the strength of our protection.
When sharing data with our website you should use a security-enabled browser. If you do not use an SSL-capable browser then you are at risk of having data intercepted (this is standard good practice when accessing any website on the internet and should be followed at all times).
Most web browsers can notify you if you change between secure and insecure communications or send information over an unsecured connection. We strongly recommend that you enable these browser functions to help ensure that your communications are secure. You can view the details of the security certificate of the websites you connect to.
What Personal Information Do You Collect?
When you visit most websites certain information about your device is automatically collected.
On our Site this includes information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information.”
We collect Device Information using the following technologies:
– “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
– “Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Site.
“Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier.
Our cookies do not contain any personal information about you and are used only to determine your browser and user preferences for our site. This helps us to provide you with the best service and to make it easier when you shop.
You can, if you prefer, set up your internet browser to not accept cookies. You should still be able to use our site without having cookies enabled. However, this may affect the ability to carry out certain functions such as placing orders.
How Do We Use Your Personal Information?
We use the Order Information that we collect at checkout to fulfil any orders placed through the Site (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations). We ask for a telephone number so that we can contact you quickly if there is any issue with your order that we need to discuss.
Additionally, we use this Order Information to screen orders for any potential risk or fraud.
We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).
Sharing You Personal Information
Our aim is to share your Personal Information with as few third parties as is necessary to provide you with a high level of service. We share your Personal Information with a few third parties to help us use your Personal Information, as described above.
For example, as described above, we use secure form integration with SagePay to process credit/debit card payments securely.
Also, we use PayPal as another payment option.
We use Woocommerce to power our online store.
We also use Google Analytics to help us understand how our customers use the Site and this helps us to improve the user site experience. All of the IP data sent to google analytics is anonymised.
You can read more about how Google uses your Personal Information here: https://policies.google.com/privacy?hl=en
You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout
Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a court order, search warrant or other lawful request for information we receive, or to otherwise protect our rights.
Our Mailing List
If you opt into our mailing list (by clicking on the link in the confirmation email) we will send you our newsletter by email. Our newsletter informs you about new products, designs and special offers. When you sign up for our email newsletter you will provide us with a first name and an email address. Your IP address will also be logged to prevent fraud.
Our emails are handled by Aweber on their secure servers which are based in the United States. Please note that this means that the above information will be transferred to the USA. Aweber are signed up to the EU-US Privacy Shield.
If you do not want to continue to receive offers and promotions by email, you can unsubscribe at any time by clicking on the link at the bottom of any newsletter email from us. You can also email us email@example.com to request removal from the list.
We may de-identify or aggregate some of the data you give us when opting into our email list in ways that do not personally identify you. This helps us better understand our customers and, in turn enable us to provide a better service for them.
Will You Sell My Data On To Third Parties For Marketing Purposes?
We will never sell on your personal information to a third party for marketing purposes.
EU Members’ Rights And The GDPR
The GDPR (General Data Protection Regulation, enacted in May 2018) gives EU citizens the right to access, alter, download or erase their information. Also, citizens have the right to restrict and object to certain processing of their information.
Additionally, if you are a European resident please note that we are only collecting, storing and processing your information in order to fulfil contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above.
If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. You also have the right to download the data.
Data Access and Alteration
You can access and rectify/update much of your information by logging into your account.
If there is any additional information you would like to access, update, or need any assistance in handling your data, please contact us through the contact information below.
Data Alteration or Deletion
If there is any information you would like to download or have deleted then please contact us through the contact information below.
Our company is registered in the United Kingdom, but our website is hosted in the United States. If you are located outside of the United States and choose to use this website or provide information to us, you acknowledge and understand that your information will be transferred, processed and stored in the United States.
Also, please note, as stated above in the section on “Sharing Your Personal Information”, some of the third parties we work with (including Google Analytics, WooCommerce and Aweber) also have servers based in the USA and so data will be transferred to their servers.
The Site is not intended for individuals under the age of 18.
Right To Object and Complaints
If you are unsure about any aspect of our use of your data or would like to object to any of the ways in which we process your data then please contact us (see below). We will endeavour to assist you in any way we can. However, should you wish to raise a concern about our use of your information (and without prejudice to any other rights you may have), you have the right to do so with your local supervisory authority.
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at firstname.lastname@example.org or by mail using the details provided below:
Ben and Hannah Dunnett Ltd
The Old Workshop