Along with my business and internal computer systems, this website is designed to comply with the following national and international legislation with regards to data protection and user privacy:
UK Data Protection Act 1988 (DPA)
EU General Data Protection Regulation 2018 (GDPR)
My responsibility to you
I am committed to ensuring that your privacy is protected – this website is secured by a SSL connection which ensures that your personal information is private when it is sent to this website. Should I ask you to provide certain personal data by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement. Any personal data collected and stored by this website is only accessible by authorised members of our staff (see Data Control).
What personal data do I collect?
I collect the following personal data via the order page, contact links, contact forms or browsing activity:
- address details including post code
- email address
- telephone numbers (landline or mobile)
- computer IP address
- No other personal data is collected or stored by this website.
Why do I collect this personal data?
All data is collected for the purpose of fulfilling your order or for contacting you in respect of your enquiry or request, or for website traffic analysis.
When you visit the website, data such as your geographical location, device, internet browser and operating system is collected as part of our traffic analysis software, none of this information personally identifies you to me. My webserver also records your computer’s IP address which could be used to personally identify you under certain circumstances.
How long is data kept for?
I will keep your personal data for no longer than reasonably necessary and I only retain your personal data for the purposes mentioned. I will keep your personal data for the purposes of processing orders now and in the future and if I need to contact you or supply you with requested information. You may request your personal data be removed from this system at any time (see Data Control).
Your rights and your personal data
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:
- to withdraw your consent for me to hold your personal data for processing purposes
- to request a copy of the personal data I hold about you
- to request that I correct any personal data if found to be out of date or inaccurate
- to request your personal data is erased where it is no longer necessary to retain such data
- to request that I provide you with your personal data plus, if possible to transmit that data directly to another data controller
- to request a restriction be placed on further processing if there is a dispute in relation to the accuracy or processing of your personal data
- to object to the processing of personal data
I am committed to ensuring that your personal data is secure. In order to prevent unauthorised access or disclosure I have put in place suitable physical, electronic and managerial procedures to safeguard and secure the personal data I collect online. Any personal data collected and stored by this website is only accessible by authorised members of my staff (see Data Control).
Debit card/credit card details
I use a third party payment processing gateway (Stripe) to process all online debit card and credit card transactions. The Stripe dashboard collects your payment data over an encryped server. I have access to the server to verify payments, etc, but have no access to your actual card information which is stored hidden by the Stripe server.
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual – in the case of my site it can remember your shopping cart content and your account details if you create one.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer – depending on your browser, the process will vary. For detailed help on how to manage and delete cookies please consult the following website – https://www.aboutcookies.org/. If you disable cookies, some features of the website may stop working but this will in no way affect your use of the website.
I also use traffic log cookies to identify which pages are being used. This helps me analyse data about webpage traffic and improve my website in order to tailor it to customer needs. I only use this information for statistical analysis purposes and the data is stored on the webserver – it is not stored by this website. This website traffic analysis system records your computer’s IP address which could be used to personally identify you under certain circumstances.
Links to other websites
This website may contain links to other websites of interest. However, once you have used these links to leave this site, you should note that I do not have any control over that other website. Therefore, I cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website(s) in question.
The authorised data controller for this website is Mitchell Wright (firstname.lastname@example.org). Any enquiries regarding data I hold should, in the first instance, be addressed to the authorised data controller.
I will not, under any circumstances, sell, distribute or lease your personal data to third parties unless I am required by law to do so.
You may request details of personal information which I hold about you. If you would like a copy of the information held on you please email your request to the authorised data controller. If you believe that any information I am holding on you is incorrect or incomplete, or if you wish to have your personal data removed from my system, please email the authorised data controller:
Authorised Data Controller