13th November 2020
The type of personal information I collect:
In order for me to complete your order, you must provide me with certain information such as your name, email address, billing address, shipping address, payment information, and details of the product you are ordering. You may also choose to provide me with additional personal information (for a bespoke custom order of a trinket dish, for example), if you contact me directly.
How I use your personal information:
I use the information that I collect generally to provide my services and fulfil any orders placed through the site (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations). Additionally, I use this order information to:
- Communicate with you;
- Screen orders for potential risk or fraud; and
- When in line with the preferences you have shared with me, provide you with information or advertising relating to our products or services.
How I get the personal information and why I have it:
Most of the personal information I process is provided to me directly by you for one of the following reasons:
In order to provide my services and fulfil any orders placed through the site, including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations).
Under the General Data Protection Regulation (GDPR), the lawful bases I rely on for processing this information are:
(a) Your consent. You are able to remove your consent at any time. You can do this by contacting firstname.lastname@example.org
How I store, use, share and disclose your personal information:
My company is hosted on the Wix.com platform. Wix.com provides me with the online platform that allows me to sell my products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
All direct payment gateways offered by Wix.com and used by my company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by my store and its service providers.
Your data protection rights
Under data protection law, you have rights including:
- Your right of access - You have the right to ask me for copies of your personal information.
- Your right to rectification - You have the right to ask me to rectify personal information you think is inaccurate. You also have the right to ask me to complete information you think is incomplete.
- Your right to erasure - You have the right to ask me to erase your personal information in certain circumstances.
- Your right to restriction of processing - You have the right to ask me to restrict the processing of your personal information in certain circumstances.
- Your right to object to processing - You have the the right to object to the processing of your personal information in certain circumstances.
- Your right to data portability - You have the right to ask that I transfer the personal information you gave me to another organisation, or to you, in certain circumstances.
- You are not required to pay any charge for exercising your rights. If you make a request, I have one month to respond to you.
If you would like to: access, correct, amend or delete any personal information I have about you, please contact me at email@example.com