Privacy Policy

Effective from may 25th 2018

 

Thank you for visiting The Art of Hannah Rose Shaw.

I respect your privacy. I am GDPR compliant. 

This Privacy Policy has been created for those who are concerned with how I use their Personal Data.

Please read this Privacy Policy carefully for a clear understanding of how I collect, use, protect or otherwise handle your Personal Data in accordance with this website and any merchants or Third Parties.

By using or purchasing any of my products or services, you confirm you have read and understood this Privacy Policy and my Cookies Policy. 

1. Key terms

  • In this Privacy Policy, when I refer to “Users”, I refer to visitors to this website and customers who use my Services.
  • "Personal data" refers to information that directly or indirectly allows for personal identification.

2. What does this Privacy Policy apply to?

  • This Privacy Policy explains what Personal Data I collect, why I collect it, and how and where it is stored, for what length of time. 

3. What Personal Data do I collect?

I collect the following Personal Data: 

Squarespace analytics

  • Squarespace Analytics collect Usage Data, including page views, conversion rates, sales, referrers, popular content and IP address. 
  • Squarespace are GDPR compliant. Squarespace are compliant with the Privacy Shield
  • For full details, please review the Squarespace Privacy Policy. 

Emails

  • I will use your email address to respond to you if you have contacted me, or if you have made a purchase from my Etsy shop and I need to contact you regarding your purchase in order to fulfil my service.
  • I do not keep a record of email addresses. I will never use your email address for marketing purposes. 
  • I will keep your correspondence for up to 6 months after service has been fulfilled, incase you would like any alterations to work or further work. After 6 months your correspondence will be permanently deleted from my Gmail account.
  • If you contact me, I will respond using my email address, hannahroseshawart@gmail.com, which is powered by Gmail.
  • Google are GDPR compliant.
  • For full details, please see Google's Privacy Policy

Etsy

  • This website links to my Etsy shop, where you can purchase from me. 
  • Personal Data is collected from anyone who visits my Etsy store or makes a purchase.
  • Personal Data is collected from Etsy Conversations. I will correspond with you using Etsy Conversations, if you have contacted me, or if I need to contact you about an order or purchase in order to fulfil my service. I will never send unsolicited messages. I will keep your correspondence for up to 6 months after service has been fulfilled, incase you would like any further work or alterations to work created. After 6 months your correspondence will be permanently deleted from Etsy Conversations. 
  • If you purchase from my Etsy shop, I will receive Personal Data in order to send you your product, including your address, name, country, email address, payment method and ZIP/ postal code. 
  • I collect Personal Data from payments. When you purchase from me, I receive limited information about your payment details, such as whether you paid via PayPal or Etsy Payments. Payments can be made by use of Etsy Payments or PayPal. PayPal are GDPR compliant. For full details, please visit PayPal's Privacy Policy.
  • I collect data from Etsy Analytics, including page views, item views, and favourites.
  • Etsy require certain Personal Data from customers in order to fulfil their service. This includes name, address and email address.
  • Etsy are GDPR compliant.
  • For full details, please view Etsy's Privacy Policy.
  • Etsy use Cookies, including Session Cookies, Persistent Cookies and Third Party Cookies. They also use Web beacons, social widgets, UTM codes, application SDK;s and local storage objects. For full details, please view Etsy’s Cookies and Similar Technologies Policy. You can use your web browser to opt-in or opt-out of Cookies. You can also contact Etsy to opt-out of Third-Party Networks, Google Analytics and Third Party Tools. Etsy also offer an opt-out for mobile services. 
  • For full details, please view Etsy's Cookies Policy. 

Facebook

  • When you visit our Facebook Page, Facebook Analytics collect Personal Data, including name, age, gender, location and device usage.
  • Messages that you send to us via Facebook Messenger will be stored in Facebook Messenger. We will keep your correspondence for up to 6 months, after which time we will delete it. We will only use Facebook Messenger to respond to your inquiries, and will never send you a message that is unsolicited. 

  • We do not sell directly from Facebook or use Facebook advertising. 

  • Facebook are GDPR compliant.
  • For full details please visit Facebook’s Data Policy.
  • Facebook use Cookies. For full details please visit Facebook’s Cookies Policy. 

Twitter

  • When you visit our Twitter Page, Twitter Analytics collect Personal Data, including name, age, gender, location and device usage. Twitter are GDPR compliant. For full details please visit Twitter's Privacy Policy.
  • Twitter use Cookies. For full details please visit Twitter's Cookies Policy
  • Messages that you send to us via Twitter Messages will be stored in Twitter Messages. We will keep your correspondence for up to 6 months, after which time we will delete it. We will only use Twitter Messages to respond to your inquiries, and will never send you a message that is unsolicited. 

Instagram

  • When you visit our Instagram Account, Instagram Analytics collect Personal Data, including name, age, gender, location and device usage. Instagram are GDPR compliant. For full details please visit Instagram's Data Policy. 
  • Instagram use Cookies. For full details please visit Instagram's Cookies Policy. 

Pinterest

  • When you visit our Pinterest Account, Pinterest Analytics collect Personal Data, including name, age, gender, location and device usage. Pinterest are GDPR compliant. For full details please visit Pinterest's Privacy Policy. 
  • Pinterest use Cookies. For full details please visit Pinterest's Cookies Policy. 

4. How do I collect Personal Data?

I collect Personal Data when: 

  • It is provided by you directly, such as when you place an order.

  • It is recorded automatically when you use our services, such as visiting our shop or viewing our social media.

  • It is received from a Third Party, such as if you make a payment using a payment processor.

5. Whose Personal Data do I collect?

Data is collected from anyone who:

  • Visits this website.
  • Visits our shop or social media links from this website. 

6. Why do I collect Personal Data? 

To fulfil our services

  • Collecting Personal Data allows me to fulfil a service, by allowing you to contact and purchase from me. It allows you to create and manage your Account, purchase my services, process payments and contact me. 

To communicate with you

  • I will communicate with you if you contact me. I will never send unsolicited emails. 

To meet our legal obligations:

  • If you purchase from my Etsy store, I will collect your name, address, contact details and order details for record keeping and tax purposes.
  • This data will be stored or 6 years to comply with UK legal tax requirements. After 6 years the data will be destroyed. 
  • All data is stored digitally in a secure, password protected and encrypted environment.

For enhanced security

  • Processing Personal Data allows me to ensure the security and integrity of our services.

 Third Party relationships

  • Processing Personal Data allows me to maintain Third Party relationships.

7. When do I collect Personal Data?

I will process your Personal Data for the uses described in section 6. when:

I have a legal obligation

  • For example, to comply with tax and government regulations or to comply with a binding law enforcement request.

Consent

  • You have given your consent for me to use your Personal Data. When you consent, you can change your mind at any time.  

I need to fulfil a service or contract

  • If I need to use your Personal Data in order to provide you with the services and products requested by you.
  • If I we need to use your Personal Data to communicate with you or respond to your inquiries.
  • If I need to use your Personal Data so that we can perform a contract with you or take steps at your request before entering into a contract with you. 

There is legitimate interest to do so

  • I have legitimate interest in operating my business and providing you with a service and communication.
  • I have legitimate interest in monitoring the safety and securing of my website, protecting against fraud, spam and abuse.
  • I have legitimate interest in providing and improving my website.

Others legitimate interest:

  • It may be important to protect a Third Party's legitimate interest. For example, my partners who have a legitimate interest in delivering quality products to you via fast and professional services.  

8. How do I share your Personal Data?

I will not sell, trade, or otherwise transfer your Personal Data to outside parties without your consent. With your consent, Personal Data may be provided to Third Parties for fulfilment of services. They are as follows:

Communication: 

Processing payments. 

  • If you make a purchase from me via my Etsy store, your Personal Data is transmitted via an encrypted connection to Etsy Payments or PayPal.

Shipping

  • If you make a purchase from me via my Etsy store, I will ship your item/s to you using Royal Mail's services. 
  • Royal Mail are GDPR complaint. 
  • For full details, please view the Royal Mail Privacy Policy. 

9. Where do we store Personal Data?

  • I store all Personal Data in encrypted and password protected environments.
  • Emails are protected with strong passwords and two-factor authorisation. 
  • I do not store any Personal Data as paper records. 
  • I store your Personal Data for as long is needed to provide you with my services. I also retain Personal Data for as long as necessary to achieve the aims described in this Privacy Policy.

10. How do I protect your Personal Data?

  • Websites powered by Squarespace are scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible. Websites powered by Squarespace use regular Malware Scanning.
  • Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology. 
  • I implement a variety of security measures when a user places an order enters, submits, or accesses their information to maintain the safety of your Personal Data. 
  • All transactions are processed through a Payment Provider and are not stored or processed on my servers.
  • All my accounts are protected with strong passwords and two-factor authentication. 

11. Gaining your consent

  • I do not keep a record of email addresses. I do not send our marketing emails or newsletters. I will never use your Personal Data to contact you about anything that isn't necessary to fulfil my services.
  • I will never supply your contact details to any Third Party without your consent.

12. Subject Access Requests and Right to Erasure

  • You may have the right to access, update, change or delete your Personal Data. If you would like to know what Personal Data I hold relating to your identity, or would like me to erase your Personal Data from my records, please email hannahroseshawart@gmail.com to request these changes. 
  • I will ask you to confirm your identity by checking your information against my records. If your identity can be verified, I will erase your Personal Data from my records within 48 hours.
  • My Cookies Policy explains how you can manage Cookies on this site. 

13. Updates to this Privacy Policy

  • This Privacy Policy will be regularly updated to reflect changes within my business operations, and in technology or law. 
  • When changes are make, I will update the "Effective Date" at the top of this Privacy Policy page and will notify you by displaying a notice of change on our homepage. 
  • Please check this Privacy Policy regularly. This will help you to ensure that you understand your relationship with us and how I process your Personal Data.

14. How to contact us

  • If you have any questions regarding this Privacy Policy, please contact me using the information below.

Hannah Rose Shaw

www.theartofhannahroseshaw.co.uk

Unit 16894
PO Box 6945
London
W1A 6US

hannahroseshawart@gmail.com