This Privacy Notice details how I collect and process your personal data through using my site www.fionapurves.co.uk. As a sole-trader, I’m a small operation, and always seek to work in the most secure ways possible.
Since it’s just me on the team, I’m also the data controller, and I am responsible for your personal data.
If you want to opt out, you can set your browser to not accept cookies, but please note that this may limit your ability to use certain parts of the site.
When you visit my website, your computer’s IP address is automatically received, which provides me with information on your browser and operating system. This enables Squarespace, the hosting platform, to analyse visitor activity so I can easily track visitor use of the website and log statistics on website activity. For example, this information allows me to see which areas of my website are the most popular, and which areas need to be improved. No attempt is taken (by me or by Squarespace) to personally identify anyone with this information.
Making a Purchase
When you make a purchase from the shop, I will collect information you provide - your name, e-mail address and postal address - so I can fulfil your order and get it sent to you. I don’t collect any information I don’t need, including phone numbers or any sensitive information such as gender, race or age.
The information you provide is stored within the e-commerce platform on our website host, Squarespace. Secure Socket Layer (SSL) technology is in place to keep everything secure.
I’m required by law to keep all my customer information for 6 years after the date of purchase; after this period has elapsed the information will be deleted.
The information you provide when making a purchase is not shared with anyone else, and is not used for any purpose other than fulfilling your order and dealing with any issues that may arise.
Payments are taken either directly through my website, or are externally directed to Paypal. You are given the option at the checkout to choose which you’d prefer.
Payments taken directly through my website are processed by Stripe, who will securely store any credit card data you provide. This information is encrypted with Secure Socket Layer (SSL) technology and is stored with AES-256 encryption.
If you commission me to create a piece of artwork, or if I am creating a custom print for you, I will ask you to send me some photographs to work from. I’ll save these onto my computer for the duration of the project. They will be kept private, and once the project is complete, the photographs will be deleted.
The only requirement for me to share your information would be if you choose to complete a purchase from my website via Paypal, which is detailed above. Otherwise, your personal information will not be shared, sold or rented to anyone, unless it is required under the special circumstances as detailed below;
- Professional advisers, such as lawyers, bankers, auditors and insurers.
- HM Revenue & Customs, regulators and other authorities in the UK and any relevant jurisdictions who require reporting of processing activities in certain circumstances.
- Third parties to whom I sell, transfer or merge parts of my business or my assets.
- Service providers for IT and system administration services.
All third parties with whom I must share your data are required to respect the security and comply with the law. Access to your data is only allowed for specific purposes and as per my instructions.
Your legal rights
Under certain circumstances, you have the right under data protection laws regarding your personal data, which include the right to:
- Request access to your personal data
- Request correction of your personal data
- Request erasure of your personal data
- Object to processing of your personal data
- Request restriction of processing your personal data
- Request transfer of your personal data
- Right to withdraw consent.
You can find out more here: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
If you would like to exercise any of the rights as above, email email@example.com and I will respond to all legitimate requests within one month.
I reserve the right to make changes to this policy if necessary. Any changes will be posted on this page. This policy was last modified on 03/05/18.