When you interact with us through our website (or otherwise) you may provide, or we may collect, certain information from which you are personally identifiable (which is referred to as personal data). For the purposes of the General Data Protection Regulation or “GDPR” (and all other laws relating to the use your personal data), we are the “data controller”, meaning that we are responsible for deciding how your personal data is used and more importantly, for keeping your data safe and only using it for legitimate reasons.
WHAT INFORMATION DO WE COLLECT?
When you communicate, order or visit our site, you may provide us with certain personal information (including via our online store). This includes:
- Identity – first name, surname, date of birth, gender, country of residence
- Contact – email address, telephone numbers and address
- Financial – payment card details, billing address, purchase information, payment history
- Profile – your preferences for marketing, other website preferences and feedback
We may collect the following types of information from you when you use our website (using Cookies or other tracking technologies):
- Usage – information about how you use our website, including time spent on page, click-throughs, download errors
- Technical – IP address, browser type, hardware type, network and software identifiers, device information, operating system and system configuration.
HOW DO WE COLLECT INFORMATION?
Information may be collected through direct input from yourself (newsletter subscription, entering details via a contact form, emailing info@littlelondonbloomers, placing an order)
Information is also collected via our website host wix.com.
WHY DO WE COLLECT INFORMATION?
We and our site host (wix.com) collect data (non-personal and personal) information for the following purposes:
-To provide and operate services
- To provide our users with ongoing customer assistance and technical support
-To be able to contact our visitors and Users with general or personalised service-related notices and promotional messages (provided they have agreed to receive these)
- To create aggregated statistical data and other aggregated and or/inferred non-personal information, which we or our business partners may use to provide and improve our respective services.
-To comply with any applicable laws and regulations
• Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
• Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it (if any) more relevant to your interests. We may also share this information with third parties for this purpose.
We will only use your personal data for the purposes for which we have collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
HOW DO WE STORE, USE, SHARE AND DISCLOSE ANY COLLECTED INFORMATION?
Our company is hosted on the wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through wix.com’s data storage, databases and the general wix.com applications. They store your data on secure servers behind a firewall.
All direct payment gateways offered by wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements helps endsure the secure handling of credit card information by our store and its service providers.
WHO DO WE SHARE YOUR INFORMATION WITH?
You agree that we have the right to share your personal information with:
- Any member of our group
- Selected third parties including:
Wix – who host our online site and marketing emails
Analytics and search engine providers that assist us in the improvement and optimisation of our website.
We will only disclose your personal information to third parties:
-if we are required to do so by law (including in connection with any safeguarding concern) or pursuant to a binding regulatory request (in such circumstances, such disclosure will at all times be solely to the extent required by law or the applicable regulatory request);
-in the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets;
-to protect the rights, property, or safety of our users, or others which may include exchanging information with third party companies for the purpose of fraud prevention or credit risk reduction.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. We also make sure that third parties who need to handle your data when helping us to deliver our services are subject to suitable confidentiality and security standards.
Notwithstanding this, please note that we cannot guarantee the security of any data that you send to us via the internet or which is collected using online devices/tracking technology.
LINKS TO OTHER WEBSITES
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
TRANSFERS OF DATA OUTSIDE THE EEA
The European Economic Area or “EEA” is deemed to have good standards when it comes to data privacy. As such, we consciously limit the occasions when we may need to transfer or handle your data outside of the EEA. Where we do, for example where our service providers are based outside of the EEA, we make sure that your data is still treated fairly and lawfully in all respects (including making sure we have a legal ground for sending your data outside the EEA and putting in place all necessary safeguards for such arrangements).
Where relevant, you will have the right to see a copy of any safeguards we put in place for international transfers of your data. Just get in touch with us if you would like to find out more.
We will retain your personal data only for as long as is strictly necessary for the purposes for which such data was originally collected (or for such longer period as may be required by law). In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
CONTROLLING YOUR PERSONAL INFORMATION
In certain situations, you are entitled to:
- access a copy of your personal data;
- erase your personal data;
- object to the processing of your personal data where we are relying on a legitimate interest (as set out in the above table);
- restrict the processing of your personal data;
- request the transfer of your personal data to a third party; or
- where you have provided your consent to certain of our processing activities (including to any direct marketing) you may withdraw your consent at any time (but please note that we may continue to process such personal data if we have legitimate legal grounds for doing so).
In addition to the above, you may get in touch with the ICO (Information Commissioner’s Office) if you are concerned about the way in which we are handling your personal data. We would like to ask that you always try communicating with us first, should you have any concerns.
[Updated June 2018]