Privacy policy

1. Introduction
This Privacy Notice explains in detail the types of personal data I may collect about you when you interact with me.

It also explains how I’ll store and handle that data, and keep it safe.


I know that there’s a lot of information here, but I want you to be fully informed about your rights, and how I use your data. 

I hope the following sections will answer any questions you have but if not, please do get in touch with me.



2. The legal bases I rely on
The law on data protection sets out a number of different reasons for which a company may collect and process your personal data, including:


Consent
In specific situations, I can collect and process your data with your consent.
For example, when you check a box to receive email newsletters.

By using my website or submitting any Personal Information, you consent to the collection, transfer, storage, disclosure, and use of your Personal Information in the manner set out in this Privacy Policy. If you do not consent to the use of your Personal Information in these ways, please stop using this website.

Contractual obligations
In certain circumstances, I need your personal data to comply with our contractual obligations.

For example, if you order an item from me for home delivery, I’ll collect your address details to deliver your purchase, and pass them to my courier.

Legal compliance
If the law requires me to, I may need to collect and process your data.

For example, I can pass on details of people involved in fraud or other criminal activity to law enforcement.

Legitimate interest
In specific situations, I require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running my business and which does not materially impact your rights, freedom or interests.

For example:
I may use your purchase history to send you personalized offers. 
I also combine the shopping history of many customers to identify trends and ensure I can keep up with demand, or develop new products/services.



3. Security
I take the utmost care and take all appropriate steps to protect your data.
I use industry best practices to keep any information collected and/or transmitted secure. This includes the use of HTTPS with TLS (Transport Layer Security), which encrypts all transmitted data. All transactional areas of my websites operate as secure access only, using HTTPS technology and follow all guidelines from my payment gateway providers.

My website is hosted and operated by SupaDupa (SupaDupa.me) who regularly monitor their systems for possible vulnerabilities and attacks, and carry out regular testing to identify ways to further strengthen security.


My company-wide commitment to your privacy
To make sure your personal information is secure, I communicate our privacy and security guidelines to all employees and strictly enforce privacy safeguards within the company.



4. When do I collect your personal data?

When you visit my websites and purchase products or services.
When you make an online purchase.
When you engage with me on social media.
When you contact me by any means with queries, complaints etc.
When you choose to complete any surveys I send you. 
When you enter prize draws, competitions or sign up to my mailing list.



5. How long do I keep your data?
Whenever I collect or process your personal data, I’ll only keep it for as long as is necessary for the purpose for which it was collected.

When you place an order, I’ll keep the personal data you give me for at least five years so I can comply with our legal and contractual obligations. At the end of that retention period, your data may be retained, deleted completely or anonymized, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.


6. How and why do I use your personal data
I use your personal data for the following general purposes:

To process any orders that you make through website.
I will need to collect some personal data from you during the checkout process. 

The data I require may include - but not limited to - your name, delivery details, phone number, email address, billing information including billing name and address, credit card number, among other personal data.

To comply with legal obligations
To be able to provide some of my products and services to you, I may be required by law to request and hold some personal data.

Additionally, I may use the order details to:
Communicate with you
Screen my orders for potential risk or fraud
When in line with the preferences you have shared with me, provide you with information or advertising relating to additional products or services that might be of interest to you.

You can opt out of providing this additional information by simply not entering it when asked or you could stop using this website.

To better understand how visitors use my website
I may also collect other information regarding your use of the Website.

I collect and use certain information from your computer or mobile devices to monitor the activities and performance, and more generally to improve and optimize my website (for example, by generating analytics about how my customers browse and interact with the site).

Remember, if you choose not to share your personal data with me, or refuse certain contact permissions, I might not be able to provide you with the products or services you have asked for.


7. The data I receive or collect
When you use this website, place orders or communicate with me, I collect some personal data about you such as:


First name and Last name
Email address 
Shipping & delivery address
Your billing details and any necessary other information to complete any financial transaction. When making purchases through the checkout, I may also collect your credit card or PayPal information
Your IP Address and, when applicable, timestamp related to your consent and confirmation of consent
The geographic area where you use your computer and mobile devices
other information submitted by you through various methods (phone, email, online forms, surveys, in-person meetings, etc)
Information I may receive relating to communications you send me, such as queries or comments concerning my products or services
Information relating to an individual’s real time location
The type of hardware and software you are using (for example, your operating system or browser)



8. Cookies and trusted third-parties
I use a number of trusted third-party services or companies to enhance or personalize your journey through my website. For these services to work, I sometimes share your personal data with them.
I provide only the information they need to perform their specific services.


These services may use cookies to track and identify you as you use the website. This is so they can deliver the enhancements they are contracted with me to provide. 

For example, I use SupaDupa to power this website. 
You can read more about how SupaDupa handles your data in the SupaDupa privacy policy: http://info.supadupa.me/privacy.



These are the third-party services I currently work with that will process your personal data as part of their contracts with me: 


SupaDupa - I use the SupaDupa ecommerce platform to power this website and online checkout. 
You can read more about how SupaDupa handles your data in the SupaDupa privacy policy: http://info.supadupa.me/privacy.

Google Analytics - I use Google Analytics to monitor site traffic and user behaviour. 
Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google utilizes the Data collected to track and examine the use of this Website, to prepare reports on its activities and share them with other Google services. Google may use the Data collected to contextualize and personalize the ads of its own advertising network.
You can learn more about privacy at Google and to opt-out of this feature by installing the Google Analytics Opt-out Browser Add-on.

Google AdWords - I use Google AdWords to advertise my products and services.
Google AdWords conversion tracking is an analytics service provided by Google Inc. that connects data from the Google AdWords advertising network with actions performed on this Application.

You may opt out of such display advertising at any time by visiting your Google Ads Settings page or by installing and running the Google Analytics Opt-out Browser Add-on.

Facebook Pixel - I use Facebook Pixel to monitor site traffic and user behaviour
Facebook Pixel is a web analysis service provided by Facebook, Inc. Facebook Pixel utilizes the Data collected to track and examine the use of this Website, to prepare reports on its activities and share them with other Facebook services.

YouTube video widget
YouTube is a video content visualization service provided by Google Inc. that allows me to incorporate video content on my pages.

Vimeo video widget
Vimeo is a video content visualization service provided by Vimeo Inc. that allows me to incorporate video content on my pages.

New Relic - used to monitor website performance and customer experience to inform improvements to my website.

Addthis - I use Addthis to offer social sharing tools to visitors of our website.
You can read more about Addthis privacy policy and how to opt out of being tracked at http://www.addthis.com/privacy/opt-out. 

Mailchimp - I use Mailchimp to send e-mails if you opt in and give permission for me to do so. You can do this at the time you check out when you place an order on my website.

Braintree - I use braintree to process credit card payments when you order and use a credit card to purchase your items from my website.

Paypal - I use Paypal to process payments when you order and use Paypal to purchase your items from my website.



9. Where your personal data may be processed
Sometimes I will need to share your personal data with third parties and suppliers outside the European Economic Area (EEA), such as Australia, Canada or the USA.



The EEA includes all EU Member countries as well as Iceland, Liechtenstein and Norway. I may transfer personal data that I collect from you to third-party data processors in countries that are outside the EEA. For example, this might be required in order to fulfill your order, process your payment details or provide support services. If I do this, I have procedures in place to ensure your data receives the same protection as if it were being processed inside the EEA. 



SupaDupa, the service that powers this website, is a British company with its head-office located in London, England. For the purposes of EU data protection law, the United Kingdom is considered a country which provides adequate protections for Personal Information, as confirmed by the European Commission in Commission Decision 2002/2/EC.

The service is run mainly from their offices in London. However, by the very nature of the service, the data that is viewed, collected, stored or posted on or through their platform also needs to flow from wherever you are located in the world, to where they are storing the data (i.e. in most cases, in the United States). In addition, SupaDupa also uses third-party service providers (such as managed hosting providers, card processors, sub-processors of Customer Content and technology partners) to provide the necessary hardware, software, networking, storage and other services that I use to operate their services. These third party providers may process, or store, the same Customer Content on servers outside of the EEA, including in Canada or the US.



By continuing to use this website, or submitting any personal data, you authorize SupaDupa and its authorized service partners to use and process your Data (including any personal information you provide) in these countries. Please be aware that the privacy protections and the rights of authorities and Government agencies to access your personal information in some of these countries may not be equivalent to those in your country. You can read more about SupaDupa’s privacy policy at https://info.supadupa.me/privacy




10. How “Do Not Track” requests are handled
This website does not support "Do Not Track" requests.
To determine whether any of the third-party services I use honor the “Do Not Track” requests, please read their respective privacy policies.




11. Your rights
If you are a EEA resident, you have the right to access personal information I hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact me through the contact information below.

You have the right to contact me to obtain a copy of the personal information I hold about you. This may be subject to a fee not exceeding any prescribed fee permitted by applicable law. Please note that certain personal information may need to be retained for a period of time following cancellation of your account where this is necessary for my legitimate business purposes or required or authorized by applicable law.

Additionally, if you are a EEA resident I note that I am processing your information in order to fulfill contracts I might have with you (for example if you make an order through the website), or otherwise to pursue my legitimate business interests listed above. Additionally, please note that your information will be transferred outside of the EEA, including to Canada and the United States.




12. Data retention
When you place an order through the website, I will maintain your Order Information for our records unless and until you ask us to delete this information.




13. Changes to this privacy policy
I reserve the right to make changes to this privacy policy at any time by giving notice to the website users on this page. I may also include notices of changes within the website itself. Where technically and legally feasible to do so, I may notify you of the changes directly as well. It is strongly recommended that you check this page often. 




14. How to contact me
If you have any questions or would like to make a complaint, you can contact me using the contact link provided at the top or bottom of this page.





This notice was last revised on 05/24/2018