This privacy notice provides you with details of how I collect and process your personal data through your use of Thimbles and Spoons, including any information you may provide through my site when you purchase a product, freebie or service, sign up to my newsletter or take part in a prize draw or competition.
My full details are:
Email address: email@example.com
If you are not happy with any aspect of how I collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). I would be grateful if you would contact me first if you do have a complaint so that I can try to resolve it for you.
It is very important that the information I hold about you is accurate and up to date. Please let me know if at any time your personal information changes by emailing me at firstname.lastname@example.org
What data I collect
Personal data means any information capable of identifying an individual. It does not include anonymised data. I may process certain types of personal data about you as follows:
– Identity Data may include your first name, maiden name, last name, username, marital status, title, date of birth and gender.
– Contact Data may include your billing address, delivery address, email address and telephone numbers.
– Financial Data may include your bank account and payment card details.
– Transaction Data may include details about payments between us and other details of purchases made by you.
– Technical Data may include your login data, internet protocol addresses, browser type and version, browser plug-in types and versions, time zone setting and location, operating system and platform and other technology on the devices you use to access this site.
– Profile Data may include your username and password, purchases or orders, your interests, preferences, feedback and survey responses.
– Usage Data may include information about how you use our website, products and services.
– Marketing and Communications Data may include your preferences in receiving marketing communications from us and our third parties and your communication preferences.
How I collect your personal data
I collect data about you through a variety of different methods including:
– Direct interactions: You may provide data by filling in forms on my site (or otherwise) or by communicating with me by post, phone, email or otherwise, including when you:
– Order products or services;
– Create an account on my site;
– Subscribe to my service or publications;
– Request resources or marketing be sent to you;
– Enter a competition, prize draw, promotion or survey; or
– Give me feedback.
– Automated technologies or interactions: As you use my site, I may automatically collect Technical Data about your equipment, browsing actions and usage patterns. I collect this data by using cookies, server logs and similar technologies.
How I use your personal data
I will only use your personal data when legally permitted. The most common uses of your personal data are:
– Where I need to perform the contract between us;
– Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests;
– Where I need to comply with a legal or regulatory obligation.
I require this information to understand your needs and provide you with a better service, and in particular for the following reasons:
Internal record keeping;
I may use the information to improve my products and services;
I may periodically send promotional emails about new products, special offers or other information which I think you may find interesting using the email address which you have provided;
From time to time, I may also use your information to contact you for market research purposes by email.
Generally, I do not rely on consent as a legal ground for processing your personal data, other than in relation to sending marketing communications to you via email. You have the right to withdraw consent to marketing at any time by emailing me at email@example.com
I am committed to ensuring that your information is secure. To prevent unauthorised access or disclosure, I have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information I collect online.
Mobile device privacy
The following applies to my site, when viewed on a mobile device:
When accessed with a mobile device, my site may collect information automatically, such as the type of mobile device you have, device identifiers and information about your use of the site. Regardless of the device you use to access the site, it will also collect information you provide, as well as information about your interaction with the site and its content.
If location services are activated on your mobile device, my site may collect information about the location of your device. Your mobile network service providers may collect device-specific information, such as a device identifier, when you use my website. This information collected by your mobile network service will not be associated with your user account with me, or with your personally identifiable information.
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser.
I may use both “session” cookies and “persistent” cookies on the website. Session cookies will be deleted from your computer when you close your browser. Persistent cookies will remain stored on your computer until deleted, or until they reach a specified expiry date.
I will use the session cookies to keep track of you whilst you navigate the website and to prevent fraud and increase website security. I will use the persistent cookies to enable my website to recognise you when you visit and keep track of your preferences in relation to your use of my website.
In most Internet browsers, you can change your settings so that you will be warned each time a cookie is being sent, or so that cookies will be turned off. With cookies blocked, some functions of the site may not operate properly.
Disclosure of your personal data
In addition, I may disclose your personal information:
– to the extent that I am required to do so by law;
– in connection with any ongoing or prospective legal proceedings;
– in order to establish, exercise or defend my legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk);
– to the purchaser (or prospective purchaser) of any business or asset that I am (or are contemplating) selling; and
– to any person who I reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in my reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information.
I will only retain your personal data for as long as necessary to fulfil the purposes I collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
By law I must keep basic information about my customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.
Links to other websites
My website may contain links to other websites of interest. However, once you have used these links to leave my site, you should note that I do not have any control over that other website. Therefore, I cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
Your legal rights
Under certain circumstances, you have rights under data protection laws in relation to your personal data. These include the right to
Request access to your personal data;
Request correction of your personal data;
Request erasure of your personal data;
Object to processing of your personal data;
Request restriction of processing your personal data;
Request transfer of your personal data;
You can see more about these rights at: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
If you wish to exercise any of the rights set out above, please email me at firstname.lastname@example.org.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, I may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, I may refuse to comply with your request in these circumstances.
I try to respond to all legitimate requests within one month. Occasionally it may take me longer than a month if your request is particularly complex, or you have made several requests. In this case, I will notify you and keep you updated.