This website and its owners take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience. This website complies to all UK national laws and requirements for user privacy. We will collect and process personal data in accordance with the UK GDPR (General Data Protection Regulation) and EU GDPR (Regulation (EU) 2016/679, United Kingdom Data Protection Act 2018 (DPA) and PECR (Privacy and Electronic Communications (EC Directive) Regulations 2003) (“the Data Protection Regulations”).
Cookies are small files saved to the user’s computer hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website. Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors.
Other cookies may be stored to your computer hard drive by external vendors when this website uses referral programs, sponsored links or adverts. Such cookies are used for conversion and referral tracking and typically expire after 30 days, though some may take longer. No personal information is stored, saved or collected.
Contact & Communication
Users contacting this website and/or its owners do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use, as detailed in the the Data Protection Regulations. Every effort has been made to ensure a safe and secure form to email submission process but advise users using such form to email processes that they do so at their own risk.
This website and its owners use any information submitted to provide you with further information about the products / services they offer or to assist you in answering any questions or queries you may have submitted. This includes using your details to subscribe you to any email newsletter program the website operates but only if this was made clear to you and your express permission was granted when submitting any form to email process. Or whereby you the consumer have previously purchased from or enquired about purchasing from the company a product or service that the email newsletter relates to. This is by no means an entire list of your user rights regarding receiving email marketing material. Your details are not passed on to any third parties.
The Lawful bases for processing personal data
We do not capture or store any personal information about individuals who access our websites, except where you voluntarily choose to give us your personal details via e-mail or by signing up to receive our e-newsletter or where you provide any personal information in connection with a formal purchase of products on behalf of a customer order.
The legal basis upon which we collect, store, process, share and delete personal data is based on the following:
• Consent – This applies where you have given us explicit consent to collect and process your data. An example is when you sign up to receiving our e-newsletters.
• Contractual Obligation – In certain circumstances, we need your personal data to comply with our contractual obligations. An example is when you place an order on the website and we require your personal details to process the transaction.
• Legal Obligation – Where the processing is necessary for us to comply with the law. An example is when we may pass on personal data in compliance with a court order.
• Legitimate Interest – In certain circumstances, we will process your personal data where it is in our own interest. In such a case, we will process personal data in a way that might be reasonably expected as part of running our business and which has minimal impact on your rights and freedoms. An example is where we require your personal data to provide direct marketing information on new products, trade events, special offers etc.
When we process your information for legitimate interests, we will ensure that we consider and balance any impact upon you and your rights under the Data Protection Regulations.
If, as determined by us, the lawful basis upon which we process your personal information changes, we will notify you about the change and any new lawful basis to be used if required. We shall stop processing your personal information if the lawful basis used is no longer relevant.
Email marketing messages & subscription
This website operates an email newsletter program, used to inform subscribers about products and services supplied by this website. Users can subscribe through an online automated process should they wish to do so but do so at their own discretion. Some subscriptions may be manually processed through prior written agreement with the user.
Under the Data Protection Regulations we use the lawful basis of ‘consent’ for anyone subscribing to our newsletter or lawful basis ‘legitimate interest’ for marketing emailing lists. Any email marketing messages we send are done so through an EMS (email marketing service) provider. An EMS is a third party service provider of software / applications that allows marketers to send out email marketing campaigns to a list of users.
Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, I.P addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations will show the activity each subscriber made for that email campaign.
This information is used to refine future email campaigns and supply the user with more relevant content based around their activity. Subscribers are given the opportunity to withdraw your consent (un-subscribe) or manage your preferences / the information we hold on you at any time through an automated system. This process is detailed at the footer of each email campaign. If an automated un-subscription system is unavailable, clear instructions on how to un-subscribe will by detailed instead.
Our EMS provider is MailChimp. We hold the following information about you within our EMS system;
- Email address
- I.P address
- Subscription time & date
All personal details relating to subscriptions and email marketing campaigns are held securely and in accordance with the Data Protection Regulations.
Personal details are passed on to pre-screened third parties / companies / people outside of the company that operates this website that have demonstrated data compliance with the Data Protection Regulations.
All personal data is processed within the United Kingdom.
Your right of access
You have the right to ask us for copies of your personal information. This right always applies. There are some exemptions, which means you may not always receive all the information we process. You can read more about this right here.
Your right to rectification
You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. This right always applies. You can read more about this right here.
Your right to erasure
You have the right to ask us to erase your personal information in certain circumstances. You can read more about this right here.
Your right to restriction of processing
You have the right to ask us to restrict the processing of your information in certain circumstances. You can read more about this right here.
Your right to object to processing
You have the right to object to processing if we are able to process your information because the process forms part of our public tasks, or is in our legitimate interests. You can read more about this right here.
Your right to data portability
This only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organisation to another, or give it to you. The right only applies if we are processing information based on your consent or under, or in talks about entering into a contract and the processing is automated. You can read more about this right here.
You are not required to pay any charge for exercising your rights. We have one month to respond to you.
If you would like to exercise any of the above rights in regard to the information held on you, please email firstname.lastname@example.org with the subject line Subject Access Request or write to the Handmade Company (UK) Limited, 45 St Martins Street, Hereford HR2 &RD marked for the attention of the Data Protection Officer.
If you feel that your data has not been handled correctly or you are unhappy with any response from us, you have the right to lodge a complain with the Information Commissioner. The contact details can be found at www.ico.org or you can call 0303 123 1113.
Although this website only looks to include quality, safe and relevant external links, users are advised adopt a policy of caution before clicking any external web links mentioned throughout this website. (External links are clickable text / banner / image links to other websites.
The owners of this website cannot guarantee or verify the contents of any externally linked website despite their best efforts. Users should therefore note they click on external links at their own risk and this website and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Adverts and Sponsored Links
This website does not contain sponsored links and adverts.
Social Media Platforms
The Handmade Company UK Limited uses the following social media and marketing web based third parties for the purposes of marketing activity.
Communication, engagement and actions taken through external social media platforms that this website and its owners participate on are subject to the terms and conditions as well as the privacy policies held with each social media platform respectively.
Users are advised to use social media platforms wisely and communicate / engage upon them with due care and caution regarding their own privacy and personal details. This website nor its owners will ever ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.
This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.
Shortened Links in Social Media
This website and its owners through their social media platform accounts may share web links to relevant web pages. By default, some social media platforms shorten lengthy urls [web addresses] (this is an example: http://bit.ly/zyVUBo).
Users are advised to take caution and good judgement before clicking any shortened urls published on social media platforms by this website and its owners. Despite the best efforts to ensure only genuine urls are published, many social media platforms are prone to spam and hacking and therefore this website and its owners cannot be held liable for any damages or implications caused by visiting any shortened links.
Resources & Further Information
v.1.4 January 2021 Edited & maintained by: The Handmade Company UK Limited, 45 St Martins Street, Hereford, HR2 7RD.