We only collect data where you have given your consent or when it is for our legitimate interests. You remain the owner of your data.
To learn what data of yours we have collected or to request us to delete it, please email us at email@example.com.
The Longer Version...
We’re serious about protecting your data. In this policy, you’ll find out:
- The personal data that we collect
- Where we got your personal data from
- How and when we use that personal data
- How we protect your data
- Whether we share your personal data with anyone else
- Your right to object to our processing your personal data and withdrawing consent
- Your personal data rights
What data we collect
When you browse our website, the personal data that we collect includes your IP address, the pages you viewed, the time of your requests, the time spent on a page, mouse events, keypresses, browser, and operating system and version. We collect your personal data using Google Analytics, Facebook Pixel and Google Cloud Platform.
We always ensure that we have a lawful basis for processing the personal data that we collect. When you browse our website, the lawful basis for processing your data is that it is necessary for our legitimate interests to understand how people are using our website in order to improve the experience for our visitors.
If you purchase from us, the personal data we collect includes your first name, last name, email address, telephone number, billing and delivery addresses. The lawful basis for collecting this data is because it is needed to process, ship, and communicate with you in regards to your order.
If you apply to purchase using finance we collect personal data including your first name, last name, email address, date of birth, marital status, number of dependents, employment status, employment start date, monthly income, total monthly expense and address. We collect this data on behalf of our nominated third party finance provider, afforditNOW, part of PayBreak Limited, a company authorised and regulated by the Financial Conduct Authority under registration number 697658. PayBreak Limited is a UK registered company, registration number 7440512 with registered offices at No.1 Spinningfields, Quay Street, Manchester, England, M3 3JE.
If you sign up to one of our mailing lists, the personal data we collect includes your first name, last name and email address. We collect your personal data from you, via our website, when you have completed our sign-up form. In this case the lawful basis for processing your data is that it is consent.
What we do with your data
We’re committed to using your personal data responsibly and lawfully. Here’s what we do with your personal data:
- We use data collected from our website visitors, including IP address, viewed pages, time of visit, time spent on site, browser information, mouse movement, keypresses, and operating system and version information to understand the user journey on our website so that we can better tailor the experience for all of our website visitors.
- If you purchased from us, we use the data collected - including name, email address, telephone number and delivery and billing addresses - to process, ship and communicate with you in regards to your order.
- If you've opted to pay by finance, we collect your data in order to pass on to our nominated third party finance provider, afforditNOW, so that they can proceed independently with you.
- If you signed up to our mailing list, we may communicate with you in the form of a newsletter, social mention, direct message, or email. This is so we can update you about The Antique Jewellery Company, its events, products, services, industry news, and similar. We’ll always provide an opt-out button in case you don’t want to hear from us anymore.
How We Protect Your Data
All information you provide to us is stored on our secure, dedicated servers and is encrypted via Secure Socket Layer (SSL) technology. Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential.
Where we have provided you (or where you have chosen) a password or user ID which enables you to access certain parts of our site, you are responsible for keeping this information confidential. We ask you not to share a password or user ID with anyone. Also remember to sign off your account and close your browser window when you have finished your visit. This ensures that others cannot access your account, especially if you are sharing a computer with someone else or using a computer in a public place.
We do not store any of your financial data on our servers. All payments are hosted securely by our nominated third party payment providers, PayPal and Braintree (a division of PayPal). When entering your credit card details on the Checkout page of our site, we use Braintree's SAQ A PCI compliant Drop-in UI.
Where possible, we keep your data inside the EEA. Where we don’t, the following safeguards are in place:
- We use Google Cloud Platform as a cloud services platform, and your data may be transferred outside of the EU. When this happens, your data is protected by the EU-US and Swiss-US Privacy Shield Frameworks, adhered to by Google Cloud Platform.
- We use Facebook Pixel for website analytics, and your data may be transferred outside of the EU. When this happens, your data is protected by the EU-US and Swiss-US Privacy Shield Frameworks, adhered to by Facebook.
- We use Google Analytics for website analytics, and your data may be transferred outside of the EU. When this happens, your data is protected by the EU-US and Swiss-US Privacy Shield Frameworks, adhered to by Google Analytics.
- If you’ve joined our mailing list, your name and email is stored with MailChimp on their data servers in the US. MailChimp has self-certified to both the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield regimes, and lawfully transfers EU/EEA personal data to the U.S. pursuant to their Privacy Shield Certification.
When We Share Your Data
As an ecommerce business reliant on cloud technoloiges, your data will be shared with some third-party companies. When we share your data with third-parties we conduct an impact assessment to ensure that your data remains protected. The instances when we transfer data to a third-party are:
- When data is sent to Google Cloud Platform to deliver requests from our website
- When data is sent to Facebook Pixel to track site visitors
- When data is sent to Google Analytics to monitor behaviour and traffic to our website
- When you sign-up to receive email communications from us and your name and email are stored in MailChimp
- When data is sent to Mailgun for sending, receiving and tracking emails sent through our website
- When data is sent to Royal Mail and Federal Express to expediate the transport of your purchases
- When you apply to purchase with Interest Free Finance after the 18th June 2019, and we provide the information to our third party finance provider, afforditNOW, part of PayBreak Limited, a company authorised and regulated by the Financial Conduct Authority under registration number 697658. PayBreak Limited is a UK registered company, registration number 7440512 with registered offices at No.1 Spinningfields, Quay Street, Manchester, England, M3 3JE.
- When data is sent to our insurance providers, Gallagher, if a claim is being made relating to you
We store your data in accordance with the Data Protection Act 1998.
We do not sell or trade your Personal Information to any outside parties.
What Your Rights Are
You have the right to request access to your personal data, amendments to it, and for it to be deleted. If any any time you have any queries about our approach to processing your personal data please email us at firstname.lastname@example.org.
Obtaining a Copy of Your Data
You can ask us for a copy of the personal data that we hold on you by emailing email@example.com. We’ll ask you for copies of two types of approved identity in order to process your request (such as a passport and driving licence). You can also ask us to make corrections to data you consider to be inaccurate.
A cookie is a small file (typically letters and numbers) which may be placed on your computer when you access our website. Through the cookie we can recognise your computer and browsing activity if you return to the website.
We use Google Analytics which allows us to collect information about how you use our site. If you access our website directly (and not via an email) your visits will be tracked anonymously. We use Google Analytics in order to understand how our website is being used in order to improve the experience for you. All user data is anonymous.
We use social buttons such as Facebook, Twitter and Pinterest to share or bookmark pages on our site or email updates. Those sites may collect information about your internet activity, including if your visit to our site (even if you don’t click on the button if you’re logged on to their site). You should check the privacy and cookies policy of each of these sites to see how they use your information and find out how to opt out and delete such information.
You are able to manage cookies. For more information click here. If you want to block all cookies all of the time you can set your computer preferences to do so.