We’re serious about protecting your data. In this policy, you’ll find out:
- The personal data that we collect
- Where we got your personal data from
- How and when we use that personal data
- How we protect your data
- Whether we share your personal data with anyone else
- Your right to object to our processing your personal data and withdrawing consent
- Your personal data rights
To learn what data of yours we have collected or to request us to delete it, please email us at email@example.com.
When you browse our website, the personal data that we collect includes your IP address, the pages you viewed, the time of your requests, the time spent on a page, mouse events, keypresses, browser, and operating system and version. We collect your personal data using Google Analytics, Facebook Pixel and Google Cloud Platform.
We always ensure that we have a lawful basis for processing the personal data that we collect. When you browse our website, the lawful basis for processing your data is that it is necessary for our legitimate interests to understand how people are using our website in order to improve the experience for our visitors.
If you purchase from us, the personal data we collect includes your first name, last name, email address, telephone number, billing and delivery addresses. The lawful basis for collecting this data is because it is needed to process, ship, and communicate with you in regards to your order.
If you sign up to one of our mailing lists, the personal data we collect includes your first name, last name and email address. We collect your personal data from you, via our website, when you have completed our sign-up form. In this case the lawful basis for processing your data is that it is consent.
We’re committed to using your personal data responsibly and lawfully. Here’s what we do with your personal data:
- We use data collected from our website visitors, including IP address, viewed pages, time of visit, time spent on site, browser information, mouse movement, keypresses, and operating system and version information to understand the user journey on our website so that we can better tailor the experience for all of our website visitors.
- If you purchased from us, we use the data collected - including name, email address, telephone number and delivery and billing addresses - to process, ship and communicate with you in regards to your order.
- If you signed up to our mailing list, we may communicate with you in the form of a newsletter, social mention, direct message, or email. This is so we can update you about The Antique Jewellery Company, its events, products, services, industry news, and similar. We’ll always provide an opt-out button in case you don’t want to hear from us anymore.
All information you provide to us is stored on our secure, dedicated servers and is encrypted via Secure Socket Layer (SSL) technology. Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential.
Where we have provided you (or where you have chosen) a password or user ID which enables you to access certain parts of our site, you are responsible for keeping this information confidential. We ask you not to share a password or user ID with anyone. Also remember to sign off your account and close your browser window when you have finished your visit. This ensures that others cannot access your account, especially if you are sharing a computer with someone else or using a computer in a public place.
We do not store any of your financial data on our servers. All payments are hosted securely by our nominated third party payment providers, PayPal and Stripe. When entering your credit card details on the Checkout page of our site, we use Stripe's PCI-DSS compliant hosted input fields.
Where possible, we keep your data inside the EEA. Where we don’t, the following safeguards are in place:
- We use Google Cloud Platform as a cloud services platform, and your data may be transferred outside of the EU. When this happens, your data is protected by the EU-US and Swiss-US Privacy Shield Frameworks, adhered to by Google Cloud Platform.
- We use Facebook Pixel for website analytics, and your data may be transferred outside of the EU. When this happens, your data is protected by the EU-US and Swiss-US Privacy Shield Frameworks, adhered to by Facebook.
- We use Google Analytics for website analytics, and your data may be transferred outside of the EU. When this happens, your data is protected by the EU-US and Swiss-US Privacy Shield Frameworks, adhered to by Google Analytics.
- If you’ve joined our mailing list, your name and email is stored with Klaviyo on their data servers in the US. Klaviyo has self-certified to both the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield regimes, and lawfully transfers EU/EEA personal data to the U.S. pursuant to their Privacy Shield Certification.
As an ecommerce business reliant on cloud technoloiges, your data will be shared with some third-party companies. When we share your data with third-parties we conduct an impact assessment to ensure that your data remains protected. The instances when we transfer data to a third-party are:
- When data is sent to Google Cloud Platform to deliver requests from our website
- When data is sent to Facebook Pixel to track site visitors
- When data is sent to Google Analytics to monitor behaviour and traffic to our website
- When you sign-up to receive email communications from us and your name and email are stored in MailChimp
- When data is sent to Mailgun for sending, receiving and tracking emails sent through our website
- When data is sent to Royal Mail and Federal Express to expediate the transport of your purchases
We store your data in accordance with the Data Protection Act 1998.
We do not sell or trade your Personal Information to any outside parties.
You have the right to request access to your personal data, amendments to it, and for it to be deleted. If any any time you have any queries about our approach to processing your personal data please email us at firstname.lastname@example.org.
You can ask us for a copy of the personal data that we hold on you by emailing email@example.com. We’ll ask you for copies of two types of approved identity in order to process your request (such as a passport and driving licence). You can also ask us to make corrections to data you consider to be inaccurate.
A cookie is a small file (typically letters and numbers) which may be placed on your computer when you access our website. Through the cookie we can recognise your computer and browsing activity if you return to the website.
We use Google Analytics which allows us to collect information about how you use our site. If you access our website directly (and not via an email) your visits will be tracked anonymously. We use Google Analytics in order to understand how our website is being used in order to improve the experience for you. All user data is anonymous.
We use social buttons such as Facebook, Twitter and Pinterest to share or bookmark pages on our site or email updates. Those sites may collect information about your internet activity, including if your visit to our site (even if you don’t click on the button if you’re logged on to their site). You should check the privacy and cookies policy of each of these sites to see how they use your information and find out how to opt out and delete such information.
You are able to manage cookies. Click here for more information about cookies. If you want to block all cookies all of the time you can set your computer preferences to do so.