SOPHIA ALEXANDER JEWELLERY GDPR PRIVACY POLICY

Privacy Notice

UPDATED 01 st September 2019

INTRODUCTION

Sophia Alexander operates the website www.sophia-alexander.com .

Sophia Alexander is the data collector and is fully responsible for the use and storage of your personal data.  You may see Sophia Alexander referred to in this policy as OUR, WE or US.

You can find and contact us using the following information:

SOPHIA ALEXANDER,

WESTWARD DEALS, KEDINGTON, SUFFOLK, CB9 7PH.

01440510050

studio@sophia-alexander.com

This privacy notice provides you with details about how we collect, use and process your personal data when you use this website; when you make a purchase or when you sign up to our newsletter.

It also provides you with details about your options when it comes to this data.

We only use your data to provide you with a service.  Either to proceed with a personalised jewellery or gift order, or to provide you with a newsletter that you have specifically asked for.

We will only use your data for the reasons set out in this policy unless we feel that a new reason for use is compatible with the original reason.

We will never use your personal data for an unrelated reason without notifying you and obtaining written consent first.

If we are legally asked and allowed to, we may process your data without informing you or obtaining prior consent.

By using the website or signing up for the newsletter, you agree to the collection and use of your personal information in this way, in accordance with this policy.

It is important that we collect, use and store personal data that is correct for you.  You can contact us at any time to inform us of changes to your personal information.  This should be done in writing by emailing us at: studio@sophia-alexander.com

By using the website and providing us with your data, you confirm that you are over 18 years of age.

If for whatever reason you are not happy with how we have handled your personal data, we would appreciate it if you could contact us so that we can try to resolve the situation, however, you are completely within your rights to make a complaint to the Information, Commissioner’s Office UK.

The Information Commissioners Office is an Independent authority that has been set up to uphold information right in the public interest.  They can be found at:  www.ico.org.uk

 

WHAT PERSONAL DATA WILL WE COLLECT FROM YOU?

When you purchase anything from us, or sign up for a newsletter, you enter into a legal contract with us and we are required to collect certain pieces of personal information.

We cannot create this contract and proceed with your order unless this data is provided.  We are completely within our rights to cancel your order, although we will contact you beforehand to discuss how you would like to proceed.

The personal I information you provide will include:

  1. Your personal identity. Depending on whether you are placing an order or signing up for a newsletter, this data includes your title, full name (first, middle and last names), gender and date of birth.

We do not collect any data pertaining to your race, ethnicity, health, sexual orientation, or any other such information.

 

  1. Your contact information. Depending on whether you are placing an order or signing up for a newsletter, this data includes your email address, landline and/or mobile telephone numbers, billing address and delivery address.
  2. Your transactions with us. Details about payments you have made to us, products you have purchased and the dates of purchase.
  3. Your financial information. Details of the payment cards and bank accounts you have used to purchase items from us.
  4. Your website data. Details about how you have found and used our website.  Any user names or passwords you have entered into our website. Any reviews you have given.
  5. Your marketing preferences. Details about how you prefer to communicate with us.

 

HOW WILL WE COLLECT YOUR PERSONAL DATA?

When you purchase anything from us, or sign up for a newsletter, we will collect your personal data.

This may occur in the following ways:

  1. When you purchase a product.
  2. When you provide us with a review or feedback.
  3. When you subscribe to a newsletter
  4. When you communicate with us via phone, email, post, or by other means.
  5. When you ask for information or other resources to be sent to you.
  6. When you contact us via email or social media and receive an automated message from us.

There are also other ways that data is automatically collected:

  1. Our website has been created and is hosted on a platform called Shopify (https://www.shopify.co.uk). Your personal information is stored within Shopify’s own databases, behind a firewall, on their own secure server.

 

When you purchase anything directly via the www.sophia-alexander.com website, Shopify will collect and store your debit or credit card information.

Shopify will only store this information as long as it is needed to complete your purchase.

During this time, the information is encrypted through the Payment Card Industry Data Security Standard.

As soon as your purchase is complete, all personal information is removed and deleted.

 

The direct payment gateway adheres to the standards set by the Payment Card Industry Data Security Standard and is managed by the Payment Card Industry Security Standards Council.

This is a joint arrangement by card providers including American Express, Visa and Mastercard amongst others.

 

For further information, please see the following documents:

A.   The Shopify Terms of Service: https://www.shopify.com/legal/terms

B.  The Shopify Privacy Statement: https://www.shopify.com/legal/privacy

 

 

  1. We receive analytics information from Google and Bing.
  2. We receive information from Stripe and Paypal regarding your purchases with us. This includes payment and contact information.
  3. We use cookies to collect information about how and when you browse our website. Cookie policy can be found here:

 

HOW DO WE USE YOUR PERSONAL DATA?

We will only use your personal information in the following ways when it is completely necessary and legal to do so.

  1. To register you as a new customer if you have not purchased anything from us before, by collecting personal identity and contact information.
  1. In order to create the legal contract required between you and ourselves to enable us to process and deliver your order, by collecting personal identity information, contact information, financial information, transaction information and information regarding marketing preferences.

This information also allows us to recover any debts you might owe to us if necessary.

  1. To comply with a legal or regulatory obligation, for instance, when notifying you about changes to our terms and conditions or privacy policy, or when we ask you to provide feedback on our goods or service.
  1. To send newsletters or marketing communications to you via post or email if requested and to measure how effective our communications are with you. We do this for legitimate business and marketing reasons.

 

You will only receive these newsletters and marketing communications if you have expressly requested this information to be sent by clicking to subscribe and entering your personal contact details.

We will ask if you would like to opt in to these communications when you make a purchase from us.

We will always obtain prior consent from you before sharing any data with 3 rd party companies that we may use to help us with our marketing efforts.

You can of course, withdraw from our newsletter or marketing communications at any time by emailing us at studio@sophia-alexander.com

Please note, that if you choose to opt out of marketing communications, we will still collect and store personal data if you make a purchase from us, leave feedback or take part in other communications with us.

 

  1. To analyse website usage data, where it is completely necessary in our own interest and it does not infringe your rights in any way, by collecting identity, contact, website usage and technical information. We do this to help us provide the best possible service and to allow us to make informed marketing decisions.

This can include analysing data from our website, carrying out website maintenance, network security, fraud prevention and hosting data.

 

HOW MIGHT WE DISCLOSE YOUR PERSONAL DATA?

There are occasions when it may be necessary to share your personal information with third parties that we use to help us provide our website and who provide us with business support. 

 

These third parties are only allowed limited access to this information to carry out specific tasks and are required to protect the security of this information in accordance with the law.

These third parties may include:

  1. Our bank
  2. Our accountant
  3. Our insurance company
  4. Our lawyers
  5. Our website and IT support
  6. HM Customs and Revenue and related bodies.

 

HOW WILL WE PROTECT YOUR PERSONAL DATA?

We have our own security measures in place to protect any personal information that you provide.

Your data will only be collected, used and stored confidentially, in the ways set out above and will only be accessed by ourselves and by those bodies stated.

These measures exist to prevent your personal information being lost, accessed, disclosed or used in an unauthorised way.

If we ever suspect a breach in our security systems, we will notify you immediately.  We will also notify any applicable legal entities.

We follow and meet all Payment Card Industry Data Security Standard requirements when it comes to handling your payment details (credit card, debit card and banking details), although you should be aware that no method of payment via the Internet is 100% secure.

In designing our website, we use several companies outside of Europe to provide apps and services, for instance, our product options app and customer review app.

These companies help us to provide the best possible service and experience for our customers and in doing so, access and process your personal information.  This means that in using our website, your personal information will leave Europe.

Some countries outside of Europe do not protect your personal information to the same high level as we do here, so we have put in place several safeguards ourselves to ensure your data remains as safe as possible.

We only transfer information, when completely necessary, to countries that provide a high standard of data protection (deemed by the EU Commission).

Companies based in the USA are required to provide personal data protection similar to that here and are members of the EU-USA privacy shield.

If you do not want your information to be transferred outside Europe, please refrain from placing an order via the website and contact us at studio@sophia-alexander.com

 

HOW WILL WE STORE YOUR PERSONAL DATA?

We need to store your information in order to fulfil your orders and to enable us to carry out activities essential to the operation of our business, including completing our annual accounts and to meet all our legal obligations.

We will however, only store it while it is completely necessary and no longer. This is particularly the case with sensitive personal information.

HM Customs and Revenue require us to keep individual details of sales and transactions for 6 years after you have made your last payment.

The information stored includes your identity details, contact details and all financial details pertaining to your transactions with us.

Personal data submitted when you sign up for newsletters will be stored for as long as you still want to receive marketing, emails and newsletters from us.

We may use your information for our own business analytics, but in no way can this information be traced back to you and we will not inform you every time we need to do this.

 

ACCESS TO YOUR PERSONAL DATA

You maintain the right to request access to the personal information we hold for you at any time.

Will have security measures in place to confirm your identity whenever this occurs, as we need to ensure you have the right to access the information.  We need to make sure we do not disclose your personal data to anyone other than you.

You can update it and also ask that we delete it from our systems.  We are able to delate all personal information with the exception of data that we are legally obliged to store by HM Customs and Revenue for 6 years after your last financial transaction with us.

If you do not want us to process your personal information in any way, please let us know immediately.  You can withdraw your consent for collection, use and storage of your personal data at any time.

You can get in touch with us about your legal rights to your personal information at studio@sophia-alexander.com

For more information, please see the link below.

The GDPR provides the following rights for individuals :

https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

Please note that we can refuse personal information requests depending on what you are asking for; the reason for your request, or if we consider your request excessive.  If your request will cost our business money, we are within our rights to pass these charges on to you.

We endeavour to deal with all personal information requests within 6 weeks of your request being made, although outside influences may delay this.

 

DOES YOUR WEBSITE USE COOKIES?

In designing our website, we use several companies to provide apps and services that use cookies.

These include our Google Analytics, Shopping basket, Facebook, Instagram, Twitter and Google Plus buttons amongst others.

If you do not want to accept these cookies, you can set your browser to refuse them, however, you may find that you are unable to use all of our website services.

Our cookie policy can be found here:

JOIN THE SOPHIA ALEXANDER VIP CLUB