Stitchdotcom.com Privacy Notice
This notice describes the information we collect from you, how we use that information and our legal basis for doing so. It also covers whether and how that information may be shared and your rights and choices regarding the information you provide to us.
Stitchdotcom.com consists of Annie Gianini and Alison Pollecutt and is based at 12 Kingsholm Square, GL1 2QJ.
What we collect
When you purchase something from our online shop, as part of the buying and selling process, we collect the personal information you give us. This includes your name, address, phone number and email address, and having this information allows us to send your purchased goods to you and make contact if we have a query.
When you purchase something from us at a show, we may collect your email address to send you a receipt.
When you register for our newsletter, we collect your email address. We send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided
*Please note, we do not store any of our customers’ debit or credit card details
Where we store your information
We store the information described above on our database and with select third parties, as outlined below:
WordPress and WooCommerce
stitchdotcom.com is a WordPress website, and our online shop runs on WooCommerce. When you place an order with us we receive your name, email address, phone number, billing address and shipping address. We DO NOT store any payment details. This information allows us to process your order, ship it out to you, and get in touch with you should there be any problems.
Mailchimp is a marketing automation platform, and we use it to send out our marketing emails. When you subscribe to our newsletter, we store your email address on Mailchimp.
Why we store your information
The General Data Protection Regulation requires us to have a good reason for collecting and storing your information. There are 6 good reasons, and three of them apply to why we collect and store your information.
- To perform the contract we have with you: if we don’t have your address, we can’t deliver your shopping to you.
- Legitimate interests: This is a technical term in data protection law which essentially means we have a good and fair reason to use your data and we do so in ways which do not hurt your interests and rights. For example, to recover debts, allow us to respond to your questions, study how you use our products in order to develop and improve them, general business administration, to develop and deliver interesting marketing material and to identify the likes of different types of customer.
- Consent: where you have given us your clear consent to use your data for a specific purpose. You have the right to withdraw your consent at any point and you can do this by contacting us at firstname.lastname@example.org or clicking the link to unsubscribe in our newsletter emails.
Information that isn’t shared publicly
The following information will not be publicly displayed or revealed to other users:
- Any payment information you provide;
- Your password details;
- Your IP address;
- Your phone number;
- Communications you send to us (for example, when you ask for support, send us questions or comments, or report a problem).
Information that may be shared publicly
- The account username you select
- Any information you choose to add to your profile (like a picture, bio, or your location)
- Comments you’ve posted
When you use our website, you may be able to share information through social media networks such as Facebook and Twitter for example through ‘likes’ or reviews. When doing this your data may be visible to providers of social network services and their users. We recommend that you consider the privacy settings on your social media accounts so that you are clear how your information may be used and shared.
Information that’s shared with trusted third-party services
We may share your information with certain trusted third-party services to help us provide our services (like payment processors). When we share data with third-party services we require that they use your information only for the purposes we’ve authorised, and that they protect your personal information at least to the same standards we do.
International Transfers of information
Outside of the European Economic Area, we only use providers in the USA who protect your information in a similar way and are part of the EU-US Privacy Shield.
We will retain your information as long as your account is active for the purposes above and to the extent necessary to comply with our legal obligations and to resolve any disputes.
Reasons we might need to keep your data include:
- Financial reporting – to report financial information to HMRC
- Record of payments – for us to reconcile our records with your receipt
- Insurance – to show our previous contact with customers in the case of a claim, such as defective product or a personal injury at a show.
Your data will be disposed of securely once it is no longer needed.
The General Data Protection Regulation gives you a number of rights in relation to your data. These are set out briefly below:
Right to be informed – this means you have a right to be informed about the way we collect and use your data.
Right of Access – also sometimes called a Subject Access Request – this means you have a right to request a copy of the data we hold about you.
Right of Rectification – this means that you can request we correct your personal data if it is inaccurate.
Right of Erasure – this means you can request that all the data that we hold about you is deleted.
Right to Object – This means you have a right to object to direct marketing.
Right to withdraw consent – This means you can tell us you no longer want to receive our newsletters.
Obtaining a copy of your data
If you wish to see the data we hold for you then please send your request to email@example.com
We will act promptly upon receiving your request and your data will be provided free of charge.
Before providing any information we will need to verify your identity and may request further information from you so we may progress your query as quickly as possible.
We do not knowingly seek to collect any personal information from children under the age of 13 and children under 13 are not permitted to register for an account.
We have in place all reasonable physical, electronic and managerial procedures to safeguard and secure the information we collect online and we are dedicated to keeping this safe. However, the internet is never totally secure and therefore we cannot 100% guarantee the security of data that you choose to send us electronically and sending us such information is at your own risk. If we find there has been an unlawful data breach of our database, or the databases of a third party data processor, we will report it to the relevant regulator within 72 hours, and we will also contact anybody whose data has been affected.
A cookie is a small file which websites can send to your computer and which helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. However, if you don’t want us to use your cookies, you can set your browser to reject them, although some of our website may not work as intended if you do.
We use Facebook Pixel on this site to track the success of any advertising we do on Facebook and Instagram. We use Google Analytics to monitor traffic on this website.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
Controlling your personal information
We will not sell, distribute or lease your personal information to third parties unless we are required by law to do so. If we sell any or all of our business, then we may pass your personal information on to the buyer.
If you believe that any information we are holding in relation to you is incorrect or incomplete, please let us know as soon as possible. We will promptly correct any information found to be incorrect.
Opting out of our email newsletter does not automatically opt you out of other reasons we collect your data – i.e. to provide products and services.
If there is anything you cannot find the answer to in our Policy then we are more than happy to help you.
If you are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We’d really appreciate it if you contacted us in the first instance to allow us to try and resolve any issues.
Last updated 15 May 2018