Our Privacy Principles:
- We take your privacy seriously
- We are committed to protecting your personal information
- We comply with data privacy and protection laws
- We never collect more personal information than is required
- We only use your personal information for lawful reasons
- We will never sell your information to third parties
- You have the right to control your personal information
This Policy as amended from time to time describes the type of personal data collected and ways in which your personal data may be used. By using the Website, you accept the terms of this Policy and you consent to the use of your personal data in accordance with this Policy. All your personal data shall be used in accordance with the Data Protection Act 1998 (“Act”).
If you do not agree to any of the above terms or this Policy, please refrain from using our Website. By visiting our Website you are accepting and consenting to the practices described in this Policy.
For the purpose of the Act, the data controller is Stone Hearts Club Ltd.
How do you use my personal information?
First and foremost, we use your personal information to fulfill your order once placed with us.
Upon visiting the Website we may automatically collect the following information:
- technical information, including the internet protocol (IP) address used to connect your computer to the internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Website (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number;
The information captured can go on to be used in an anonymised fashion to make your experience with Stone Hearts Club Ltd better. This includes things like:
- Recommending products and brands we think you’ll like
- Personalising parts of your experience to your taste
Like most other websites, this can be via on site messaging, when you abandon your basket or have filled out a form.
The personal information we collect and use will depend on why we need it. We will only collect the personal information we believe we need to use, or which you have agreed we can collect from you or agreed someone else can share with us, such as Paypal.
Do you share my personal information with other organisations?
We use suppliers and service providers, such as for delivering orders, card checks and payments. These include other companies and external contractors. We only share the personal details they need to know for their services and we make sure your privacy is protected.
We share personal information with third parties when you have told us that we can share, or told them that they can share your data. ,This can include third party ad providers, such as Facebook, Instagram, Twitter YouTube or Google, so our adverts are shown to you. If you don't want to see our targeted advertising, you can set ad preferences in your social media companies' settings.
We will provide personal information about you to the police, fraud prevention and credit reference agencies when we have to by law, or when we deem necessary to prevent fraud. If we decide to reorganise or sell all or most of our business, your personal information may be transferred to the buyer of the business but we will never sell your personal information to third parties for them to market their products to you.
When we share your data outside of Stone Hearts Club Ltd we will:
- Always share it in a secure way
- Not allow other companies to use it to contact you for the own marketing purposes
How do you keep my information secure?
All our staff have had training and understand why and how important it is to keep your information safe.
As an online only retailer, your information is held securely in our systems and that of our service providers e.g. Shopify. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers. For more insight, you may also want to read Shopify’s Terms of Service here or Privacy Statement here.
How long do you keep my information for?
We keep your personal information for a limited period of time. This period will depend on a number of reasons such as:
- whether we still need to deliver to you
- you have an account with us
- we are providing ongoing customer care to you.
Sometimes we must also keep your information by law, to deal with a regulator or where required by our insurers. We delete your personal information at your request where possible and we won’t keep it for longer than we should or need to for the provision of a service and for communicating with you.
We may close your Stone Hearts Club account if you haven’t used it in the last two years. We’ll send you an email to tell you that we plan to do this before we delete anything, so please check to see if we’ve sent you any emails about this
If you delete your Stone Hearts Club account, then your personal information will immediately be deleted and the remaining information made anonymous. We might then use it to help us improve our services.
Your rights and how to use them:
You have rights to find out about how and why we use your personal information and to control its use. These include rights to access and correct your details, in some cases to ask us to limit or stop our use of them and even to delete them. Where we use your personal information based on your consent, you have the right to change your mind and you can always unsubscribe from our direct marketing to you, by simply clicking unsubscribe in a marketing email.
We have appointed a Data Protection Officer who you can get in touch with via email@example.com. You also have a right to complain to the UK’s privacy regulator should you feel your rights or the law has been compromised.
Third party services and websites
Our Website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Changes to our Policy
Any changes we may make to this Policy in the future will be posted on our Website and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to this Policy.
Questions, comments and requests regarding this Policy are welcomed and should be addressed to firstname.lastname@example.org.