Privacy Policy
Hello! This page gives you details on how I collect, use, and protect
your data when you visit my shop (lupin.bigcartel.com), make a purchase from
me, or contact me about your order.
I may update this privacy policy from time to time by posting the
updated version to this page - please check this page occasionally to
make sure you're happy with any changes. Whatever precise policies are
listed here please rest assured that I take your privacy and the
security of your personal data very seriously (this stuff is so
important!) and will absolutely never ever sell your information to a
third party.
If you have any questions about this policy or want to contact me (Laura
Howard) about the use of your data, please get in touch at
mail@bugsandfishes.com.
I recommend reading Big Cartel's own privacy policy to see how they handle your data when you browse and shop via Big Cartel.
Data collected when you make a purchase from my shop:
If you make a purchase from my shop I collect
information (provided by you) in order to be able to complete that
transaction: e.g. your name, email address, postal address, etc. I also
use this data to keep necessary records for my business. My legal basis
for processing this data is legitimate interests.
Please note: you may also submit financial information (such as your
credit card details) during the payment process via Paypal but I
never have access to this information.
Data collected when you visit my shop:
When you browse my shop Big Cartel automatically receive
technical data about you and your visit. For example, they may detect
your IP address and time zone, your browser, and whether you're viewing
the sites on a mobile device. They may use cookies to track your
behaviour on my sites, for example what pages you visited and whether or
not you're a returning visitor. I recommend reading Big Cartel's privacy
policy for more information on how they collect and use your data, and
their use of cookies.
Big Cartel shares some of this information with me in aggregate, so I can get
an overview of how much traffic my shop is getting, which pages or items
are most popular, etc, so I can better manage my shop and my business
as a whole. My legal basis for processing this data is legitimate
interests.
You can decline the cookies used in my shop using your web browser if
you wish, but it may affect your experience. You can learn more about
cookies at www.allaboutcookies.org.
Data collected when you contact me:
If you contact me directly - for example, by sending me an email or
messaging me on social media - I will receive the information provided
in the message format (e.g. your name, email address, social media
username) and any additional info you include in the message itself. I
will use this information to reply to your message(s) and to provide you
with good customer service. My legal basis for processing this data is
legitimate interests.
Please note: If you leave a comment on my blog or social media feeds,
remember that any personal information you provide is publicly visible
and may be viewed by anyone.
Data retention:
I am legally required to keep transaction-related data for six years for
tax purposes. I will retain other data for as long as necessary for
managing my business, giving good customer service, etc, and always for
as little time as possible.
Third party services:
I use various third party services to host my shop and blog, process
transactions, manage my newsletter, back-up my data, etc. I will only
share data with these services to the extent that this is required for
the running of my business / the use of the services. For example, if
you subscribe to my newsletter via MailChimp then that info will be
stored by MailChimp so I can use their service to send and manage my
newsletters.
Here's a list of the third-party services I currently use for my
business: Paypal, Etsy, Big Cartel, Google (Blogger, Google Analytics & Gmail),
MailChimp, Dropbox, Facebook, Instagram, Twitter.
Please note that I may very occasionally also be required to share data
with third parties when I am legally required to do so, for example if I
am contacted by the police investigating illegal activity.
Your rights:
Recent data protection legislation has strengthened your rights in
relation to your personal data. Your rights now include the right to be
informed, the right of access to your data, the right to rectify errors,
the right to erase your data, the right to restrict processing, the
right to data portability, and the right to object. Visit the
Information Commissioner's Office website (www.ico.org.uk) to read more
about these rights and how they apply to different types of data
processing.
There will be no fee to exercise any of these rights and I will carry
out your request within a month. If your request is excessive or
repetitive I reserve my right under the current data protection
legislation to charge a reasonable fee, take a reasonable amount of
additional time to carry out your request, or, in extreme circumstances,
refuse to carry out the request.
You also have the right to complain to the ICO here in the UK
(www.ico.org.uk) about my handling of your data. If you have an issue,
please do contact me first so we can resolve things. You can also
contact me (at mail@bugsandfishes.com) if you wish to exercise any of
your rights - for example, if you would like me to delete certain data I
hold, or update your contact information.
External Links:
Please note my shop may include links to other websites. This privacy
policy only applies to how I personally handle your data, I have no
control over the privacy policies of other websites or Big Cartel's own
privacy policy.