0 items / £0.00
Laura Lupin Howard

Privacy Policy

Hello! This page gives you details on how I collect, use, and protect your data when you visit my shop (lupin.bigcartel.com), make a purchase from me, or contact me about your order.

I may update this privacy policy from time to time by posting the updated version to this page - please check this page occasionally to make sure you're happy with any changes. Whatever precise policies are listed here please rest assured that I take your privacy and the security of your personal data very seriously (this stuff is so important!) and will absolutely never ever sell your information to a third party.

If you have any questions about this policy or want to contact me (Laura Howard) about the use of your data, please get in touch at mail@bugsandfishes.com.

I recommend reading Big Cartel's own privacy policy to see how they handle your data when you browse and shop via Big Cartel.


Data collected when you make a purchase from my shop:

If you make a purchase from my shop I collect information (provided by you) in order to be able to complete that transaction: e.g. your name, email address, postal address, etc. I also use this data to keep necessary records for my business. My legal basis for processing this data is legitimate interests.

Please note: you may also submit financial information (such as your credit card details) during the payment process via Paypal but I never have access to this information.

Data collected when you visit my shop:

When you browse my shop Big Cartel automatically receive technical data about you and your visit. For example, they may detect your IP address and time zone, your browser, and whether you're viewing the sites on a mobile device. They may use cookies to track your behaviour on my sites, for example what pages you visited and whether or not you're a returning visitor. I recommend reading Big Cartel's privacy policy for more information on how they collect and use your data, and their use of cookies.

Big Cartel shares some of this information with me in aggregate, so I can get an overview of how much traffic my shop is getting, which pages or items are most popular, etc, so I can better manage my shop and my business as a whole. My legal basis for processing this data is legitimate interests.

You can decline the cookies used in my shop using your web browser if you wish, but it may affect your experience. You can learn more about cookies at www.allaboutcookies.org.

Data collected when you contact me:

If you contact me directly - for example, by sending me an email or messaging me on social media - I will receive the information provided in the message format (e.g. your name, email address, social media username) and any additional info you include in the message itself. I will use this information to reply to your message(s) and to provide you with good customer service. My legal basis for processing this data is legitimate interests.

Please note: If you leave a comment on my blog or social media feeds, remember that any personal information you provide is publicly visible and may be viewed by anyone.


Data retention:

I am legally required to keep transaction-related data for six years for tax purposes. I will retain other data for as long as necessary for managing my business, giving good customer service, etc, and always for as little time as possible.


Third party services:

I use various third party services to host my shop and blog, process transactions, manage my newsletter, back-up my data, etc. I will only share data with these services to the extent that this is required for the running of my business / the use of the services. For example, if you subscribe to my newsletter via MailChimp then that info will be stored by MailChimp so I can use their service to send and manage my newsletters.

Here's a list of the third-party services I currently use for my business: Paypal, Etsy, Big Cartel, Google (Blogger, Google Analytics & Gmail), MailChimp, Dropbox, Facebook, Instagram, Twitter.

Please note that I may very occasionally also be required to share data with third parties when I am legally required to do so, for example if I am contacted by the police investigating illegal activity.


Your rights:

Recent data protection legislation has strengthened your rights in relation to your personal data. Your rights now include the right to be informed, the right of access to your data, the right to rectify errors, the right to erase your data, the right to restrict processing, the right to data portability, and the right to object. Visit the Information Commissioner's Office website (www.ico.org.uk) to read more about these rights and how they apply to different types of data processing.

There will be no fee to exercise any of these rights and I will carry out your request within a month. If your request is excessive or repetitive I reserve my right under the current data protection legislation to charge a reasonable fee, take a reasonable amount of additional time to carry out your request, or, in extreme circumstances, refuse to carry out the request.

You also have the right to complain to the ICO here in the UK (www.ico.org.uk) about my handling of your data. If you have an issue, please do contact me first so we can resolve things. You can also contact me (at mail@bugsandfishes.com) if you wish to exercise any of your rights - for example, if you would like me to delete certain data I hold, or update your contact information.


External Links:

Please note my shop may include links to other websites. This privacy policy only applies to how I personally handle your data, I have no control over the privacy policies of other websites or Big Cartel's own privacy policy.