Order & Privacy Policy

Who this privacy policy relates to

VKW Jewellery / Handmade in England Jewellery

Website address: http://www.handmadeinenglandjewellery.uk.

What personal data I collect and why I collect it

Orders through third parties

If you make a purchase through my online shops (hosted on SumUp, Payhip, Etsy or Handmade on Amazon), so that I can fulfil your order you must provide me with certain information (which you authorised SumUp, Payhip, Etsy or Amazon to provide to me), such as your name, email address, postal address, payment information, and the details of the product that you’re ordering.

Custom Orders

You may also choose to purchase directly from me and if so you will need to provide me with your name, email address, postal address, and the details of the product that you’re ordering.
You may also supply me with additional personal information (for a custom order of jewellery, for example).
For direct catalogue purchases you should click through to my SumUp Shop, who are my preferred payment service and place your order through the link provided on the relevant page in my catalogue.
For custom orders or if preferred, I can also accept payment through Paypal, where by on request I will send you a Paypal invoice for either the total cost of the order including postage, or if agreed, an invoice for an initial deposit followed by a final payment which is due before the piece is sent.  In this case I will use your email address, name and postal address on Paypal to generate an invoice.

No customer order details or payment information is collected or stored on this site – all orders are through the third party providers listed above.

Contact forms

If you choose to contact me through the contact form on this site please be aware that I keep contact form submissions for a minimum period of 3 months for customer service purposes, but I do not use the information submitted for marketing purposes.

Newsletters

I send out occasional newsletters to visitors who have explicitly requested them.  Sign ups for these newsletters are handled by Mailchimp and can be unsubscribed from at any time.

Product Registration

Customers have the option to register their purchase in order to access an extended period of care for their piece.  Details of which are here.  This is entirely optional and is in no way required at all. Customers will only be contacted to inform them of when the extended period is coming to an end.

Information collected consists of date of purchase, place of purchase, order number, product purchased and customer name.

Upon registering the customer may also request to be informed of other services.  This is also entirely optional and can be unsubscribed from at any time through Mailchimp.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

This website uses Google Analytics to track website traffic. Collected data is processed in such a way that visitors cannot be identified.
Website traffic data is transmitted to Google servers in the United States. Google Analytics does not identify individual users or associate your IP address with any other data held by Google. We use reports provided by Google Analytics to help us understand website traffic and webpage usage.

By using this website, you consent to the processing of data about you by Google in the manner described in Google’s Privacy Policy and for the purposes set out above. You can opt out of Google Analytics if you disable or refuse the cookie, disable JavaScript, or use the opt-out service provided by Google here.

This website also uses interfaces with social media sites such as Facebook, LinkedIn, Twitter and others. If you choose to “like” or “share” information from this website through these services, you should review the privacy policy of that service. If you are a member of a social media site, the interfaces may allow the social media site to connect your visits to this site with other Personal Information.

Comments

Comments are currently disabled on this site, but if enabled in the future when visitors leave comments on the site data is collected and shown in the comments form, and along with the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

Subscriber registration and uploading is currently disabled for this site, however if enabled in the future please be aware that if you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Security Logs

The IP address of visitors, user ID of logged in users, and username of login attempts are conditionally logged to check for malicious activity and to protect the site from specific kinds of attacks. Examples of conditions when logging occurs include login attempts, log out requests, requests for suspicious URLs, changes to site content, and password updates. This information is retained for 180 days.

Who we share your visitor data with (security related)

This site is scanned for potential malware and vulnerabilities by Sucuri’s SiteCheck. We do not send personal information to Sucuri; however, Sucuri could find personal information posted publicly (such as in comments) during their scan. For more details, please see Sucuri’s privacy policy.

How long we retain your data (security related)

Backups of security log details are retained for 15 days.

Security logs are retained for 180 days.

Where we send your data (security related)

This site is part of a network of sites that protect against distributed brute force attacks. To enable this protection, the IP address of visitors attempting to log into the site is shared with a service provided by ithemes.com. For privacy policy details, please see the iThemes Privacy Policy.

 

Information Sharing and Disclosure

Information about my customers is important to my business. I share your personal information for very limited reasons and in limited circumstances, as follows:

  • Service providers.
    I engage certain trusted third parties to perform functions and provide services to my website, such as delivery companies. I will share your personal information with these third parties, but only to the extent necessary to perform these services.
  • Business transfers.
    If I sell or merge my business, I may disclose your information as part of that transaction, only to the extent permitted by law.
  • Compliance with laws.
    I may collect, use, retain, and share your information if I have a good faith belief that it is reasonably necessary to: (a) respond to legal process or to government requests; (b) enforce my agreements, terms and policies; (c) prevent, investigate, and address fraud and other illegal activity, security, or technical issues; or (d) protect the rights, property, and safety of my customers, or others.

Service Providers include:

Google: For the capture of anonymous analytical data

Mailchimp: For providing newsletters, product registration sign ups and requested email marketing content.

Royal Mail: For sending orders to you.

SumUp: For Receiving Orders and Payment processing

Etsy: For Receiving Orders and Payment processing

Handmade on Amazon: For Receiving Orders and Payment processing

Payhip: For Receiving Orders and Payment processing

Paypal: For invoicing and collecting payment for orders.

How long I retain your data

I retain your personal information only for as long as necessary to provide you with my services and as described in my Privacy Policy. However, I may also be required to retain this information to comply with my legal and regulatory obligations, to resolve disputes, and to enforce my agreements. I generally keep your data for the following time period: 4 years.

If you leave a comment on the website, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you reside in certain territories, including the EU, you have a number of rights in relation to your personal information. While some of these rights apply generally, certain rights apply only in certain limited cases. I describe these rights below:

  • Access.
    You may have the right to access and receive a copy of the personal information I hold about you by contacting me using the contact information below.
  • Change, restrict, delete.
    You may also have rights to change, restrict my use of, or delete your personal information. Absent exceptional circumstances (like where I am required to store data for legal reasons) I will generally delete your personal information upon request.
  • Object.
    You can object to (i) my processing of some of your information based on my legitimate interests and (ii) receiving marketing messages from me after providing your express consent to receive them. In such cases, I will delete your personal information unless I have compelling and legitimate grounds to continue using that information or if it is needed for legal reasons.
  • Complain.
    If you reside in the EU and wish to raise a concern about my use of your information (and without prejudice to any other rights you may have), you have the right to do so with your local data protection authority.

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you.
This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where your data is sent

Visitor comments may be checked through an automated spam detection service.

Contact information

For purposes of EU data protection law, I, Vic Wilkshire, am the data controller of your personal information. If you have any questions or concerns, you may contact me at privacy@handmadeinenglandjewellery.uk.
Alternately, you may mail me at:
VKW Jewellery, Suite 40393, PO Box 6945,Rathbone Square, Fitzrovia, London W1A 6US

Additional information

How your data is protected

This website is protected by an advanced  security plugin which includes brute force protection and firewall services.  It is regularly scanned for malware and other security issues.

Unless specified above personally identifiable information is not collected or stored on this website or in its database.

Data breach procedures

Daily scans, backups and reports are logged and analysed to identify file changes to the website that might indicate a compromise in website security.  If a data breach did take place it would be reported to the ICO within 48 hours of it becoming known.

What third parties data is received from

Content from my social media accounts may make up some of the content on this website. In that case data may be received from Instagram, Twitter and Facebook, whether you are a user of those services or not.

 

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

What are your choices regarding cookies

If you’d like to delete cookies or instruct your web browser to delete or refuse cookies, please visit the help pages of your web browser.

Please note, however, that if you delete cookies or refuse to accept them, you might not be able to use all of the features we offer, you may not be able to store your preferences, and some of our pages might not display properly.

Where can you find more information about cookies

You can learn more about cookies and the following third-party websites: