Privacy Policy [updated May 2018 in line with GDPR]
This Privacy Policy describes how your personal information is collected, used, and shared when you visit or make a purchase from www.rosapietsch.com (the “Site”).
In order to comply with GDPR, I have reviewed and amended my privacy policy.
PERSONAL INFORMATION
When you visit the Site, it automatically collects certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information”.
The site collects Device Information using the following technologies:
- “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
- “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
- “Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse the Site.
Additionally when you make a purchase or attempt to make a purchase through the Site, it collects certain information from you, including your name, billing address, shipping address, payment information (including credit card numbers, or the email associated with your paypal account), email address, and phone number. I refer to this information as “Order Information”.
When I talk about “Personal Information” in this Privacy Policy, I am talking both about Device Information and Order Information.
HOW DO I USE YOUR PERSONAL INFORMATION?
I use the Order Information that I collect generally to fulfill any orders placed through the Site (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations). Additionally, I use this Order Information to:
- Communicate with you;
- Screen my orders for potential risk or fraud; and
- When in line with the preferences you have shared with me, provide you with information or advertising relating to our products or services.
I use the Device Information that I collect to help me screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize my Site (for example, by generating analytics about how my customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).
I also gather Device information to deliver relevant website content and advertisements to you and measure or understand the effectiveness of this advertising.
I may process the following categories of personal data about you:
Communication Data that includes any communication that you send to me whether that be through the contact form on my website, through email, text, social media messaging, social media posting or any other communication that you send me. I process this data for the purposes of communicating with you, for record keeping and for the establishment, pursuance or defence of legal claims.
User Data that includes data about how you use my website and any online services together with any data that you post for publication on my website or through other online services. I process this data to operate my website and ensure relevant content is provided to you, to ensure the security of my website, to maintain back- ups of our website and/or databases and to enable publication and administration of our website, other online services and business.
Technical Data that includes data about your use of my website and online services such as your IP address, your login data, details about your browser, length of visit to pages on our website, page views and navigation paths, details about the number of times you use my website, time zone settings and other technology on the devices you use to access my website. The source of this data is from my analytics tracking system. I process this data to analyse your use of my website and other online services, to administer and protect our business and website, to deliver relevant website content and advertisements to you and to understand the effectiveness of our advertising.
Marketing Data that includes data about your preferences in receiving marketing from me and my third parties and your communication preferences. I process this data to enable you to partake in my promotions such as competitions, prize draws and free give-aways, to deliver relevant website content and advertisements to you and measure or understand the effectiveness of this advertising.
I may use Customer Data, User Data, Technical Data and Marketing Data to deliver relevant website content and advertisements to you (including Facebook adverts or other display advertisements) and to measure or understand the effectiveness of the advertising we serve you. Our lawful ground for this processing is legitimate interests which is to grow our business. I may also use such data to send other marketing communications to you.
THIRD PARTY SERVICES
I will not disclose any of your information to any third parties except in a situation where it is part of providing a service to you. This includes arranging for a product to be sent to you, carrying out security checks and for the purposes of customer research, when you have given me permission to do so.
In general, the third-party providers used by me will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
If you’ve purchased from us through an online marketplace (such as Etsy), I recommend that you read their privacy policies, so you can understand the manner in which your personal information will be handled by these providers.
I also use Google to help us understand how our customers use the Site -- you can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
Finally, I may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information I receive, or to otherwise protect our rights.
I will never, ever sell it on or share it with another company, or purchase data from others.
Please see below for details of third party services used:
WEBSITE
My website is hosted by Squarespace. Please see their Privacy Policy here.
SELLING ONLINE
My jewellery is available to purchase through various online portals, as detailed below.
ETSY
A majority of my direct sales are made online through my Etsy store. Please click here to read my Privacy Policy regarding this. (Scroll down and click on “Read the privacy policy for RosaPietsch”)
Please click here to read Etsy’s own privacy Policy.
INSTAGRAM / PAYPAL SALES
On occasion, I offer items for sale through Instagram; for example, a sales post or a sample sale through Instagram Stories. In order to fulfill orders made through Instagram, myself and the customer communicate through Instagram’s Direct Messaging service to arrange payment through Paypal, and to confirm the customer delivery address. I do not use information provided through this conversation for any other means than to fulfill the agreed order. Please click here to read Instagram’s privacy policy and here for Paypal’s.
OTHER ONLINE STOCKISTS
I am also stocked in a number of online boutiques; their own privacy policies will apply when buying through their websites.
SHIPPING ORDERS
I use Royal Mail and The Post Office to ship all order. Please see below for links to their Privacy Policies.
SELLING IN PERSON / IZETTLE
When selling at a sales event such as a market or festival, I take payments using an iZettle card reader. I do not retain any of your card details, and if you opt to have an email receipt sent to you, I do not add your email address to a mailing list. However, my card reader provider, iZettle, does need to use your card details in order to take payment and transfer it to me. To read iZettle’s Privacy Policy, please click here.
MAILING LIST
I offer customers the option of signing up to an email mailing list, to keep customers updated with news relating to my jewellery designs; for example, upcoming events, new designs and sales. I use a third-party service called Mailchimp to create and maintain this mailing list. Please click here for Mailchimp’s Privacy Policy.
SOCIAL MEDIA
I am a member of, and interact with many of my customers through, various social media sites as detailed below.
Although I do not personally obtain customer data from these sites without the customer’s consent, each of these third-party sites has its own privacy policy and I encourage customers to read these:
BEHAVIOURAL ADVERTISING
As described above, I use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
You can opt out of targeted advertising by using the links below:
- Facebook: https://www.facebook.com/settings/?tab=ads
- Google: https://www.google.com/settings/ads/anonymous
Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.
How do you get my consent?
When you provide us with personal information to complete a transaction, verify your payment details, place an order, arrange for a delivery or return an order, we imply that you consent to our collecting it and using it for that specific reason only.
For our mailing lists, all subscribers are sent an email to confirm their consent before any newsletters are sent.
If after you opt-in, you change your mind, you can withdraw your consent for us to contact you - for the continued collection, use or disclosure of your information; or to fully delete you from our records at anytime, by contacting us at rosapietsch1@gmail.com.
YOUR RIGHTS
Under data protection laws you have rights in relation to your personal data that include the right to request access, correction, erasure, restriction, transfer, to object to processing, to portability of data and (where the lawful ground of processing is consent) to withdraw consent.
You can see more about these rights at:
https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
If you wish to exercise any of the rights set out above, please email me at rosapietsch1@gmail.com
DATA RETENTION
I will only retain your personal data for as long as necessary to fulfil the purposes I collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
When deciding what the correct time is to keep the data for, I look at its amount, nature and sensitivity, potential risk of harm from unauthorised use or disclosure, the processing purposes, if these can be achieved by other means and legal requirements.
For tax purposes the law requires me to keep basic information about my customers (including Contact, Identity, Financial and Transaction Data) for six years after they stop being customers.
In some circumstances I may anonymise your personal data for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
CHANGES
I may update this privacy policy from time to time in order to reflect, for example, changes to my practices or for other operational, legal or regulatory reasons.
How to Contact Me
For purposes of EU data protection law, I, Rosa Pietsch, am the data controller of your personal information. If you have any questions or concerns, you may contact me at rosapietsch1@gmail.com. Alternately, you may mail me at:
Rosa Pietsch, 14 Tudor Road, Bristol, BS2 9LW