At Tatty Rose we are committed to safeguarding and preserving the privacy of my visitors and my customers.
This notice explains what happens to any personal data that you provide to us, or that we collect from you whilst you visit our website (www.tattyrose.co.uk). We do update this from time to time so please do review this regularly.
Who we are
Our website address is: https://www.tattyrose.co.uk.
What personal data we collect and why we collect it
In the table below we have described the different personal data we collect from you, where it is collected and how it is used.
|Data Collected||Where it is collected||How it is used|
|Identity Data i.e. first name, last name, usernames, gender, age||Via my Contact Form found here www.tattyrose.co.uk/contact||When you contact us via our contact form a copy of the information you provide will be sent to us via email so we can respond to your enquiry. This information includes your name, email address and your message.
Gender & Age data is collected via Google Analytics and stored in Google Analytics for this website.
|Contact Data i.e. email address, telephone number, billing address||Via my Contact Form. Billing Address/Shipping Address is obtained when you make an order on our website.||As we are an online store we need to process and hold information regarding you and your order with us. When making an order you will be required to enter your name, email address, billing and shipping address along with your payment details. Your payment details will be stored via our payment gateway, Stripe. The rest of your information will be stored within our website in conjunction with Woocommerce.|
|Technical Data i.e. log in data, IP addresses, browser types, time zones, locations, devices.
Usage Data i.e. how you use my website
|Via Google Analytics which is connected to this website.||This information is used for us to analyse how our website is performing from its visits and how our customers access our website. It is not used and cannot be used to identify an individual.|
|Profile Data i.e. username and password, your interests, survey responses, feedback forms.||Via Woocommerce Plugin in for WordPress
Via Google Analytics for Interest data
|Username and Passwords are created for access to your online store account.
Google Analytics is used so we can understand our customers better to then deliver a better service.
|Marketing & Communication Data i.e. subscribing to my mailing lists||We have a monthly newsletter sign up form on our website and this is connected to Mailchimp.||The information you provide to sign up to our newsletter is kept within Mailchimp. It will only be used for the purposed stated – to contact you via email once a month with our Newsletter.|
How long do we keep your data on file
We are required under UK tax law to keep your basic personal data (name, address, contact details) for a minimum of 6 years after which time it will be destroyed. Your information we use for marketing purposes will be kept with us until you notify us that you no longer wish to receive this information.
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information.
How we use your information and store it
Below is a table detailing the systems we use on our website, with links to their Terms & Conditions and Privacy Policies so you can also read how they are compliant with Data Protection Regulations.
|WordPress||Our website is created on this platform||https://wordpress.org||https://wordpress.org/about/privacy/|
|Woocommerce||This Plugin is used to operate our shop, record and process our orders||https://memberpress.com||https://memberpress.com/privacy/|
|Divi||The framework and theme used to create the website||https://www.elegantthemes.com/gallery/divi/||https://www.elegantthemes.com/policy/privacy/|
|Mailchimp||To send email communication newsletters||https://mailchimp.com||https://mailchimp.com/legal/privacy/|
|Stripe||Our Payment Gateway used to process your payments for our garments||https://stripe.com||https://stripe.com/gb/privacy|
|Google Analytics||To view, analyse and report on activity within our website||https://www.google.com/analytics/#?modal_active=none||https://policies.google.com/privacy?hl=en|
|Siteground||Our hosting provider||https://www.siteground.co.uk||https://www.siteground.co.uk/privacy.htm|
|Gmail & GSuite||Our Business Email provider||https://www.google.com/gmail/about||https://www.google.com/gmail/about/policy/|
We do our utmost to ensure that the hosting provider and any other software we use is secure and fully accredited, however we cannot be responsible for any illegal breaches that may occur within these systems and the companies management of them.
Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not collect any sensitive data.
Third Party Service Providers outside of the EEU
Some of the third parties service providers that we use are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.
Whenever we transfer your personal data out of the EEA, we will do our best to ensure a similar degree of security of data by ensuring at least one of the following safeguards is in place:
- We will only transfer your personal data to countries that the European Commission have approved as providing an adequate level of protection for personal data by; or
- Where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal data the same protection it has in Europe; or
- If we use US-based providers that are part of EU-US Privacy Shield, we may transfer data to them, as they have equivalent safeguards in place.
If none of the above safeguards is available, we may request your explicit consent to the specific transfer. You will have the right to withdraw this consent at any time.
Storage of Payment Details
We do not have the facilities to process card payments offline. All card payments are made online via Stripe.
Third Party Links
On occasion if we do include links to third parties it does not mean that we endorse or approve that site’s notice towards visitor privacy. You should review their privacy notice before sending them any personal data.
Know your rights
If at any point you believe the information we process on you is incorrect you can request to see this information and even have it corrected or deleted. You can contact me, the owner Nell Nash, directly at firstname.lastname@example.org to handle this request.
Alternatively, if it is in reference to any email marketing communications there is an Unsubscribe link at the bottom of every email newsletter that is sent.
If you wish to raise a complaint on how we have handled your personal data please do contact the owner, Nell Nash, directly first at email@example.com so that she can look into the matter and rectify the situation as efficiently and securely as possible.
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law, you can complain to the Information Commissioner’s Office (ICO) (https://ico.org.uk)
Below are our full details:
Address: 75 Fifth Street, Midlothian, EH22 4PL
Phone: +44 7933 454574