Privacy

Updated May 28th 2020

Personal Data: What information do we collect, why do we collect and what do we do with it

General

The General Data Protection Regulation and the UK Data Protection Act 2018 govern how we can communicate with you. As a result, we chose to rely on you giving us your consent about how we can contact you in connection to marketing or any other matter. We may use other lawful grounds for processing your personal data, depending on the relationship we have with you.

Comments

My website is not set up for comments, but should that change the following policy would apply: if visitors leave comments I would collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. If you leave a comment you would be able to opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

See Contact Forms below for what I would do with your data.

Contact forms

I use contact forms to enable visitors and customers to communicate with me. All data collected via the forms is transmitted to me via SSL security (which will show a padlock in your browser’s address field) and is also stored on secure email servers. I may collect your name, email address and telephone number if provided.

I don’t use this data for any purpose other than to deal with the topic you have contacted me about, unless you’ve given me permission. This means I may contact you regarding important information about that topic and related matters that require your attention.  Once the matter is dealt with, I do not hold your data, which means if something crops up later (for example, if you discover a fault in a book you have purchased some time after purchase) you may need to provide some information again, so that I can deal with it.

Cookies & Analytics

I use security auditing tools to monitor visitor behaviour and prevent malicious attacks from happening. These systems log information anonymously but include your IP address, web browser used, pages visited and time spent on these pages in order for my web team to track down the potential cause of a security vulnerability (if found).

Google Analytics is used alongside Google Search Console to track the performance of my website for when/if I need to utilise further marketing strategies. This policy will update with more information when/if these occur.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in exactly the same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Who I share your data with?

Basically, no-one.

However, information collected via Google Analytics and security systems are shared with my web team at First Class Design in order to diagnose potential issues with the website platform. These issues may result in performance improvements, additional security enhancements and design changes in the future. My website team does not use this data for marketing or any other purposes.

How long I retain your data

Contact form submissions are stored securely within third party email accounts that require the information to deal with requests, orders and other needs. Form submissions are also stored on my website securely and will be deleted no later than 60 days after the matter is closed.

If you leave a comment (which, as I explained above, my site is not currently set up for), the comment and its metadata would be retained indefinitely. This would be so I can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

What rights you have over your data

You can request to receive an exported file of the personal data we hold about you, including any data you have provided. You can also request that I delete any personal data held about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where I send your data

Visitor comments may be checked through an automated spam detection service. This also applies to our login pages not intended for public use. The data is sent securely via SSL to web servers that are managed by First Class Design. They do not access this data unless required to.

Online Store: Your privacy when making orders

I collect information about you during the checkout process on my store.

What I collect and store

While you visit our site, I’ll track:

  • Products you’ve viewed: I’ll use this to, for example, show you products you’ve recently viewed
  • Location, IP address and browser type: I’ll use this for purposes like estimating taxes and shipping
  • Shipping address: I’ll ask you to enter this so I can, for instance, estimate shipping before you place an order, and send you the order!

I’ll also use cookies to keep track of basket contents while you’re browsing the site.

When you purchase from me, I’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. I’ll use this information for purposes, such as, to:

  • Send you information about your account and order
  • Respond to your requests, including refunds and complaints
  • Process payments and prevent fraud
  • Set up your account for our store
  • Comply with any legal obligations we have, such as calculating taxes
  • Improve my store offerings
  • Send you marketing messages, if you choose to receive them

If you create an account, I will store your name, address, email and phone number, which will be used to populate the checkout for future orders. Inactive accounts are deleted after 12 months.

I generally store information about you for as long as we need the information for the purposes for which I collect and use it, and I’m not legally required to continue to keep it. For example, I will store order information for at least 2 years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.

I will also store comments or reviews, if you choose to leave them.

Who on my team has access

Members of my web team have access to the information you provide, such as:

  • Order information e.g. what was purchased, when it was purchased and where it should be sent, and
  • Customer information e.g. your name, email address, and billing and shipping information.

My team members have access to this information to help fulfill orders, process refunds and support you.

Payments

I accept payments through Stripe. When processing payments, some of your data will be passed to Stripe, including information required to process or support the payment, such as the purchase total and billing information. I will never see your full card number (only the last four digits), CVC etc.

Please see the Stripe Privacy Policy for more details.

My contact information

If you have any questions about this privacy policy, please send me a message and I’ll get back to you!

Email me: laurence@laurencerose.co.uk

Server functionality

This site utilises caching in order to facilitate a faster response time and better user experience. Caching potentially stores a duplicate copy of every web page that is on display on this site. All cache files are temporary, and are never accessed by any third party, except as necessary to obtain technical support from the cache plugin vendor. Cache files expire on a schedule set by the site administrator, but may easily be purged by the admin before their natural expiration, if necessary.