This privacy policy is for this website www.hiccupsandjuice.co.uk. It governs the privacy of its users who choose to use it and adheres to the guidance set out by The EU General Data Protection Regulation (GDPR)
The policy sets out the different areas where user privacy is concerned and outlines the obligations & requirements of the users, the website and myself, the website owner. Furthermore the way this website processes, stores and protects user data and information will also be detailed within this policy.
To fulfil your order, you must provide me with certain information, such as your name, email address, postal address, payment information, and the details of the product that you’re ordering. You may also choose to provide me with additional personal information (for a custom illustration or item of clothing, for example), if you contact me directly.
I rely on a number of legal bases to collect, use, and share your information, including to provide my services, such as when I use your information to fulfil your order, to settle disputes, or to provide customer support; if necessary to comply with a legal obligation or court order or in connection with a legal claim, such as retaining information about your purchases if required by tax law.
Information about my customers is important to my business. I share your personal information for very limited reasons and in limited circumstances, as follows:
I engage certain trusted third parties to perform functions and provide services to my shop, such as delivery companies. I will share your personal information with these third parties, but only to the extent necessary to perform these services.
If I sell or merge my business, I may disclose your information as part of that transaction, only to the extent permitted by law.
I may collect, use, retain, and share your information if I have a good faith belief that it is reasonably necessary to: (a) respond to legal process or to government requests; (b) enforce my agreements, terms and policies; (c) prevent, investigate, and address fraud and other illegal activity, security, or technical issues; or (d) protect the rights, property, and safety of my customers, or others.
I retain your personal information only for as long as necessary to provide you with my services and as described in my Privacy Policy. However, I may also be required to retain this information to comply with my legal and regulatory obligations, to resolve disputes, and to enforce my agreements. I generally keep your data for 7 years to comply with HMRC tax regulations.
I may store and process your information through third-party hosting services in the US and other jurisdictions. As a result, I may transfer your personal information to a jurisdiction with different data protection and government surveillance laws than your jurisdiction. If I am deemed to transfer information about you outside of the EU, I rely on Privacy Shield as the legal basis for the transfer, as Dropbox is Privacy Shield certified.
If you reside in certain territories, including the EU, you have a number of rights in relation to your personal information. While some of these rights apply generally, certain rights apply only in certain limited cases. I describe these rights below:
You may have the right to access and receive a copy of the personal information I hold about you by contacting me using the contact information below.
You may also have rights to change, restrict my use of, or delete your personal information. Absent exceptional circumstances (for instance where I am required to store data for legal reasons) I will delete your personal information upon request.
If you reside in the EU and wish to raise a concern about my use of your information (and without prejudice to any other rights you may have), you have the right to do so with your local data protection authority.
If you would like to review the data you have provided to us because you feel that what we presently have on record is incorrect, and/or you would like your data erased from our records, you can so do by contacting us using the contact details below.
Under GDPR you have a right to be forgotten, to withdraw your consent, to change information we hold about you, and to restrict processing.
I am more than happy to comply with this in accordance with the law.
Data security matters to all our customers. Therefore I will treat your data with care and take all appropriate steps to protect it.
All areas of the website including transactional areas can only be accesses using 'https' technology.
Access to your personal data is password protected. Communication with external payment providers is secure and tokenised. We do not store or process your card details ourselves, they are processed by PayPal. See PayPal's Privacy Policy for their information regarding this.
Whenever we collect or process your personal data, we'll only keep it for as long as is necessary for the purpose for which it was collected.
At the end of the retention period your data will either be deleted or completely anonymised.
Use of cookies is outlined in our cookies page.
Communication, engagement and actions taken through external social media platforms that this website and its owners participate on are custom to the terms and conditions as well as the privacy policies held with each social media platform respectively.
Users are advised to use social media platforms wisely and communicate/engage upon them with due care and caution in regard to their own privacy and personal details. This website nor its owners will ever ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.
For purposes of EU data protection law, I, Fiona Barnett, am the data controller of your personal information. If you have any questions or concerns, you may contact me at [email protected] . Alternately, you may mail me at the address below.
7 Kidderminster Walk, Broughton, Milton Keynes, Buckinghamshire. MK10 9LF.