This privacy notice provides you with details of how I collect and process your personal data through your use of this site http://paulinehenry.com/ By providing me with your data, you warrant to me that you are over 13 years of age.
Pauline Henry is the data controller and I am responsible for your personal data If you are not happy with any aspect of how I collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (http://www.ico.org.uk). I should be grateful if you would contact me first if you do have a complaint so that I can try to resolve it for you.
Flat 1, 133 Sutherland Avenue
If you have any questions about how I use your personal data, please email me on email@example.com or through my contact form
Data I collect
Personal data means any information capable of identifying an individual. It does not include anonymised data. I use your data only for the purpose for which it was collected or for a reasonably similar purpose. If I need to use your data for a different purpose, I will let you know the legal grounds for processing.
I may process your personal data without your knowledge or consent where this is required or permitted by law.
I do not carry out automated decision making or any type of automated profiling.
Communications:- I collect information from you when you communicate with me. This could be through email, my contact form, or a social media site such as Facebook. I process this data so I can communicate with you, for record keeping, and for the establishment, pursuance or defence of legal claims. My lawful grounds for this processing is legitimate interests.
Customer Data:- I collect information about you in order to process any orders you place through my website or through other means. I collect information such as your name, postal address and payment information. I process this data in order to fulfil the contract and for legal and regulatory purposes. This data may be kept for up to seven years as per UK legislation. If you do not provide this data, I may be unable to fulfil the contract and the order will be cancelled. The legal basis for this processing is contractual.
Marketing Data:- I collect information from you to keep you up to date with news via email. I collect your name and email address and this is stored and processed within Mailchimp or similar data processing software with a similar level of protection. This data is collected and processed on the basis of consent, which can be withdrawn at any time. You can unsubscribe by following the link in the newsletter, or by emailing me at the address above.
Disclosure of data:-
I may have to disclose your personal data with third-parties who include but are not limited to:
• Other companies who provide services to me, such as couriers
• IT and admin service providers
• Professional advisors including lawyers, insurers, and auditors
• Government bodies
• Sister company http://www.diamondinvenus.com
Every reasonable effort will be made to ensure your data is kept safe when being accessed and processed by my partners and suppliers.
Where third-party companies I share data with are outside of the EEA, I will ensure that appropriate and reasonable safeguards are in place to protect your data. I will endeavour to use businesses that provide a similar level of protection to EEA data protection regulations, for example Privacy Shield in the US.
Accessing your data
• I have taken reasonable steps to ensure that your data is collected and processed securely.
• I will only keep your data for as long as necessary. This could be for up to seven years for regulatory purposes.
• Where data has been anonymised, I can use this indefinitely without notice to you.
• If you make a subject access request, I will try to respond within one month. Where this may take longer due to the complexity or frequency of the request, I will inform you. I will not charge a fee for accessing your data, but I can choose to charge a fee if your request is excessive or unreasonable.
• If you make a subject access request, I will need information from you to confirm your identity for security purposes.
• You can find out your rights at https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/