Privacy and Cookie Policy

This privacy notice provides you with details of how I collect and process your personal data through your use of this site http://paulinehenry.com/ By providing me with your data, you warrant to me that you are over 13 years of age.

Pauline Henry is the data controller and I am responsible for your personal data If you are not happy with any aspect of how I collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (http://www.ico.org.uk). I should be grateful if you would contact me first if you do have a complaint so that I can try to resolve it for you.

Contact details

Pauline Henry
Flat 1, 133 Sutherland Avenue
London
W4 5PY

If you have any questions about how I use your personal data, please email me on paulinehenry@ymail.com or through my contact form

Data I collect

Personal data means any information capable of identifying an individual. It does not include anonymised data. I use your data only for the purpose for which it was collected or for a reasonably similar purpose. If I need to use your data for a different purpose, I will let you know the legal grounds for processing.

I may process your personal data without your knowledge or consent where this is required or permitted by law.
I do not carry out automated decision making or any type of automated profiling.

Communications:- I collect information from you when you communicate with me. This could be through email, my contact form, or a social media site such as Facebook. I process this data so I can communicate with you, for record keeping, and for the establishment, pursuance or defence of legal claims. My lawful grounds for this processing is legitimate interests.

Customer Data:- I collect information about you in order to process any orders you place through my website or through other means. I collect information such as your name, postal address and payment information. I process this data in order to fulfil the contract and for legal and regulatory purposes. This data may be kept for up to seven years as per UK legislation. If you do not provide this data, I may be unable to fulfil the contract and the order will be cancelled. The legal basis for this processing is contractual.

Marketing Data:- I collect information from you to keep you up to date with news via email. I collect your name and email address and this is stored and processed within Mailchimp or similar data processing software with a similar level of protection. This data is collected and processed on the basis of consent, which can be withdrawn at any time. You can unsubscribe by following the link in the newsletter, or by emailing me at the address above.

Third-parties:
This site contains links to third-party sites. I do not control these websites and am not responsible for their data protection policies. When you leave this site, please do read the privacy policy of any new site you visit.

Cookies
This website uses cookies to improve your browsing experience. The site collects data about your usage of the site and your equipment. This is anonymised and aggregated and used to help me improve your user experience on this site.
If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.

Disclosure of data:-
I may have to disclose your personal data with third-parties who include but are not limited to:

• Other companies who provide services to me, such as couriers
• IT and admin service providers
• Professional advisors including lawyers, insurers, and auditors
• Government bodies
• Sister company http://www.diamondinvenus.com

Every reasonable effort will be made to ensure your data is kept safe when being accessed and processed by my partners and suppliers.

International Transfers

Where third-party companies I share data with are outside of the EEA, I will ensure that appropriate and reasonable safeguards are in place to protect your data. I will endeavour to use businesses that provide a similar level of protection to EEA data protection regulations, for example Privacy Shield in the US.

Accessing your data

• I have taken reasonable steps to ensure that your data is collected and processed securely.
• I will only keep your data for as long as necessary. This could be for up to seven years for regulatory purposes.
• Where data has been anonymised, I can use this indefinitely without notice to you.
• If you make a subject access request, I will try to respond within one month. Where this may take longer due to the complexity or frequency of the request, I will inform you. I will not charge a fee for accessing your data, but I can choose to charge a fee if your request is excessive or unreasonable.
• If you make a subject access request, I will need information from you to confirm your identity for security purposes.
• You can find out your rights at https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/