Like most websites, this site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website.
Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GA also records your computer’s IP address, which could be used to personally identify you, but Google does not grant us access to this. We consider Google to be a third party data processor (see below).
Disabling cookies on your internet browser will stop GA from tracking any part of your visit to pages within this website.
If you choose to join our email newsletter, the email address that you submit to us will be forwarded to MailChimp, which provides us with email marketing services. We consider MailChimp to be a third party data processor (see below). The email address that you submit will not be stored within this website’s own database.
Your email address will remain within MailChimp’s database for as long as we continue to use MailChimp’s services for email marketing or until you specifically request removal from the list. You can do this by unsubscribing using the unsubscribe links contained in any email newsletters that we send you or by requesting removal via email. When requesting removal via email, please send your email to us using the email account that is subscribed to the mailing list.
While your email address remains within the MailChimp database, you will receive regular (usually monthly) newsletter-style emails from us.
If you choose to subscribe to our blog by email, the email address that you submit will be held by WordPress, which hosts the blog. We consider WordPress to be a third party data processor (see below). The email address that you submit will not be stored within this website’s own database.
Your email address will remain within WordPress’s database for as long as we continue to use WordPress to host our blog or until you specifically request removal from the list. To unfollow the blog, visit your Subscription Management page and click the Unfollow link next to the blog title. Changes to these settings will be immediate. You can also request removal via email: when doing this, please send your email to us using the email account that is subscribed to the blog.
If you buy something from our online Etsy shop, your personal information, including credit or debit card details, will be held by Etsy or PayPal, depending on how you pay. We consider Etsy and PayPal to be third party data processors (see below). The information that you submit will not be stored within this website’s own database or in any of our internal computer systems.
Etsy and PayPal process payments for any products purchased through our online shop. Neither we, Etsy nor PayPal retains any financial information you may submit as part of the purchasing process. Etsy and PayPal monitor every transaction, 24/7, to prevent fraud, email phishing and identity theft. Every transaction is heavily guarded behind advanced encryption. If something appears suspicious, their dedicated teams of security specialists will identify suspicious activity and help protect you from fraudulent transactions.
Your data as mentioned below is encrypted before transmission to prevent misuse of the transmitted data by third parties. SSL (Secure Socket Layer) is a security technology which guarantees that your personal data, including credit card information, login data and payment method, are securely transferred via the Internet. The data is encrypted so that is only readable by the Etsy and PayPal payment systems.
Your data, which is encrypted, is as follows:
- personal data (address data, telephone number, etc.)
- login data (username and password)
- all methods of payment selected, credit card and bank account.
Third party processors
We use the following third parties to process personal data on our behalf. These third parties are based in the United States and are committed to complying with the EU General Data Protection Regulation 2018 (GDPR) when it comes into force on 25 May 2018. They are already EU-U.S Privacy Shield compliant.
Accuracy and retention of data
We do our best to keep your data accurate and up to date, assuming you provide us with the information we need to do so. If your data changes (for example, if you have a new email address), then you are responsible for notifying us of those changes.
Upon request, we will provide you with information about whether we hold, or process on behalf of a third party, any of your personal information. We will retain your information for as long as your account is active or as long as needed to provide you with our services. Unless it is prohibited by law, we will remove any personal information about you from our records at your request.
We will report any unlawful data breach of this website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.