Pretty As A Picture Gifts’ Privacy Promise
Pretty As A Picture Gifts are dedicated to safeguarding your privacy online. We will only collect, store and use your personal information for specific purposes as outlined below in accordance with GDPR.
We use your personal information to support and develop our connection with you. We will never share your personal data to 3rd parties unless required by law and your data is always protected.
You may contact Pretty As A Picture Gifts at any time with any privacy queries or concerns and to see the personal data you have given us and request modification. Personal data means any information relating to an identified or identifiable natural person. This can include name, email address, address, and much more.
When you place and order on our online systems (Etsy, eBay) or via our Facebook business page (facebook.com/prettyasapicturegifts), we collect your name, e-mail address, postal address, and contact details. Pretty As A Picture Gifts keeps a record of this information for tax purposes and for ensuring we fulfil our contract with you.
The only personal information we hold is what customers provide to us when they place an order on our 3rd party stores or via Facebook.
We do not share your personal data with 3rd parties, however it is stored on relevant systems – Royal Mail, Order Management Software, Accounting Systems which are GDPR compliant. If we are required by law to share any information, we will check with each party concerned to ensure they are happy for that to happen. An example of this would be if HMRC requested an audit of our accounting transactions.
We store sensitive data for as long as customers remain active clients. Emails are eradicated after 90 days. Information required for tax and legal requirements are held for 7 years as a requirement by law.
We keep a record of any orders you make from us, so we can help to deal with any enquiries or problems you may have in the future.
When you place an order with Pretty As A Picture Gifts you may be asked whether you’d like to consent to us displaying your order as part of our marketing materials. By giving your consent for us to do this you understand your personal data will be in the public domain and we assume no responsibility for the usage of this data subsequently. You may request to have your personal data removed at any time and we are more than happy to comply within 7 working days.
We keep a record of any e-mail communication you send us for 90 days, so we can track any problems or concerns you’ve had.
Pretty As A Picture Gifts kindly request that you do not supply any other person’s personal data to us, unless required by law or you have their explicit consent to do so.
How we use your personal data
All the data we gather when customers place an order or through communication with you is used to operate and expand the service we offer you and to personalise our service. How we use your personal data is dependent on the legal basis for processing your data. We are dedicated to using your personal data only for:
1. Processing your orders correctly.
2. Development and expansion of the business, including examination of customers’ shopping behaviours, measurement of advertisements and product style preferences of our customers.
3. Reviewing our systems
Legal Basis for Processing Data
Pretty As A Picture Gifts’ lawful basis for processing data are:
Legal Obligation – tax purposes.
Contract – customers placing an order with Pretty As A Picture Gifts.
Requesting Your Information
If you would like to review the data you have provided to us because you feel that what we presently have on record is incorrect, and/or you would like your data erased from our records, you can so do by contacting us using the contact details below. Under GDPR you have a right to be forgotten, to withdraw your consent, to change information we hold about you, and to restrict processing. Pretty As A Picture Gifts are more than happy to comply with this in accordance with the law.
How we protect data
You recognise that the Internet is not a 100% secure platform for communication and, accordingly, we cannot guarantee the security of any data you send to us (or we send to you) via the Internet.
We are not responsible for any damages which you, or others, may suffer as a result of the loss of confidentiality of such information. We take every precaution to safeguard your information.
All personal data stored by us is kept on a server in a secure environment. The computers on which data is accessed is password protected, data held in the cloud is password protected and held on encrypted systems and third-party software have their own security systems. Physical data is kept in locked storage within secure premises. The risks of a breach are minimal due to the precautions mentioned above being taken, and close monitoring is undertaken to ensure security systems are always up to date. Breaches will be identified, reported, managed, and resolved according to the ICO guidelines.
How you can help us protect your data
Please bear in mind that whenever you willingly divulge personal data online in non-protected situations – for example on message forums, through email, or in chat spaces – that data can be collected and used by others. In short, if you post personal data online that is accessible to the public, you may receive unsolicited communications from other parties in return.
Also remember to close your browser window when you have finished using the computer. This is to ensure that others cannot access your personal data and communications if you share a computer with someone else or are using a computer in a public place like a library or Internet café.
We cannot confirm or warrant the security of any data you communicate to us, and you do so at your own risk. Once we receive your communication, we make our best effort to ensure its security on our systems.
3rd Party References
Microsoft (Email/Cloud Storage)
The information above can be used to contact our Data Protection Officer.
Last updated: September 2020