What do we do?
We are an online retailer, supplying our customers with a range of handmade jewellery and accessories.
What information do we collect?
We care about your privacy. For this reason, we only collect and use Personal Data as it might be needed for us to deliver our services to you. Your Personal Data includes your name, address, postcode, telephone number, and email address which you can choose to provide when you either create an account or purchase any of our services, complete contact forms or subscribe to our newsletter, contact us for assistance, or participate in contests or surveys.
We need to collect this information in order to provide you with our products and services. It also helps us personalise and deliver relevant, benefit-driven content in any update e-mails.
We may also collect images, photographs and videos, with your explicit consent, for use in Toot’s trinkets publications and advertising.
The legal basis for our collection of this data is ‘Legitimate Interest’ as per Recital 47 of Article 6(f) of the General Data Protection Regulations (GDPR) as it is reasonable for you to expect to provide such Personal Data in order to allow us to supply you with your purchased Goods and Services.
We do not collect ‘sensitive data’ about you (as specified in Article 9 of the GDPR as data about ‘racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership’.)
We do not knowingly collect, process or share the Personal Data of children or minors, if you are under 18, please do not provide any personal information to us.
You do not have to provide us with any Personal Data if you do not want to, however we may be unable to supply you with Goods or Services if you do not.
From time to time we may conduct market research by asking you questions via email or Social Media and this data could be used to improve your experience of shopping with us. You’re under no obligation at all to answer these questions, but they will help us communicate more effectively with you.
How do we use your Personal Data?
We strongly believe in minimising the Personal Data we collect and limiting its use and purpose to only that which we have been given permission for and as necessary to deliver the Goods or Services you purchase. This includes:
Processing your orders correctly.
Tailoring your purchase to your specific requirements
Technical management of our website.
Reviewing and improving our processes.
Providing you with information about offers or services we believe will be of interest to you.
Administering and expanding our business activities, providing customer services and making available our services to our customers and prospective customers.
Sharing with trusted third parties.
We may share your Personal Data with third parties as necessary in order for them to perform services on our behalf, such as:
Processing of payments via PayPal
Communicating with you, such as by email
Delivering purchased Goods
We only share your Personal Data as necessary for any third party to provide the services as requested or as needed on our behalf. These third parties are subject to strict data processing terms and conditions and are prohibited from utilising, sharing or retaining your personal data for any purpose other than as they have been specifically contracted for.
Website Analytics: Our website uses Google Analytics, one of the most popular and trusted analytics solutions, to help us to understand how people use our website. It does this by tracking such information as how long people spend on our website, the pages they visit, the website that referred them to our website and other aggregate data. We do this so that we can make improvements to our website and provide a better user experience and more engaging content.
How do we communicate with you?
We may contact you directly or through a third party service provider regarding Goods or Services that you have purchased from us, such as necessary to deliver service related communications. By placing an order with us, you agree for us to contact you as necessary in order to supply you with the Goods and Services purchased.
How do we secure, store and retain your data?
Protecting the security of all personally identifiable information of our visitors and customers is important to us. We take all reasonable precautions to store and protect the Personal Data that we collect, both during transmission and once received and stored on our systems. Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure. As a result, while we take all reasonable steps to ensure the security of our users’ personal information and maintain their privacy, we cannot guarantee or warrant the security of any information you disclose or transmit to us online and cannot be responsible for the theft, destruction, or inadvertent disclosure of such personal information.
We will retain your Personal Data for only as long as necessary to provide you with the services you have requested and thereafter for a variety of legitimate business purposes. These might include retention periods mandated by contract, needed to maintain adequate and accurate business and financial records, or to provide you with relevant promotional offers that we believe will be of benefit to you.
Links to Other Sites
You should be aware that when you are on our website, you could be directed to other sites that are beyond our control. There are links to other sites from our website pages that take you outside our service. These other sites may send their own cookies to users, collect data or solicit personal information. The privacy policies of these other sites may significantly differ from that of Toot’s trinkets. We are not responsible for the privacy practices of any other sites and cannot guarantee the security of any of your personal information collected there.
What are Your Rights under the GDPR?
Under the GDPR you have certain rights regarding your Personal Data. The rights that apply to the Personal Data we collect are as follows:
The right of access – this means you have the right to know what Personal Data we hold about you. We will provide this information to you free of charge on request.
The right of rectification – if the Personal Data we hold about you is incorrect or incomplete you have the right to correct it or complete it.
The right to erasure – sometimes known as ‘the right to be forgotten’ this means if you request us to do so, we will delete the Personal Data we hold about you.
The right to restrict processing – this means that you can request for us to cease processing your data rather than deleting it.
The right to data portability – this means if you request Personal Data from us we will provide it in a commonly used, machine readable form.
The right to object – this means you can object to us processing your Personal Data if you do not believe it is in your interest.
You also have the right to lodge a complaint with a supervisory authority if you so wish.
By Mail: Data Protection Officer, 12 Leda Cottages, Charing, Ashford TN27 0EG, UK