In order to help you use our site and process your orders, personal data is collected about you, such as your Name, Address and E-mail Address. This document sets out to help you understand what data we collect about you, why we collect it, how we collect it, how long we collect it for, who we share that data with, how we protect it and what happens if the data is breached. This is to help you better understand how your data is collected and used. As part of this, you can also access all the data that we collect about you and if you wish, remove it from our website.
Who we are?
We are Be Charlo, our website address is: https://becharlo.co.uk and we are owned by Becca Charlo. In order to contact Becca, you can use the Contact section on this website or directly at firstname.lastname@example.org.
What personal data we collect and why we collect it?
In order for this website to function properly and to help you in your interactions with it, you may sometimes share your personal data with us. This is happens in three main ways:
While using this website, you may wish to register for a user account. This allows you to access your current/previous orders and maintain a wishlist of items you want to keep a reminder of. In order to achieve this, you need to enter information including (but not limited to) an E-mail address and Password. In order to register for an account within this website, you must actively accept that you acknowledge these conditions while registering.
When you purchase items from this website, personal data must be given in order for us to process your order. This includes (but is not limited to) information like your Name, Address and E-mail address. This information is collected in so that we are able to send you your order and contact you if necessary regarding your order (e.g. invoices sent to your e-mail address). In order to purchase an item from this website, you must actively accept that you acknowledge these conditions while registering.
When you contact us directly using the “Contact” section of this website, data that you give us such as (but not limited to) your Name, E-mail Address and the message you wish to send is collected by us. This is kept in order to receive your message and reply to you. In order to contact us, you actively accept that you acknowledge these conditions while registering.
When you contact us directly using the “Contact” section of this website, data that you give us such as (but not limited to) your Name, E-mail Address and the message you wish to send is collected by us. This is kept in order to receive your message and reply to you. In order to contact us, you actively accept that you acknowledge these conditions while using the contact form.
When you add comments to the blog section of this website, data that you give us such as (but not limited to) your Name, E-mail Address and the comment you wish to send is collected by us. This is kept in order to allow users to see your message. When you add a comment on this site, you actively accept that you acknowledge these conditions while commenting.
We may also use this data to:
Process payments and prevent fraud
Set up your account for our store
Comply with any legal obligations we have, such as calculating taxes
Improve our store offerings
Send promotional information to you via e-mail
In order to improve your interaction with this site we also store data on:
Products you’ve viewed: We’ll use this to, for example, show you products you’ve recently viewed.
Products you’ve added to the wishlist: We’ll use this to show you and other users your favourite products, and to create targeted email campaigns.
Wishlists you’ve created: We’ll keep track of the wishlists you create, and make them visible to the store’s staff
Location, IP address and browser type: We’ll use this for purposes like estimating taxes and shipping.
Shipping address: We’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!
Do we store cookies?
In order for the site to function properly, we may need to store very small pieces of information on your system called cookies. Cookies are important for any website where you can log in or might wish to save your preferences. They also allow us to connect you with Instagram so you can see our feed. If you select any option on our site where you wish for the site to remember your details, these will be saved on your system in the form of a cookie.
If you log into this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
We store cookies with cart contents while you are using the site as well as any items that you add to your wishlist. We also may store cookies with data about products that you’ve viewed, your location, your IP address, your browser type and your shipping address. (See Additional Details above)
You are within your rights to turn these off manually on your web browser but full functionality with this site can not be guarantied.
What embedded content is there from other websites?
In order to keep you updated with what we are up to, we include an Instagram feed on this website. This feed may add it’s own cookies to your system and Instagram may track you if you have an account with them.
You may also encounter “social links” within this website, such as an option to share a product on Facebook. This will connect with your personal accounts within these services and may track you.
In order to keep track on how our website is being used, we may collect analytic data. Anonymous data may also be collected for analytic purposes by our web hosting provider.
Who do we share your data with?
Within our organisation, we keep your data protected and it is only able to be accessed by members and our web development team. However in order to process some of your data, it must be shared with third parties. The third parties that we share your data with are:
PayPal: In order to process your payment details we must share your data with and connect to PayPal. This data includes information such as the purchase total and billing information. www.paypal.com .
Stripe: In order to process your payment details via debit/credit card, we use a widely trusted service called Stripe that is used to connect with your payment method provider. To do this we must share your data and connect to Stripe. This data includes information such as the purchase total, billing information and your debit/credit card details. More information at : www.stripe.com .
Mail Chimp: In order to send you important information regarding your order or contact with us, we use a widely trusted service called Mail Chimp. This allow us to automate messages such as invoices so that you get them automatically. We may also use this service to send direct promotional information to you and analyse how effective this is. If you wish to opt out of this, please message our Data Protection Officer Becca Charlo at email@example.com . More information at : www.mailchimp.com .
How long do we retain your data?
When you purchase an item with us, the data you give to us will be kept for a reasonable time. This is usually kept on record for legal and tax reasons. When they are no longer needed, they are deleted.
When you contact us via a contact form, the data you give us will be kept indefinitely unless you ask us to remove it. This makes it easier to reply to your message and reference it in the future if needed.
When you add a comment via the comment form, the data you give us will be kept indefinitely unless you ask us to remove it. This means that other users can see your comment and it will not be deleted.
When you make an account, add items to your cart or wishlist, this information is kept indefinitely unless you ask is to remove it. This means that you will not lose your information if you do not access your account for a period of time.
What rights do you have over your data?
Under the new GDPR rules, your rights have been greatly increased. Under these rules, you have the right to know what data we collect from you and why. As well as this, you can also contact our Data Protection Officer (see below) directly and request to either all of the data that we have on you (but not necessarily the data that third parties, listed above, will have) and if necessary erase that data.
Where can you contact us about your data rights?
If you want to contact us about your data rights, including viewing and erasing your data, you can contact our Data Protection Officer Becca Charlo at firstname.lastname@example.org .
How do we protect your data?
In order to protect your data, we only give access to critical staff and web development team members.
What data breach procedures do we have in place?
In the event of a data breach to this site, you can expect two things to happen. When we have been made aware of it, we will e-mail all of the effected parties that we have information for from their records if this is possible. We will also make a public notification of the problem and it’s status on our Facebook page.