MayfairSilk® understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of everyone who visits this website, www.mayfairsilk.com (“Our Site”) and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.
In this Policy the following terms shall have the following meanings:
means an account required to access and/or use certain areas and features of Our Site;
means a small text file placed on your computer or device by Our Site when you visit certain parts of Our Site and/or when you use certain features of Our Site. Details of the Cookies used by Our Site are set out in Part 14, below; and
means the relevant parts of the Privacy and Electronic Communications (EC Directive) Regulations 2003;
2. INFORMATION ABOUT US
Our Site is owned and operated by MayfairSilk Ltd, a limited company registered in England under company number 12532447. VAT Registration: 348335682.
Registered address: Lansdowne House, 57 Berkeley Square, Mayfair, London, W1J 6ER, United Kingdom.
Main Address: Lansdowne House, 57 Berkeley Square, Mayfair, London, W1J 6ER, United Kingdom.
Data Protection Officer: Marcus Ubl
Email address: email@example.com
Telephone number: +44 203 885 2223.
Postal address: See main address above.
We are a member of the UK Fashion & Textiles Association.
3. WHAT DOES THIS POLICY COVER?
4. WHAT IS PERSONAL DATA?
Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) and the Data Protection Act 2018 (collectively, “the Data Protection Legislation”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.
Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
5. WHAT ARE MY RIGHTS?
Under the Data Protection Legislation, you have the following rights, which we will always work to uphold:
- The right to access the personal data we hold about you.
- The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete.
- The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we hold.
- The right to restrict (i.e. prevent) the processing of your personal data.
- The right to object to us using your personal data for a particular purpose or purposes.
- The right to withdraw consent. This means that, if we are relying on your consent as the legal basis for using your personal data, you are free to withdraw that consent at any time.
- The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.
- Rights relating to automated decision-making and profiling. We do not use your personal data in this way.
For more information about our use of your personal data or exercising your rights as outlined above, please contact us using the details provided in Part 22.
It is important that your personal data is kept accurate and up-to-date. If any of the personal data we hold about you changes, please keep us informed as long as we have that data.
Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau.
If you have any cause for complaint about Our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office. We would welcome the opportunity to resolve your concerns ourselves, however, so please contact us first, using the details in Part 22.
6. WHAT INFORMATION DO WE COLLECT AND HOW
When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information”.
Identity Information including includes first name, last name, username or similar identifier. When you email, phone, live chat, place an order or otherwise, we may collect information such as your first name, last name, email address and phone number.
Contact information including billing address, invoicing address, email address and telephone numbers. When you place an order, we may collect information such as your billing address, invoicing address, email address and telephone numbers through the checkout web forms.
Technical Information includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access Our site.
Financial / Transaction information including payment card details. When you place an order through the order form on Our site the payment is handled by our secure PCI-compliant payment processor Shopify Payments through an encrypted SSL session. We do not save your card details. Shop Pay gateway offered by Shopify may offer you the option of ‘remember me’ which will store your payment, contact and billing/shipping details on their secure and fully PCI-compliant servers to allow for fast checkouts on any Shopify store. The only details the store would receive on these subsequent transactions is the last 4 digits of your card and your contact/billing/address details for the
Marketing and Communications Information includes your preferences in receiving marketing from us and our third parties and your communication preferences.
Third parties and Information we receive from other sources. We are also working closely with third parties (including, for example, suppliers, sub-contractors, advertising networks, analytics providers, and search information providers) and may receive information about you from them.
Profile Information includes your username and password, reservations made by you, your interests, preferences, feedback, reviews and survey responses.
Interaction Information includes any information that you might provide to any discussion forums or reviews on our Site.
Log files Information tracks actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
7. WE COLLECT DEVICE INFORMATION USING THE FOLLOWING TECHNOLOGIES:
- “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org
- “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
- “Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse the Site.
- Analytics Information with Google Analytics, Facebook Pixel and Browsee pixel.
Here is a non-extensive list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits.
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessionalstorefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
8. HOW DO WE USE YOUR PERSONAL INFORMATION?
We use the Order Information that we collect generally to fulfil any orders placed through the Site (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations). Additionally, we use this Order Information to:
- Communicate with you;
- Screen our orders for potential risk or fraud; and
- When in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address, and matching of address and other metrics), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).
With your permission and/or where permitted by law, we may also use your personal data for marketing purposes, which may include contacting you by email and/or telephone and/or text message and/or post with information, news, and offers on our products. You will not be sent any unlawful marketing or spam. We will always work to fully protect your rights and comply with our obligations under the Data Protection Legislation and the Privacy and Electronic Communications (EC Directive) Regulations 2003, and you will always have the opportunity to opt-out. We do not share your personal data with third-parties for marketing purposes. If we were to ever offer this, we will always obtain your express opt-in consent before sharing your personal data with third parties for marketing purposes and you will be able to opt-out at any time.
9. SHARING YOUR PERSONAL INFORMATION
10. BEHAVIOURAL ADVERTISING
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page here.
You can opt out of targeted advertising by using the links below:
Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal here.
11. DO NOT TRACK
Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser.
12. DATA RETENTION
We will not keep your personal data for any longer than is necessary in light of the reasons for which it was first collected.
When you place an order through the Site, we will maintain your Order Information for our records unless and until you ask us to delete this information.
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only. If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
15. SHOPIFY & KLAVIYO
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers. For more insight, you may also want to read Shopify’s Terms of Service or Privacy Statement.
17. THIRD-PARTY SERVICES
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. As above, when you enter your credit card information on checkout, the page and payment gateway are hosted by Shopify using encrypted 128-bit secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, our payment gateway follows all PCI-DSS requirements and implement additional generally accepted industry standards.
20. AGE OF CONSENT
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
We may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection.
22. HOW DO I CONTACT YOU?
To contact us about anything to do with your personal data and data protection, including to make a subject access request, please use the following details – Privacy Compliance Officer:
Email address: firstname.lastname@example.org
Telephone number: +44 203 885 2223.
Postal Address: MayfairSilk Ltd, Lansdowne House, 57 Berkeley Square, Mayfair, London, W1J 6ER, UK.