Data & Privacy Policy

This policy sets out how fripperies & bibelots uses and protects information that you give when you use this website.

fripperies & bibelots takes your privacy seriously and in ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, it is wholly in accordance with this privacy policy.

This policy is effective from 25th May 2018 in compliance with GDPR legislation.

We may hold information about you as a newsletter subscriber and/or as a customer. Because there is a different legal basis for each of these groups, they are explained separately here, even though both may apply to you.

1. WHY WE NEED YOUR DATA

Newsletter Subscribers

If you have subscribed to the newsletter sent via the Mail Chimp sign-up link (which is double opt-in and GDPR compliant), we need your personal data to keep you up to date with our products and projects. We will not collect any personal data that we do not need to provide this service. The legal basis for our holding this data is that you have given us your consent for the purpose of marketing.  There is an unsubscribe link at the bottom of every newsletter sent via Mail Chimp should you wish to stop receiving emails.

Customers

If you have bought from our online store, we need your name and address to ship your order to you and your email address to contact you in the event of a query with your order and to notify you of when it has been fulfilled. 

The email address you supply for any order will ONLY be used to update you or contact you about the status of your order, it WILL NOT be used to send you any marketing or newsletters unless you specifically sign up to the newsletter service HERE. This is also true for any email address you use to create an account on the website that will enable you to checkout quicker.  This is classed as 'legitimate interest' for the purposes of fulfilling our contract and part of our legitimate business activities.

We hold your IP address to help us with fraud prevention as it helps us to see whether an order has been made from a different territory from the billing address.

2. WHAT DATA DO WE COLLECT AND HOLD?

Newsletter Subscribers

When you subscribe, you give us your name and email address. Using tools supplied by Mail Chimp, our newsletter service, we also collect information about your activity once you have received the email. This includes whether you have opened the email and which links within the email you have clicked.

Customers

Online shop customers provide us with their name, email address, a shipping and billing address and, sometimes, a telephone number.  The shop is run on the Shopify platform.  Shopify also collects the IP address from which the order is made. We will also retain information on the number of orders, the value of those orders, the number of visits you have made to our shop (using your IP address), the referral website or link that brought you to our site, if applicable. 

3. WHAT WE DO WITH YOUR DATA

We process personal data in the UK, however for the purposes of IT hosting and maintenance, this information is located on servers within the EU. Your data will not be shared with 3rd parties unless the law allows or requires it. For example, data held by Shopify International Ltd, based in the Republic of Ireland may be transferred via legal mechanisms approved by the EU, USA and Canada from the EU to Shopify in the USA and Canada.

We use Shopify as an e-commerce platform to receive and process orders. You can find their privacy policy here.

We use PayPal as an accepted payment method and use the PayPal Postage service to process your order for delivery. You can find their privacy policy here.

We use Mail Chimp to send marketing newsletters. They have a strong data privacy and security principle and you can find their privacy policy here.

Newsletter Subscribers

We use your personal information to keep you informed of offers in our shop, new products in our shop and to keep you up to date with our projects and activities.

The information we collect as a result of analysing the activity of subscribers is used to help us to judge the relative success of a newsletter. The type of questions we look to answer include: What percentage of recipients opened the newsletter and was it above or below our average? If we were promoting a particular product, what proportion of newsletter subscribers looked at the product and ultimately bought it?

We also use this activity information to help us to personalise newsletters.

Customers

We store your information to allow us to comply with tax laws.

We use your address and email contact details to fulfil your orders and to communicate with you about your orders. Depending on how your order is shipped, we may share your contact telephone number and email address with the courier service so that you are able to track your package.

We hold your IP address to help us with fraud prevention as it helps us to see whether an order has been made from a different territory from the billing address.

We will use your order history, location etc. for the purpose of statistical analyses, both automated through the software we use and through our own analyses. This allows us to look at trends and decide how we can provide the most attractive products and services.

Payment
Payment is processed via PayPal Express Checkout.  Your payment details, other than your billing and shipping addresses, are never visible to us.  PayPal Express Checkout is compliant with and encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). 

4. HOW LONG WE KEEP YOUR DATA

Newsletter subscribers

We will hold and use your information until you tell us you would like to unsubscribe, or for us to delete your information.  An unsubscribe link is available at the bottom of every newsletter email sent.

Customers

We are required under UK tax law to keep customers’ basic personal information for a minimum of 6 years after a transaction, after which time it will be destroyed. Your information we use for marketing will be retained until you notify us that you no longer wish to receive this information, at which point we will delete your data.

5. LINKS

When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.

6. SECURITY

To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.

7. COOKIES

 

Cookies are small files which are placed on your computer's hard drive. Cookies help this website to analyse traffic and visitors and help our site respond to you as an individual.

We occasionally use Google Analytics for a general overall picture of where users are located in the world, which pages they're looking at and which type of  device they're accessing the website from.

8. AGE OF CONSENT

By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given your consent to allow any of your minor dependents to use this site.

9. YOUR RIGHTS

If at any point you believe the information we process on you is incorrect you can request to see this information and have it corrected or deleted. If you wish to raise a complaint on how we have handled your personal data, please contact us at hello@fripandbib.com

If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office https://ico.org.uk/