Little Things by Lucy are dedicated to safeguarding your privacy online. We will only collect, store and use your personal information for specific purposes as outlined below in accordance with GDPR. We use your personal information to support and develop our connection with you. We will never share your personal data to 3rd parties unless required by law or part of the processes as set out below and your data is always protected. You may contact Little Things by Lucy at any time with any privacy queries or concerns and to see the personal data you have given us and request modification.
Personal data means any information relating to an identified or identifiable natural person. This can include name, email address, address, photographs (where relevant) and much more.
When you purchase from our Etsy/Amazon/Facebook or Little Things by Lucy shops, we ask for data such as your name, e-mail address, billing address, and contact details. Little Things by Lucy keeps a record of this information for tax purposes and for ensuring we fulfil our contract with you.
We will only use images of our designs which include your photos on our websites, social media and marketing if you are happy for us to do so. We will ask for written consent first.
The personal information we hold from purchases or custom order requests is what customers provide to us when on our selling platforms.
We share it with nobody, however it is stored on relevant systems such as cloud systems, Google Drive, Couriers (to pass addresses to), and accountants which are GDPR compliant. If we are required by law to share any information, we will check with each party concerned to ensure they are happy for that to happen. An example of this would be if HMRC requested an audit.
We store sensitive data for as long as customers remain active clients. CE Marking records are kept for 10 years as a requirement by law. Information required for tax and legal requirements are held for 7 years as a requirement by law.
We keep a record of any orders you make from us, so we can help to deal with any enquiries or problems you may have in the future, and so we can ensure that any information that we send to you is appropriate. Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
We keep a record of any e-mail communication you send us, so we can track any problems or concerns you’ve had.
We may process information you submit to us when you contact us for the purposes of ensuring we answer your query effectively.
Little Things by Lucy kindly request that you do not supply any other person’s personal data to us, unless required by law or you have their explicit consent to do so.
Little Things by Lucy stores email addresses from customers and potential customers who have opted in for our newsletter via Mailchimp, Privvy, iZettle, Facebook or in person. If you have opted in for this service you will receive occasional newsletters with information about our products and offers. Your email address may also be used to form data for our own personal advertising campaigns on Facebook or Instagram. You can ask to be removed from this list at any time by emailing email@example.com
When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
HOW WE USE YOUR PERSONAL DATA
All the data we gather through communication with you is used to operate and expand the service we offer you and to personalise our service. How we use your personal data is dependent on the legal basis for processing your data. We are dedicated to using your personal data only for:
1. Processing your orders correctly.
2. Reviewing our systems
3. Providing you with information about the services we offer.
LEGAL BASIS FOR PROCESSING DATA
Little Things by Lucy’s lawful basis for processing data are:
Legal Obligation – tax purposes.
Contract – customers that place an order with Little Things by Lucy.
REQUESTING YOUR INFORMATION
If you would like to review the data you have provided to us because you feel that what we presently have on record is incorrect, and/or you would like your data erased from our records, you can so do by contacting us using the emailing firstname.lastname@example.org
Under GDPR you have a right to be forgotten, to withdraw your consent, to change information we hold about you, and to restrict processing. You have a right to complain to the ICO if they think there is a problem with the way we are handling your data.
Little Things by Lucy are more than happy to comply with this in accordance with the law.
Please note that if you withdraw consent for images of products which include your photographs to be used at a later date (which you previously gave consent for us to use)- we can remove them from our websites but we may not be able to remove them from sites such as Pinterest where others may have already saved and shared the images.
HOW WE PROTECT DATA
You recognise that the Internet is not a 100% secure platform for communication and, accordingly, we cannot guarantee the security of any data you send to us (or we send to you) via the Internet. We are not responsible for any damages which you, or others, may suffer as a result of the loss of confidentiality of such information.
We take every precaution to safeguard your information. All personal data stored by us is kept on a server in a secure environment. The computer on which data is accessed on is password protected, data held in the cloud is password protected and held on encrypted systems and third-party software have their own security systems.
The risks of a breach are minimal due to the precautions mentioned above being taken, and close monitoring is undertaken to ensure security systems are always up to date. Breaches will be identified, reported, managed, and resolved according to the ICO guidelines.
How you can help us protect your data
Please bear in mind that whenever you willingly divulge personal data online in nonprotected situations – for example on message forums, through email, or in chat spaces – that data can be collected and used by others. In short, if you post personal data online that is accessible to the public, you may receive unsolicited communications from other parties in return. Also remember to close your browser window when you have finished using the computer. This is to ensure that others cannot access your personal data and communications. If you share a computer with someone else or are using a computer in a public place like a library or Internet café. We cannot confirm or warrant the security of any data you communicate to us, and you do so at your own risk. Once we receive your communication, we make our best effort to ensure its security on our systems.
Sharing with social networks
If you use the badges that allow you to share products and content with your friends via social networks like Twitter and Facebook, these companies may set a cookie on your computer memory. Find out more about these here:
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
Payments on this site are made via Paypal. For more insight, you may also want to read our Terms of Service here.
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
By visiting this website with your browser settings adjusted to allow cookies, you are consenting to Little Things by Lucy using cookies for the purposes described below to provide you with a fully efficient shopping experience.
Please note: to make full use of the Little Things by Lucy website and to benefit from a selection of personalised features, your computer, tablet or mobile phone will need to be set up to accept cookies.
• The data we collect through these cookies is solely to improving our website and your browsing experience – it is never used to identify you and we would never share or sell on this data.
A cookie may be either “persistent” cookies or “session” cookies. A persistent cookie is stored by the browser and remains until an expiry date, unless deleted by the user before the expiry date. A session cookie is temporary and expires at the end of the user session or when the web browser is closed.
Cookies do not normally contain any personal information.
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
FOR MORE INFORMATION
If you would like more information please get in touch
Lucy Murray, 63b Union Street, Newport Pagnell, MK168ET
The information above can also be used to contact our Data Protection Officer.