Who We are
Dandelion Wishes – handcrafted jewellery, keepsakes & Gifts. Our website address is: https://www.dandelion-wishes.co.uk
At Dandelion Wishes we take data protection seriously and are dedicated to safeguarding your data. We only collect, store and use any personal information provided to us for the purposes outlined below and in accordance with the General Data Protection Regulations (GDPR). This policy provides you with an outline of our policies regarding the collection, use and disclosure of your data when you use our services or visit our website (www.dandelion-wishes.co.uk). By using our website, you are agreeing to the terms set out in this policy.
Upon your request and expression of consent Dandelion Wishes may process your Personal Data because:
• We need to perform a contract with you
• You have given us permission to do so
• The processing is in our legitimate interests and it’s not overridden by your rights
• For payment processing purposes
• To comply with the law
Your data is not used for any other purposes or shared with third parties. It is removed upon your withdrawal of consent or your request to terminate theses services.
What Information we collect, how we collect it and how will we use it?
You directly provide Dandelion Wishes with most of the data we collect, such as when you:
Register online or place an order for any of our products or services.
If you place an order with us or request one of our services we will collect data relating to your purchase of goods and/or services such as your title, name, billing address, delivery address, email address, telephone number and purchase details. We collect this data in order to fulfil our obligations to provide you with the goods/services that you have purchased. We will keep a record of such transactions. Our lawful grounds for processing this data is to fulfil our contractual obligations that we have entered into with you.
Sign up for a newsletter or complete a customer survey or provide feedback on any of our message boards or via email.
We may collect information from you and process your data when you visit our website, for example when you place an enquiry via the contact form, when you email us, message us and/or comment via social media. The lawful grounds for this processing is legitimate interest in order to respond to any communication that you send us, as well as keeping records of such interactions, or to pursue or defend any legal claims.
Use or view our website via your browser’s cookies.
When you visit our website, as well as any contact details that you may leave, we may also collect and store data, such as your IP address, information about the browser that you are using, details of page views, length of time visiting pages on our website, navigation paths and information about the devices you use to access our website. This information is captured by our analytics system and we process this data to ensure that we provide you with relevant content, to maintain back-ups of our website and databases, to keep our website secure, to enable us to effectively administer our website, as well as gaining an insight into the effectiveness of our marketing. The lawful basis for processing this information is legitimate interest in order to maintain our website and grow our business through effective marketing.
Marketing and analytics
Our company would like to send you information about products and services of ours that we think you might like. We do not share this data with any other partner companies. If you have agreed to receive marketing from us you may always opt out at any time.
We may use your data to send marketing communications to you via email. We will only send marketing emails to you if you have requested to receive such information by signing-up to our mailing list via the website. You can ask us to stop sending you marketing communications at any time, by emailing: email@example.com or by clicking the ‘unsubscribe’ links on any marketing emails sent to you. If you opt-out of receiving our marketing emails, this opt-out does not apply to personal data provided as a result of purchasing our goods/services.
We may also use this data to measure the effectiveness of our marketing campaigns. The lawful basis for processing this information is legitimate interest to allow us to grow our business.
Our website uses a Google Analytics, a service which transmits website traffic data to Google servers in the United States and allows us to analyse usage trends in order to improve the user experience on our website. Google Analytics processes personal data such as: the unique User ID set by Google Analytics, the date and time, the title of the page being viewed, the URL of the page being viewed, the URL of the page that was viewed prior to the current page, the screen resolution, the time in local time zone, the files that were clicked on and downloaded, the links clicked on to an outside domain, the type of device, and the country, region, and city.
You may opt out of this tracking at any time by activating the “Do Not Track” setting in your browser.
All the data we gather via our website or through communication with you is used to operate and expand the service we offer you and to personalise our service. How we use your personal data is dependent on the legal basis for processing your data. We are dedicated to using your personal data only for:
1. Processing your orders correctly
2. Development and expansion of the business, including examination of customers’ shopping behaviours, measurement of advertisements and product style preferences of our customers
3. Technical management of our website
4. Reviewing our systems
5. Providing you with information about the services we offer
6. Letting you know about offers and news
Who will have access to your information?
We will never share or sell your personal information to any third party for marketing or any other purposes. However, there may be times when we need to share your information with third parties in order to fulfil our obligations. These include:
• Third parties who we work with to provide IT and system administration services.
• Third party payment providers who specialise in secure online payment (e.g. Stripe, PayPal).
• Third party suppliers that we work with in order to fulfil our contractual obligations with you (e.g. Royal Mail and mail other delivery companies).
• Third party marketing providers such as Mail chimp who we use for data collection (via the sign-up form on our website), for storing your personal data within our account, in order to allow us to send you marketing emails that you have requested to receive.
• Professional advisers such as accountants, lawyers, bankers, auditors, insurers.
• Government bodies that may require us to report to any processing activities to them.
We require all third parties that we work with to respect your data privacy in line with current legislation and we only allow your data to be processed for the specified purpose and in accordance with our instructions.
How long will we keep your information for?
We will hold on to your information for as long as is deemed necessary for the relevant activity. We are bound by legal and statutory obligations to keep records for a certain amount of time e.g. for tax and accounting purposes. If you have consented to receive marketing communications from us, we will keep your details until you request otherwise. We may anonymise your data to carry out research about our business, in which case we may use this information indefinitely without further notice to you.
How do we keep your data secure?
We recognise that you might be worried about security when using your debit/credit card to make payments on our website. Secure server software encrypts all your personal information, including name, address and credit card details before it leaves your computer. We make use of the highest quality encryption technology available (technically 256 bit SSL encryption). All payment card information is handled by Stripe or PayPal and we do not store your payment card information. We only work with third parties that are fully compliant with The General Data Protection Regulation (GDPR).
The payment processors we work with are PayPal and Stripe, you can read their policies at the following addresses:
What type of cookies do we use?
There are a number of different types of cookies, however, our website www.dandelion-wishes.co.uk uses:
• Functionality – uses this type of cookie so that we recognise you on our website and remember your previously selected preference. These could include what language you prefer and the location you are in.
• Advertising – our company uses these cookies to collect information about your visit to our website, the content you viewed, the links you followed and information about your browser, device and your IP address. We do not share this data with other companies for advertising purposes.
How to manage cookies
• You can set your browser not to accept cookies and you can remove cookies from your browser. However, in some cases some of website features may not function as a result.
What are your data protection rights?
Under the General Data Protection Regulation (GDPR) you have the right to request access to your data, for it to be: corrected, erased, restricted or transferred. You also have the right to object to us processing your data. Where consent to process has been given, you have the right to withdraw this consent at any time.
If at any time you no longer wish to receive marketing communications from us, you can ‘unsubscribe’ immediately by clicking on the link at the bottom of the email that you receive. Alternatively, you can email us and ask us to remove you from our marketing email list or to update your details as necessary. If you opt-out of receiving our marketing emails, this opt-out does not apply to personal data provided as a result of purchases of our goods/services.
If at any point you believe the information we process on you is incorrect, you can request to see this information and have it corrected or deleted. If you wish to raise a complaint on how we have handled your personal data, you can contact us to have the matter investigated. We will not charge a fee for providing access to your personal data, providing that the request is reasonable, not excessive or repetitive. In such circumstances that the request is deemed to be unreasonable, we may charge a fee for your request or refuse to comply with the request. We will always check that we have enough information to be sure of your identity before providing you with access to your personal data and if we have any doubt, we may ask you to provide evidence to confirm identity.
If you make a request, we have one month to respond to you, if you would like to exercise any of these rights, please contact us at our email: firstname.lastname@example.org If you are dissatisfied with our response, or if you believe we are processing your personal data unlawfully, please inform us first so that we can investigate and resolve the issue for you. However, should our response be unsatisfactory, you can complain to the Information Commissioner’s Office https:ico.org.uk