Cookies & Privacy Notice
Charmed Cards & Crafts are committed to comply with
the General Data Protection Regulation and the Data Protection Act
2018. Looking after the personal information you share with us is of
utmost important to us, and we want you to be confident that your
personal data is kept safely and securely and to understand how we
use it.
Important Factors for your
Security and Data Protection:
-
Charmed Cards & Crafts do not
operate registered accounts. What this means is that
no data is ever kept on the server, and none of your personal
data is accessible externally.
-
-
Charmed Cards & Crafts do not
collect credit card details on our website. We are
fully PCI DSS compliant, and all card payments are handled by
Lloyds Cardnet via SagePay or PayPal. Transfer to both are sent
via encrypted transmission using the very latest technology.
-
-
Mailing List
is subscribers only. We do not
send out annoying newsletters just because you have once placed
an order with us. Instead we have always operated a strict
opt-in, opt-out mailing list, from which you can easily opt-out
anytime you want to. Thus every single person on our mailing
list is there because they want to be. You can rest assured
that Charmed Cards & Crafts would never share your details with
anyone else, your privacy is a top priority.
-
-
Site Security.
Every single part of our website is protected by a secure socket
layer; this means that is is extremely unlikely that any part of
the page is intercepted between us and you, this security is
attested by the secure sign in your browsers address bar, and
also on our website on each page via the "GeoTrust" icon.
Our site is also monitored on a daily basis by "SiteLock" and
the results is displayed on every page via the "SiteLock" icon.
Both can be seen under the "Shop Securely" heading on each page.
When you buy goods from us, you are entering into a
contract with us. In order for us to get your products to you we
will ask you to provide some personal information, which is;
- full name
- address (and shipping address) - Cardholders name and
address is also checked to ensure it is indeed registered to the
card you are using, for your protection.
- contact numbers - in case we need to get in touch quickly
about a problem with your order
- email address - to send order, and shipping confirmations.
Data Protection says that we are allowed to use and
share your personal data only where we have a proper reason to do
so. The law says we must have one or more of these reasons and these
are:
- Contract - your personal information is processed in order
to fulfil a contractual arrangement e.g. in order to send you
your order.
- Consent – where you agree to us using your information in
this way.
- Legitimate Interests - this means the interests of Charmed
Cards & Crafts in managing our business to allow us to provide
you with the best products and service in the most secure and
appropriate way e.g. to notify you of order status updates (such
as "shipped"); supply marketing communications such as new
products, special offers and competitions etc, as well as
providing the appropriate details to our delivery partners, e.g.
Royal Mail, in order for them to deliver your parcel.
- Legal Obligation – where there is statutory or other legal
requirement to share the information e.g. when we have to share
your information for law enforcement purposes.
- Delivery Partners
In order for you to receive your goods, Charmed Cards & Crafts works with a number
of delivery partners. Again, we only pass limited information to
them in order to ensure delivery of your items.
- Mailing List:
We work with
EmailContact who help us manage our electronic
communications with you. Again, only limited information is
passed to them to ensure the delivery of email.
- Payment processing
Charmed Cards & Crafts works with trusted third party payment
processing providers in order to securely take and manage
payments, namely LLoyds Cardnet, Sagepay, and PayPal.
You are entitled to request the following from
Charmed Cards & Crafts, these are called your Data Subject Rights
and there is more information on these on the Information
Commissioners website
www.ico.org.uk
- Right of access –to request access to your personal
information and information about how we process it
- Right to rectification –to have your personal information
corrected if it is inaccurate and to have incomplete personal
information completed
- Right to erasure (also known as the Right to be Forgotten) –
to have your personal information erased.
- Right to restriction of processing – to restrict processing
of your personal information
- Right to data portability - to electronically move, copy or
transfer your personal information in a standard form
- Right to object - to object to processing of your personal
information
If you have any general questions about your rights or want to
exercise your rights please contact us.
You have the right to lodge a complaint with a data protection
regulator in Europe, in particular in a country you work or live or
where your legal rights have been infringed. The contact details for
the Information Commissioner’s Office (ICO), the data protection
regulator in the UK, are available on the ICO website
www.ico.org.uk where
your personal information has or is being used in a way that you
believe does not comply with data, however, we encourage you to
contact us before making any complaint and we will seek to resolve
any issues or concerns you may have.
COOKIES
When you allow cookies to be activated it simply means that a
small file is placed on your own device, containing information that
will help you when you visit again, i.e. your name and address
details could automatically be filled in for you because your own
browser recognises the site via the cookies.
In a nutshell we use cookies:
- To recognise the device that you are using.
- To store the content of your online shopping bag whilst you
browse the site and to complete an order.
- To automatically fill your name and address details if you
have ticked "remember me on this computer"
- To check whether you have received our cookie notice, so
that you only ever see it once.
- For analytical purposes.
-
So what exactly are cookies?
First, and contrary to popular belief, cookies are
NOT programs. They don’t do anything at all. They are simple ’text
files’ which you can read using the Notebook program on your own PC.
Typically, they contain two pieces of information: a site name and
unique user ID.
When you visit a site that uses cookies for the first time, a
cookie is downloaded onto your PC. The next time you visit that
site, your PC checks to see if it has a cookie that is relevant
(that is, one containing the site name) and sends the
information contained in that cookie back to the site. The
site then ’knows’ that you have been there before, and in some
cases, tailors what pops up on screen to take account of that
fact. For instance, it can be helpful to vary content according
to whether this is your first ever visit to a site – or your
71st.
Some cookies are more sophisticated. They might record how
long you spend on each page on a site, what links you click,
even your preferences for page layouts and colour schemes.
They can also be used to store data on what is in your
‘shopping cart’, adding items as you click. The
possibilities are endless, and generally the role of cookies
is beneficial, making your interaction with
frequently-visited sites smoother - for no extra effort on
your part. Without cookies, online shopping would be much
harder.
Are cookies safe?
Yes. The information stored in cookies is safe and
anonymous to any external third party, and your security is
never compromised. You can find more information about
cookies at
http://www.allaboutcookies.org/ and
www.youronlinechoices.com/. For a video about cookies
visit
https://www.google.com/intl/en-GB/policies/technologies/cookies/
References:
Lloyds Cardnet PCI DSS Compliance
BBC
WebWise
http://www.allaboutcookies.org/
www.youronlinechoices.com/.
|
