Privacy policy

 

Data Controller and Owner:

Rebecca Johnstone

Trading as:

Dainty Dora Surface Pattern Design + Print
South Lanarkshire, Scotland, UK

Contact email: rebecca@daintydora.co.uk

Security of your data:

When you purchase something from this store, as part of the buying and selling process, we collect the personal information you give us such as your name, address, email address and IP address (the latter to comply with the sale of digital goods in the EU and apply the appropriate VAT/taxes, applicable to your geo-location).

We promise not to pass on any private/personal details such as name, address, email, phone number, and if applicable, the details of your purchase, to any third party. This information will be used solely for the purpose of:

• Fulfilling your order

• To communicate with you about your order

• For legal reasons (like paying taxes)

All payment information is managed and secured by external payment transaction providers: Shop Pay, PayPal and ApplePay (depending on your chosen payment method). Payment information is never received, collected or held by us. 

Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.

Data Retention

We retain your personal information only for as long as necessary to provide you with my services and as described here in my Privacy Policy. However, I may also be required to retain this information to comply with my legal and regulatory obligations, to resolve disputes, and to enforce my agreements. I generally keep your data for the following time period: 6 years. In the case of you subscribing to my email newsletter, I hold your information during the course of your subscription, being indefinitely, or until you 'unsubscribe' using the link in the email footer, or contact me to notify me that you wish to unsubscribe.

Website Cookies:

A cookie is a text-only string of information created by a web site on your computer. The web site uses this cookie to identify you when you return to the site.

Session cookies are temporary cookies that remain in the cookie file of your browser until you leave the site. Our cookies cannot harm your computer and do not contain any personal or private information.

Most computers are sold with cookies enabled, but you can set your computer to disable cookies if you prefer. Additionally, we have an opt-out pop-up form embedded in the code of this site, which you can use to opt-out of the temporary session cookies used on this site. Please note that not all elements of this site may work if you have disabled cookies.

The UK rules on cookies are covered by the Privacy and Electronic Communications Regulations and enforced by the Information Commissioner’s Office (ICO). 

Mailing List:

By entering your name/email address into the embedded mailing list sign-up/pop-up form, you are opting in to receive regular updates on our products and services, however you can opt-out at any time by clicking the relevant link in your original sign-up email, any subsequent email received from us, or by contacting rebecca@daintydora.co.uk

Klaviyo is our chosen mailing list integration provider - effective from 20th November 2024 (prior to which it was Flodesk). All personal data given, i.e. name, preferences/interests and email address, are stored securely by Klaviyo. We do not share our mailing list with anyone else.

All details are taken in compliance with UK Spam Laws detailed in the Privacy and Electronic Communications Regulations 2003. All personal details relating to subscriptions are held securely and in accordance with the Data Protection Act 1998. 

Flodesk certify that they follow the principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. 

When we send emails via Klaviyo, we'll sometimes track who opened the emails and who clicked the links. We do that to measure our Email Campaigns’ performance and to improve our features for specific segments of our subscribers. To do this, we include single pixel gifs, also called web beacons, in emails we send. Web beacons allow us to collect information about when subscribers open the email, their IP address, their browser or email client type, and other similar details. We use the data from those Web Beacons to create reports about who has or hasn’t opened emails or clicked links.

Two-factor authentication is enabled on our Klaviyo account to ensure security of access to all information held therein.

In compliance with UK Spam Laws and the Privacy and Electronic Communications Regulations 2003 subscribers are given the opportunity to unsubscribe at any time through an automated system. This process is detailed at the footer of each email campaign.

View Klaviyo's Data Processing Agreement

View Klaviyo's Terms of Service

External Links:

When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.

Your Rights:

If you reside in certain territories, including the EU and the US, you have a number of statutory rights in relation to your personal information. While some of these rights apply generally, certain rights apply only in certain limited cases. I describe these rights below:

• Access. You may have the right to access and receive a copy of the personal information I hold about you by contacting me using the contact information detailed at the start of this policy (email: rebecca@daintydora.co.uk).
• Change, restrict, delete. You may also have rights to change, restrict my use of, or delete your personal information. Absent exceptional circumstances (like where I am required to store data for legal reasons) I will generally delete your personal information upon request.
• Object. You can object to (i) my processing of some of your information based on my legitimate interests and (ii) receiving marketing messages from me after providing your express consent to receive them. In such cases, I will delete your personal information unless I have compelling and legitimate grounds to continue using that information or if it is needed for legal reasons.
• Complain. If you reside in the EU and wish to raise a concern about my use of your information (and without prejudice to any other rights you may have), you have the right to do so with your local data protection authority.

Find out more at the ICO website.

Read our California Consumer Privacy Act (CCPA) opt-out policy.

Your Consent:

While we make every effort to ensure that any personal information we collect from you is kept secure and processed lawfully, the internet is not a totally secure medium. If you do not agree with this policy, you should not submit your personal information on this website.

We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. 

Updates

Updates to our data and privacy policy will be published here. This policy has been fully reviewed and updated in relation to the General Data Protection Regulation (GDPR) in May 2018, and is regularly reviewed and updated to take into account any changes. Last updated November 2024.

Thank you!