Privacy and security
Hoxa Tapestry Gallery will only use the information that we collect about you lawfully in accordance with the Data Protection Act 1998 and in compliance with current General Data Protection Regulations. Subject access rights mean that you have the right to know what data we keep about you. Please contact us if you have any problems with how we hold or use your data:
Data/personal information we collect from you
If you wish to make a purchase within our online shop, we require your name, postal address and e-mail address to fulfil the order.
By placing an order and supplying us with the necessary personal details to complete the order you are consenting to our collecting of this information and using it for this specific reason only.
What do we do with your information?
The information you give to us (name, address and e-mail) is used to complete your order. We will only ever contact you through your e-mail address if there is a problem with the order you have placed with us e.g. incomplete address, unforeseen delay, product out of stock.
Your personal information is never used for mailing lists, newsletters or passed on to a third party for advertising or marketing purposes. Your details are only disclosed to a third party when necessary to fulfil your order e.g. through postage/courier service or if we are required to by law.
How long do we keep your information for?
Your contact details are only kept on our system for 6 months after your order is complete and are then removed from our server. This also applies to any e-mail enquiries made through our website. Please be aware however that all information regarding your orders on paper are stored for six years per accounting regulations and kept in a secure location.
Hosting and platform services
Our website is held under SSL (Secure Socket Layer, an “https” address) making it a secure site. The hosting company has high standard security measures in place.
How is personal data stored?
If you place an order with us, your personal details are stored through WooCommerce’s data processing and databases. They are stored on a secure server behind a firewall.
Our e-mail is powered by Mozilla Thunderbird, a third party e-mail provider, and correspondence is stored in a password protected account.
We will never see your credit/debit card details in financial transactions as this information is securely processed through Paypal, a third party payment gateway, using encryption technology. If you would like to read through Paypal’s privacy statement to see how they handle data, you can do so here: https://www.paypal.com/uk/webapps/mpp/ua/privacy-full
Please be aware that although we do our best to ensure our website and your shopping experience is safe, we cannot guarantee absolute security of data sent over the internet. Transmission of information over the internet is inherently insecure so please be responsible when using it. It is important to keep the password for accessing our online shop confidential. We do not ask for your password other than to log in to the website for making an order.
If you choose to order over the telephone, all bank card details and addresses are shredded immediately once the transaction is complete.
How can I change or delete personal information?
If you create an online account with us when placing an order, you can login at any time and amend your personal information. If you are unable to do this, or would like your information to be deleted, please contact us and we will either amend your data on your behalf or delete it as requested.
If you are otherwise unhappy with the way in which we hold or have handled your data, please contact us. Your complaints will be addressed as early as possible and within one month. If you feel we have not been able to sort it out satisfactorily, you have the right to lodge a complaint with the ICO.
Policy last updated: 24th May 2018