Privacy policy

Privacy Statement for Hannah Collins art website. In accordance with the General Data Protection Regulation (GDPR) that comes into force in May 2018 We present our Privacy Statement, on account that this system holds personal information supplied by you.
Terms used in this statement: ‘We’, ‘Our’, ‘Us’ – Hannah Collins or anyone who represents her and/or her art business.
Personal Data: means information that can be associated with an identified or identifiable person. “Personal Data” can include name, postal address (including billing and shipping addresses), telephone number, email address, financial account information, account number, and date of birth. Personal Data does not include information that does not identify a specific user.
Non Personal Data: means information that web browsers and servers typically collect, such as the IP address, browser type, language preference, referring site, Country of origin and the date and time of each visitor request.
Process: describes any method or way that we handle Personal Data or sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, and consultation, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of Personal Data.
User / Visitor: means you or anyone else who has established a relationship with Us (for example, by opening an Account) or otherwise uses the Services or accesses the Site(s).
Your privacy is extremely important to us.We have a few fundamental principles: We don’t ask you for personal information unless we truly need it. (We too don’t like services that ask you for things like your gender or income level for no apparent reason.) We don’t share your personal information with anyone except to comply with the law, develop our products, or protect our rights. We don’t store personal information on our servers unless required for the on-going operation of one of our services. We aim to make it as simple as possible for you to control what’s visible to the public, seen by search engines, kept private, and permanently deleted.
Below is our Privacy Policy which incorporates these goals. This privacy policy covers all aspects of our site. If you have questions about accessing or correcting your personal data please contact Hannah Collins (Data Controller)
It is Our policy to respect your privacy regarding any information we may collect while operating our website. Website Visitors Like most website operators, We collect Non Personal data of the sort that web browsers and servers typically make available. Our purpose in collecting this information is to better understand how our visitors use our website. Gathering of Personal data Certain visitors to Our website choose to interact with Us in ways that require Us to gather personal data. We collect such information only insofar as is necessary or appropriate to fulfil the purpose of that visitor’s interaction with Us. We do not disclose personal data other than as described below. Visitors can always refuse to supply personal data, with the caveat that it may prevent them from engaging in certain website-related activities.

Aggregated Statistics We may collect statistics about the behaviour of visitors to our website. For instance, we may monitor the most popular pages on our site or use spam screened by our filters to help identify spam. Protection of Certain Personal data we do not disclose any non personal data and / or personal data. We will not rent nor sell non personal data and personal data to anyone. We disclose non personal data and personal data only when required to do so by law, or when we believe, in good faith, that disclosure is reasonably necessary to protect Our property or rights, third parties, or the public at large. We take all measures reasonably necessary to protect against the unauthorised access, use, alteration or destruction of non personal data and personal data. We also may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements. We acknowledge that all individuals have the right to access the personal information/data that we maintain about them. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct their query to the Data Controller. If requested to remove data, we will respond within a reasonable timeframe, not to exceed one week.

Cookies: A cookie is a string of information that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns. We use cookies to help identify and track visitors, their usage of this website, and their website access preferences. Visitors who do not wish to have cookies placed on their computers should set their browsers to refuse cookies before using this website, with the drawback that certain features of this website may not function properly without the aid of cookies. Adverts From time to time we may place adverts for third party organisations that support us financially, clicking through to their sites will transfer the onus of data protection for any data entered onto their site to them. Privacy Policy Changes Although most changes are likely to be minor, We may change this Privacy Policy from time to time, and at Our sole discretion. We will notify clients by a banner or similar on the site when making changes.
Data held Data collected by Us is stored in two different locations based on the purpose. A. This website B. Credit Card processing – Stripe Information held by Us – This website 1. First name 2. Last name 3. Address (shipping) 4. Email address 5. Telephone number (shipping) 6. Date and time of order (shipping) 7. Customer IP Address (shipping) This counts as “Personal data”. There is no “Sensitive personal data” requested or held by Us. Information held by Stripe (Credit card processing provider) 1. Name 2. Email Address 3. Credit card – Expiry date 4. Credit card – last 4 digits 5. Credit card – provider 6. Credit card – country of issue 7. Credit card – type of card 8. Transaction date and time NOTE: Stripe does not record the security number on the rear of the card (CVC) nor the expiry date. The details retained by Stripe cannot be re-used in another transaction. Transactions take place over a secure, encrypted connection (HTTPS), as indicated by the ‘padlock’ symbol in the browser address bar.

Your rights Under the GDPR you have rights over the storage of your data. These are detailed and answered below, in the context of this sites function.
• The right to be informed This privacy statement is the transport to inform you that your information is held on this system. This data is protected by a number of techniques to prevent it being revealed to unauthorised individuals and organisations, either via the internet or by direct access to the server equipment. This data is backed up, so to allow disaster recovery of this site. The backup data is held on a separate system, which is itself secure by a number of techniques. Please contact us if you wish to invoke any of the following rights. We reserve the right to confirm your identify before releasing any information. • The right of access You have the right to inspect your personal data that We hold.
• The right to rectification You have the right to request rectification of errors or inaccuracies in the personal information held by Us.
• The right to erasure You have the right to request total erasure of your personal information from Us.
• The right to restrict processing You have the right to restrict the processing of your personal data. In the context of this site this means that you wish that the system does not send you email information but you do not wish for your personal information to be erased from this site.
• The right to data portability You have the right to be supplied with your personal data for reuse by you in whatever manner you see fit.
• The right to object You have the right to object to how your personal data is used by this site.
• Rights in relation to automated decision making and profiling. This site makes no automated decisions based on analysis of your personal information. This site does not conduct any profiling of your personal information.
For reference you may wish to visit the ICO website that gives guidance to the GDPR. You can view this by clicking here.
GW 10/04/18 – for Hannah Collins Art. GW updated 20/04/18 – added details regarding on-line shopping.