Last updated: October 18, 2019
We respect your privacy and are committed to providing full transparency regarding how we process your personal data, with whom we share this personal data and what rights you have as a data subject.
Unless expressly specified otherwise, any reference to the following words shall have the meaning as defined in Article 4 of GDPR below:
“Controller” – “the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.”
“Personal Data” – “Any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
“Processing” – “Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction”.
“Processor” a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
3. Dana Levin as Data Controller
4. Personal data we collect
We collect the following personal data from you:
- Contact data. Your contact data includes your name, email address, and phone number;
- Account data. Your website user account data includes your username and password;
- Customer Support data. When you send us customer support requests we collect your name, email address and the content of your support request;
- Transaction data. When you place an order, we process your transaction data which includes the items you purchased, date and time of purchase;
- Shipping data. When you place an order you also provide us with the shipping address where you would like the order to be delivered;
- Payment data. When you place an order, we collect your payment data such as your billing address. Please note, if you make payment with your credit card, your credit card data is collected and processed directly by our payment processor. and we do not process any sensitive credit card data;
- Product Review. When you leave any product reviews on our website, we will store your username and the content of your review on our database.
5. How do we use the personal data we collect?
- Contact Data
We use your contact data to contact you regarding your order/enquiries as and when needed. The legal basis for processing this data is the performance of our contract with you.
We will not retain your contact data longer than required for our business purposes. If you have created an account on our website, we will retain your contact data for as long as your account is active. If you subscribe to receive newsletters on our website, we will retain your contact data until you unsubscribe from receiving marketing material. For any orders placed through our website as a guest, without account creation, we will retain your contact data for a period of three years from the date of purchase.
- Account Data
We use your account data to create a user account for you and to enable you to log into your account and view your past transactions as well as conveniently place your orders from within your account. The legal basis for processing this data is the performance of our contract with you.
We will retain your personal data on our record for as long as your account is active. We will remove your personal data from our records three years after the termination of your account unless we are required to retain this data for our compliance with any legal obligations.
- Customer Support Data
We use your support request data to respond to your requests. Our legal basis for processing this personal data is our legitimate interest.
We will only keep support messages and enquiries on our record for a maximum period of two years from the date of last communication with you.
- Transaction Data
We will keep a record of your purchase to deliver our product to you, to address any disputes or issues arising with the purchase and for our own accounting purposes. Our legal basis for processing this personal information is the performance of our contract with you.
Where you have a user account on our website, we retain this data on our records for as long as your account is active. If you do not have an account on our website, we will not keep your transaction history on our record for longer than three years from the date of purchase.
- Shipping Data
We use shipping data to deliver your ordered products to the specified address. Our legal basis for the processing of this data is the performance of our contract.
Where you have a user account, we retain this data on our records for as long as your account is active. If you do not have an account on our website, we will not keep the shipping address on our record for longer than three years from the date of delivery of the product ordered.
- Payment Data
We use the payment data to bill you for your order. Our legal basis for the processing of this data is the performance of our contract.
Where you have a user account on our website, we retain this data on our records for as long as your account is active. If you do not have an account on our website, we will not keep the billing address on our record for longer than three years from the date of purchase.
- Artwork Review Data
We may allow you to review your purchase on our Website. If you leave a review on our website, we may use the content of your review on our website and other social media pages. Please note that your username will be displayed with your review. Please do not share any personal information in public reviews that you do not wish to be publicly visible to others. Our legal basis for processing this data is our legitimate interest.
We will keep your reviews on our website or other social media pages for as long as we are in business unless you specifically request us to remove your review from our website in which case we may continue to use the content of the review by anonymising your personal data.
We use this data to understand how our users use our website, to improve our user experience, for web performance analytics and to serve relevant advertising to you. Our legal basis for this processing is your consent which you grant us when you continue to use our service by accepting our cookies.
In addition to the abovementioned legal basis, we may also retain any personal data that we collect for our compliance with our legal obligations, court order, or to assert our legal rights or defend any claims. Where we request your consent to the processing of your personal data, you may withdraw your consent at any time. Please visit ‘Your Rights’ section to learn more about your data rights.
How to block cookies?
You can choose to accept or reject cookies by changing your browser settings at any time as well as delete cookies. To learn more about how you can manage cookies on your browser, please visit the applicable browser links provided hereunder:
Please note that if you block cookies, you may be unable to access some parts of our website and it may result in poor user experience.
To learn more about how to delete cookies, please visit https://www.aboutcookies.org/how-to-delete-cookies/.
7. Sharing your personal data
We do not sell or rent your personal data to any third party. We may disclose your personal data as described hereunder:
- We may share your personal data with service providers that we engage to perform services on our behalf. Please note the service providers we engage are not authorised to disclose your personal data to any third party unless required by law or during the course of performance of services on our behalf.
- We reserve the right to disclose your Personal data when required to do so for our compliance with any applicable laws and upon reasonable requests of any government bodies or regulatory authorities.
- We may share your personal information to enforce our contractual or other legal rights arising out of our Agreement with you.
8. Your Rights
The General Data Protection Regulation grants users who are in the European Economic Area at the time their personal data is processed certain data rights. If you are in the EEA, you may exercise the following rights:
- Your right to access and/or edit your personal data
If you wish to access and/or edit your personal data that we process, please contact us at [email protected], and we will respond to your request within 30 days.
- Your right to be forgotten
If we do not have any valid legal basis for processing your personal data, you may request deletion of your personal data by contacting us at [email protected].
- Your right to withdraw consent
Where we use consent as the legal basis for processing your personal data, you have the right to withdraw your consent anytime by giving a written notice of your withdrawal at [email protected].
- Your right to file a complaint with a supervisory authority
If you believe that our processing of your personal data is infringing your rights as a data subject, you have the right to file a complaint with a supervisory authority responsible for data protection in your country (if you are living in EEA). You can find your Data Protection Authority here.
9. Transfer of data
10. Security of data
We protect and store your personal data using state of the art security measures including encryption to reduce the risk of any data breach by complying with the principles of data minimisation. Please note that despite our best efforts, there may be security vulnerabilities that we are not yet aware of, which is why we are unable to offer any guarantees of security.
11. Third-party website links
12. Protection of Children’s Privacy
We do not target our website at anyone under the age of eighteen (18) years (“Children”). If you are the parent or legal guardian of a Child who you believe has provided us with his/her personally identifiable information, please contact us at [email protected].
13. Do Not Track (‘DNT’ )
Our website currently does not respond to any DNT signals.
15. Contact Us