Latest Policy Update: 28/05/18
About This Policy
We hope you take the time to read this policy. It is important to check back often for updates. If we make changes we consider to be important, we will let you know by placing a notice on the relevant Service and/or contact you using other methods such as email.
What Personal Data We Collect & Why
We collect information about you when you send us an email, leave comments or submit a request form but only for the purposes of carrying out our contracted service or contacting you with a reply as requested. This information may include, but is not limited to, your name, e-mail address, phone number, credit/debit card details and any other details as might be requested from you for the purpose of registration and/or continued use of our Services.
We may also collect information from you if you request information or customer support.
When you send us a contact form request, that information is used solely for the purposes of replying to your message. The contact form software we use records your data in our website database so it can send us a notification of your correspondence. Emails are retained on the database for a period of two months, after which they are deleted.
When you purchase a product from us we gather some personal information about you – your name, email address, billing address, shipping address and the method of payment you use as well as the amount you paid, you may also add your telephone number to make it easy for us to reach you but that is optional. If you register an account this information is held within your account and allows you to see the history of your orders from https://valerieosborne.com/my-account. We need to keep this information on file for taxation and reporting compliance and so we know that you have paid for your product.
We do not hold any payment information or details on this website – we use the third party payment services Paypal and Stripe and both use secure offsite payment methods and we use an SSL security certificate to secure any information transmission to and from our website.
When you signup to our newsletter, we request your first name and your email address so we can send you news, updates and marketing materials that we feel are of benefit to our clients and audience. We absolutely never share your data with any third parties and you will always be able to unsubscribe easily, using the unsubscribe link at the bottom of every newsletter email.
When visitors leave comments on the site, we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
Visitor comments may be checked through an automated spam detection service.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
What Rights You Have Over Your Data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
How We Keep Your Data Safe
Our website uses an SSL certificate which protects data as it is transferred from computer to computer. SSL is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers.
Our website and databases are hosted on a server in the EU with Siteground, who are fully compliant with GDPR regulations. Our website is kept up to date, manually reviewed on a weekly basis and protected by robust security tools, to defend it against hacking, phishing or any unauthorised entry.
What We Will Do In Case Of A Data Breach
Under General Data Protection Regulation (EU) 2016/679 if the personal data that you store about you has been compromised in any form we will report the breach to the DPC (Data Protection Officer) within 72 hours.
We have procedures in place to detect, report and investigate a personal data breach and will comply with these and review them on a regular basis.
If a data breach is likely to bring harm to you the ‘individual’ (such as identity theft or breach of confidentiality) you will also be notified.