Privacy Policy

Heart Of Joy Designs Data Protection & Privacy Statement

Data privacy is of high importance for Heart Of Joy Designs and we want to be open and transparent with our processing of your personal data. We therefore have a policy setting out how your personal data will be processed and protected.

What is the legal basis for processing my personal data?

We require certain information to allow us to provide you with our services. For example, if you ask about our material designs with regard to our clothing designs service, we need to know your name and contact details such as an email address or telephone number so we can facilitate your request. If you do not provide any personal data, we will be unable to facilitate your request or order.

What types of personal data do we collect?

Making contact with Heart Of Joy Designs (e.g. by filling in a contact or quote request form or via an email) will result in the collection, processing and usage of your personal data for the purpose of dealing with your request as well as future inquiries.

Contact Name We will use this to service your enquiry and to ensure we are speaking to the correct person when we make contact.

Contact Company Name (if provided)

Contact Phone Number (if provided) We will use this to service your enquiry, we will call you so we can discuss your enquiry with yourself.

Contact Email We will use this to service your enquiry, we will email details of the product you have enquired about.

Date & Time Stamp Of Enquiry We will use this to service your order and for compliance to ensure we can provide proof of enquiry made.

Other types of personal data we may collect

For us to be able to process your order, we will process the following categories of personal data:

Contact/Card Holder's Billing Address We need this for card verification purposes

Shipping Address We need this so we know where to send your order

Credit/Debit Card Details These are not stored in-house. We currently only accept payment via PayPal.

Order History Details of any past orders you have made with us.

Marketing Preferences i.e. if you have subscribed to one of our newsletters

IP Address IP addresses are stored on log-in attempts (for security breach control).

Comments on Blogs Your name and email address will be collected if you wish to comment on a blog post on our website. 

Company & Product Reviews Your name may be recorded if you wish to email us a review of our business or tell us your thoughts about a product. If you do not wish to have your review posted on our website you have the right to remove it.

Newsletter Sign Up & Marketing Preferences

If you have consented to sign up to our newsletter, we will e-mail you from time-to-time with exciting offers and promotions. This will help you take advantage of savings we may have on a product you would normally order or an item that may be of interest to you. If you do not wish to receive emails regarding promotions, just 'opt out' and you will only receive emails regarding orders that you have placed. Occasionally we may ask you to email us with your opinion on a particular subject, and may publish these comments, if you advise us that you do not wish to have your comment and name published, we will not do so.

Where do we store your data?

Your data is stored on our secured server hosted by Freewebstore in the UK and securely within the company’s internal network.

• - Protected by SSL security
• - Server is setup with protection in mind as it does not broadcast its details and known vectors are shutoff.
• - Dedicated server in protected building (own names servers too - no external connections)
• - Regular scans for viruses
• - Regular scans for hack scripts
• - Regular scans for vulnerabilities (XSS/CSFR)
• - Regular updates to server OS / Software packages
• - Intrusion detection by monitoring server logs 

Is my data safe?

The personal data in your account can only be accessed by you online by entering your password. Any personal or payment details are encrypted when submitted online or via our payment gateway (PayPal). There are strict guidelines and measures in place to prevent unauthorised persons from accessing the data in your account.

Security facts

We offer the use of the latest secure server software (SSL) which encrypts all information you input before it is sent to us. Furthermore, as required by the UK Data Protection Acts of 1984 and 1998, we follow strict security procedures in the storage and disclosure of information which you have given us, to prevent unauthorised access. Our security procedures mean that we may occasionally request proof of identity before we are able to disclose sensitive information to you.

Security

Using your credit card to make purchases via our payment gateway (PayPal) is a secure way to pay for your goods. PayPal put a number of security steps in place to give you, the customer, total confidence when paying for services from us:

1. All sensitive information, including personal details are encrypted through the use of our secure server software (SSL). This means that information can only be exchanged between you and us, and that no third party can access this data. The padlock symbol on your browser shows which pages are covered by this security system.
2. All historical information regarding name and address details is held on Freewebstore servers. We do not retain live records of credit card information as all payments are currently made directly through PayPal.

Will my data be sent to a third party?

We will only pass on your personal data to a third party if they are involved in processing your order. This may include external partners, couriers, card payment processors and Banks. The data submitted will only be used for the purpose of executing your order and we do not sell, trade, or rent your personal information to advertisers or marketing firms.

What cookies are set in your browser when visiting our website?

What Cookies do we use?

We use the following different types of cookies:

Session cookies

These are temporary cookies which are deleted when you close your browser or leave your session on our site or in the product or service. We use session cookies on our site to identify and track users and to store information about your preferences. Our session cookies may also contain your company name and email address.

Persistent cookies

Persistent cookies enable our site to ‘remember’ who you are and to remember your preferences on our site. Persistent cookies will stay on your computer or device after you close your browser or leave your session.

Load Balancer Cookie

This cookie is essential to help ensure that the website loads efficiently by distributing visits across multiple web servers.

Web analytics cookies and similar technologies such as Google Analytics

These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited. Google stores the information collected by the cookies on servers in the United States. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.

Unless you opt-out of the Google Cookie, by using this site you consent to the use of the Google Cookie and any information generated by Google Analytics. Click here or copy and paste the link into your browser: Http://www.google.com/analytics for an overview of privacy at Google and for information on how to opt-out from all Google Analytics cookies.

What information is collected?

The following information is collected in a cookie:

• Your IP Address. This is a string of numbers unique to your device that is recorded by Heart Of Joy Designs' web server, when you request any page or component on the website. This information is used to monitor your usage of the website.
• Data recorded by the website, which allows Heart Of Joy Designs to ‘recognise’ you to optimise the session performance.

At no time, is any personal information collected.

Can I control the use of cookies?

Web browsers offer cookie management settings, which can be found in the options menu of the web browser, under ‘tools’. Web browsers can also enable users to delete specific cookies; you can even set a web browser to reject all cookies. However, choosing to disable all cookies could significantly affect your web browsing experience as many Internet services rely on the use of cookies.

Visitors can opt-out of Google Analytics for Display Advertising and customize Google Display Network ads using the Ads Settings, see https://www.google.com/settings/ads. Additionally, visitors may wish to use the Google Analytics Opt-Out Browser Add-on found at https://tools.google.com/dlpage/gaoptout/

For a list of how to manage all the different browser cookies, click here or copy and paste the link into your browser: http://www.aboutcookies.org.uk/managing-cookies

Consent

By consenting to this privacy notice you are giving us permission to store and process your personal data specifically for the purposes identified. Consent is required for Heart Of Joy Designs to process both types of personal data, but it must be explicitly given. Where we are asking you for sensitive personal data, we will always tell you why and how the information will be used. You may withdraw consent at any time by logging into your account page on our website where you can request to delete your account.

How long do we keep your data?

Heart Of Joy Designs will keep your data until you request that we should remove it or you access your account on our website and delete it yourself.

What are your rights?

Right to Access: You can access your personal data that Heart Of Joy Designs has by logging into your account page on our website. Here you can download all the data Heart Of Joy Designs hold on you or request to have it deleted. Bear in mind if you do delete your data you will not be able to log in to our website again without making a new account.

Right to Rectification: You have the right to request rectification of your personal data if the information is incorrect, including the right to have incomplete personal data completed.

Right to Erasure: In certain circumstances you have the right to erase any personal data processed by Heart Of Joy Designs.  Heart Of Joy Designs will keep your personal data if there are any legal requirements (e.g. for bookkeeping purposes) or if there is an open dispute.

Right to Restriction: In certain circumstances you can request the restriction or suppression of your personal data verbally or in writing.

Right to Portability: You can ask for the data Heart Of Joy Designs holds on you to be transferred to another organisation.

Right to Object: You have the right to object to certain types of processing such as direct marketing by unsubscribing from a marketing email or by adjusting the settings in your account on our website.

Right to Object to automated processing, including profiling: You have the right to be subject to the legal effects of automated processing or profiling.

Right to Complain: In the event that Heart Of Joy Designs refuses your request under rights of access you have the right to lodge a complaint with a supervisory authority of the alleged infringement.

Complaints

In the event that you wish to make a complaint about how your personal data is being processed by Heart Of Joy Designs or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and Heart Of Joy Designs Data Protection Officer.

Our Data Protection Officer can be contacted directly here:

Heart Of Joy Designs, 26 Rosevean Close, Bridgwater, Somerset. TA6 4EU

https://www.heartofjoydesigns.com
https://www.heartofjoydesigns.co.uk
howard@heartofjoydesigns.co.uk
01278 459922

Information Commission Officer (ICO)

Wycliffe House, Water Ln, Wilmslow, SK9 5AF

https://ico.org.uk
casework@ico.org.uk
0303 123 1113