This page provides an overview of the data I hold about you, how it is processed and what you can do about it. If you have any further queries please contact me directly and I will be happy to help in any way I can.

The information I hold:

Newsletter subscriptions

If you have chosen to subscribe to my email newsletter then I hold your email address and possibly a first and/or last name. These are held in my Mailchimp lists and used solely for the purpose of sending out the email newsletter. I never add details to this list unless you have consented to this, by completing an online subscription form, adding your details to my paper sign-up sheet, or requesting this action in some other format. Every copy of the newsletter includes details of how to unsubscribe so you are free to cancel it at any time.

Prior to the GDPR coming into effect I have completed a Legitimate Interest Assessment and concluded that under these terms it is reasonable to continue to provide the email newsletter to people who have previously requested it. A copy of the LIA document is available here.

Contact form entries

If you have used the contact form on my website then it will have recorded your name, email address and possibly phone number. These details are held in a database within my website on Squarespace and are also sent to my by email. Your submission of the enquiry gives me a legitimate interest in recording and using your details - so that I can respond and potentially act upon your request if we agree this. They are used solely for the purpose of replying to your query.

Purchases

If you choose to purchase an item from me using a debit or credit card your card details are recorded by one of hte payment systems I use: Sumup for in-person transactions and Stripe and/or Paypal online. Your data is then held securely within their systems.

Orders

If you place an order with me necesary details will be collected. Your order creates a contract between us and the collated details are used solely for this purpose. For in person orders your name, delivery address, and contact details including phone number and/or email address are recorded in my paper order book in duplicate, you will be given one copy and I retain the other to enable me to complete and dispatch your order. If you place the order through my website the same details plus your payment details are recorded in the commerce database of my Squarespace website and the associated payment systems Stripe and Paypal. If you place an order by email the same details will be transferred on your email to me, recorded in the invoice I send to you and noted on a paper copy of the order which is disposed of when the order is completed. Whilst in transit your name and address, and possibly phone number, will be transferred to and processed by the relevant postal service or courier.

These details are held solely for the purpose of completing a contracted transaction, eg your order, or sending out the newsletter as requested when you subscribed. They are shared only with the reputable systems I use to complete these actions. My computer and my accounts with these systems are all used only by me and are password protected.

Where is this data held

* Your email address and perhaps name will be held in my Mailchimp account. Mailchimp is based in the USA and is covered by the Privacy Shield. If you signup in person at an event then a copy of this information will also be in my paper signup book, stored securely in my studio when not on display at events.

* Any entries to my contact form are held in my account with the website provider Squarespace. Squarespace is based in the USA and is covered by the Privacy Shield.

* Your credit or debit card number, exiry date and security code are processed using SUMUP, Stripe or Paypal. SUMUP is based in the UK and is subject to the GDPR. Stripe is based in the USA and is GDPR compliant, see details. Paypal Europe is based in Luxembourg and is subject to the GDPR.

* Any email communications are held in my account with Yahoo, which is part of Oath, in turn part of the Verizon family. Oath is based in Dublin and is subject to the GDPR.

* Digital copies of invoices are held in my computer, which is password protected and kept in a locked workspace.

* Dispatch details are processed by relevant postal services and couriers, normally the UK Post Office or Parcelforce. Both of these are based in the UK and subject to the GDPR.

 

Your data rights

You can request to receive a copy of any data I hold on you at any time. Please contact me to make your request and confirm what format you would like to receive the data in. I will send it to you within 1 month.

You can directly unsubscribe from the newsletter at any time by using the link at the bottom of every mailing.

You can request that I correct and inaccurate data I hold about you. Please contact me with details of the required changes and I will implement them within 1 month.

You can also request that I delete all your data from my records. If you wish to do this please contact me and I will comply withing 1 month. Please be aware however that details of financial transactions have to be held for 7 years for tax purposes so any such details I have relating to your purchases will be deleted after that period elapses.

 

Registration

Under ICO regulations as a small business only holding personal information for the purposes of employing staff, making financial transactions and sending out marketing and busines-related communications I am exempt from registration.

 

Children

I do not generally work with children and therefore hold no information on them.

 

Data breaches

Any data breaches will be logged. All breaches will be reviewed within 48 hours. If a breach is minor action will taken to ensure that the same breach does not recur. If a breach is major it will be reported to the ICO within 72 hours.

 

Governing authority

Jane Sarre Ceramics is based in the UK and is subject to British and European law.