Categories

Privacy Statement

By way of introduction

The Frockery® is a small, family-run online business based in Angus, Scotland, which was established in 2007. You can read more about us and our ethos here and some customer testimonials here.

As it happens, our chief frocker Alison is a seasoned privacy campaigner and freelance writer with a longstanding interest in data protection and civil liberties issues, while Daniel, who manages our website, is a network security specialist.

Our commitment to privacy by design

The Frockery is committed to protecting and respecting the privacy of our website users and customers, and our business complies fully with all data protection principles and requirements as set out in UK and EU legislation. Business owner Alison Preuss is our data controller and can be contacted directly about any aspect of this policy (or indeed anything else). 

Our privacy policy has been updated in April 2018 to reflect changes in legislation under the EU General Data Protection Regulation (GDPR), which is due to come into force on 25 May 2018 and which will be given effect in domestic law when the Data Protection Bill is enacted by the UK parliament. Brexit will not affect individuals’ rights as outlined below.

This privacy statement has been designed to explain the circumstances under which we collect personal information about people who use our website, what we do with that information and the legal bases we rely on for processing it. ‘Processing’ encompasses everything we do with personal data, from its initial collection right through to deletion (and everything in between).

Please be assured that we will only use the information we collect from you for the legitimate business purposes of fulfilling orders, processing refunds, responding to enquiries and sending communications you have specifically consented to receive, e.g. by subscribing to our newsletters and updates, or by requesting first-refusal notifications. We never spam and will never pass your details to a third party unless we are required to do so by law.

For a more detailed explanation of how and why we process our customers’ and visitors’ personal data at the Frockery, please keep reading.

What data do we collect and why?

In order to process and fulfil your order, we will need your name, billing address, delivery address and email address. We will also ask for a contact telephone number, which may be used by us in the event of a query or notification about your order or, very occasionally, by our delivery courier.

If an order is placed on our website but the transaction details are incomplete or the payment has not been successfully processed, we may contact the customer to offer assistance prior to cancelling the order. Some shoppers have experienced problems with our checkout process (usually when using older browsers), whereas others may have simply changed their minds about proceeding with a purchase. Our contact in such circumstances is made purely as a courtesy.

If you choose to create a user account with us on our website, either during the checkout process or otherwise, we will use the contact details you provide to send you updates (usually weekly on Wednesdays) and any additional information you may have specifically requested. We may also use it to contact you if we need to check that our records are accurate. You can delete your account at any time, or else ask us to do so.

How we use cookies and what they are

Cookies are small text files that are placed on your computer by websites that you visit in order to make the websites function properly or more efficiently. They are also used to provide website owners with statistical information to help them monitor and improve their users' and visitors' browsing experience. You will find more detailed information on cookies at www.allaboutcookies.org.

Some cookies are essential to the operation of The Frockery ecommerce website so that you can purchase products from us online, while others are used by us to help improve your browsing experience. 

Specifically, our website uses session cookies which are deleted after each visit and persistent cookies which remain valid on subsequent visits for your convenience, e.g. to save and recover your shopping basket. We also make use of third party cookies, specifically Google Analytics.

Any information collected by our website will be used for session functionality and statistical purposes only. If you do not wish cookies to be stored on your computer, you can modify your browser settings to refuse them. If you choose to delete your cookies, your preferences will not be saved for subsequent visits to our website.

Managing cookies

Every browser is different, so you should consult the 'Help' section for your chosen browser or your smart phone manual to check how to change your cookie settings. The following links may be helpful.

Manage cookies in Chrome
Manage cookies in Firefox
Manage cookies in Internet Explorer
Manage cookies in Safari
Manage cookies in Opera

What legal basis (or bases) do we rely on to process data?

The Frockery processes personal data in accordance with the law, i.e. where the processing is necessary to allow us to pursue our legitimate interests as a business, such as order fulfillment and related activities, and/or with opt-in consent from customers and users who have indicated that they wish to receive news and updates from us.

As outlined above, we need to collect customers’ names, postal addresses, delivery addresses, email addresses and contact telephone numbers in order to operate our online shop, for communication, order processing, invoicing, payment and fulfilment purposes. We also place cookies to allow recall of passwords and user preferences as previously detailed.

We will refer you to this privacy policy when you shop with us or choose to create an account and/or subscribe to our newsletter, either during the checkout process or by separate registration.

We will continue to secure clear, unambiguous opt-in consent from individuals before processing their personal data, as has always been our business practice. No one hates spam more than we do!

Will your data be shared with any third parties?

We will not share your data with other organisations unless required to do so by law, but we use trusted, GDPR-compliant third party providers for the purposes of securely processing customers’ payments and for delivering email newsletters and updates.

We use MailChimp (whose privacy policy can be found here) to deliver weekly stock updates and (very occasionally) newsletters, and we may (but generally don’t!) collect email-opening statistics for monitoring and improvement purposes. You can of course unsubscribe from our newsletters and updates at any time by clicking the relevant link at the foot of our email communications, or else by contacting us directly. We never, ever, sell or share mailing lists with other commercial or non-commercial organisations.

We do not store any debit or credit card details on our website and do not accept card payments by telephone. All online payments are processed on our behalf by PayPal and Worldpay, to whose websites customers are redirected to complete their payments securely. Paypal’s privacy notice can be found here and Worldpay’s is here.

Our website hosting company DX3webs maintains off-site back-ups of our files and database. In the event of an emergency, such a server failure, a back-up will be used for the purpose of restoring the site to full functionality.

How will we use your personal information?

We will use the information you provide to process and fulfil your orders, to respond to enquiries, to email communications that you have requested or opted into on our website, and to send specific notifications, e.g. to competition winners.

We publish customer testimonials on our website, but never identify individuals and only use first names or initials.

How long will we keep your data, and will it be held securely?

The personal data we collect from customers is retained for as long as is necessary to comply with our legal obligations. We hold transaction information for seven years for accounting purposes in order to satisfy the requirements of HMRC.

Personal data will also be retained where a customer or visitor has opted to create an account with us for as long as these accounts remain active. Data can be deleted by customers themselves at any time by logging in to their user accounts or by contacting us directly to request deletion.

You will notice a secure padlock icon when browsing the Frockery website – not just on the data capture pages – because our site runs securely on https rather than http. In order to prevent unauthorised access, we have put in place suitable safeguards and processes to secure the information we collect and store.

Our website development, maintenance, security and database management is undertaken in-house by Daniel, who is a network security specialist and has been working with websites (almost to the exclusion of all else!) since he was eight years old (he is now pushing 30!) Alison (who pushed 60 some time ago!)  is in charge of almost everything else as chief frocker and data controller, and your enquiries will all land in her inbox.

What are your rights as a ‘data subject’?

As a customer of the Frockery or user of our website, also known as a ‘data subject’, you have the right to access and amend any of your personal data that has been recorded by us. If you would like to request a copy of the data we hold about you, we will be happy to provide it by email upon verification of your identity. 

If you believe any of the data we hold on you is inaccurate, please contact us so that we can correct it or update it. We will also delete your data on request, with the exception of that which is necessary for us to retain for a set period in order comply with our legal obligations.

You may of course decline to provide us with your personal data, which will mean you will be unable to place orders online or use some of the features and functionality of our website. You may also delete a user account you have previously created. Please contact us if you wish to object to, or make a complaint about, our processing of your personal data, bearing in mind that we may be required by law to retain some information for accounting and other legitimate purposes.

Finally...

If you have made it to the end, congratulations! But seriously, Alison our chief frocker is always available to help you with queries about data protection or indeed anything else, so please don’t hesitate to get in touch if you need any clarification.

This policy was updated in April 2018 and will be reviewed regularly