Phantom Art Privacy Policy

I ask that you read this privacy notice carefully as it contains important information on who I am, how and why I collect, store, use and share personal information, your rights in relation to your personal information and how to contact me and supervisory authorities in the event you have a complaint.

 

Phantom Art collects, uses and is responsible for certain personal information about you. I do so under the General Data Protection Regulations and am responsible as the data controller of that personal information for the purposes of those laws.

 

Information collected

I collect, on the lawful basis of legitimate interest, the following personal information when you provide it in the course of placing an order, using the ‘contact us’ section of the website or emailing phantom.art@btinternet.com:

  • Contact details that you provide, including name, telephone number, email address, postal address

  • Notes on our interactions and conversations

  • Information pertaining to any orders placed or returns requests

  • Your comments, feedback, product reviews and recommendations

I may also use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page.

 

Information collected from other sources

I use cookies (small text files placed on your device) and similar technologies to provide our websites and online services and to help collect data. Cookies allow, among other things, to store your preferences and settings; enable you to sign-in; provide interest-based advertising; combat fraud; and analyse how our websites and online services are performing.

 

You have a variety of tools to control cookies, web beacons and similar technologies, including browser controls to block and delete cookies and controls from some third-party analytics service providers to opt out of data collection through web beacons and similar technologies. Your browser and other choices may impact your experiences with our products.

 

More information is available about cookies and similar technologies at the following site All About Cookies.

 

Why information is collected

I collect such information for the following purposes:

  1. To fulfil orders, including to collect monies owed

  2. To respond to enquiries, provide assistance and support

  3. To be able to contact you with general or personalised order-related updates

  4. To be able to contact you with general or personalised promotional messages or to send updates about my company

  5. To poll your opinions through surveys or questionnaires which may be used to improve my business 

  6. To comply with any applicable laws and regulations.

For these purposes I may contact you via email, telephone, text messages, and postal mail.

 

Who I share your personal information with

I limit access to your personal information to those who have a genuine business need to know it. I will not share your personal information with any other third party except those required to do so in the course of fulfilling your order (such as printers, framers and delivery service providers) or running my business (such as web design support and accountancy.) Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

 

My website is hosted on the Wix.com platform. Wix.com provides me with the online platform that allows me to sell products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall. 

All direct payment gateways offered by Wix.com and used by my business adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by my store and its service providers.

 

You may also pay by PayPal, transactions conducted are subject to your user agreement with them.

 

I will notify you and any applicable regulator of a suspected data security breach where I am legally required to do so. I will share personal information with law enforcement or other authorities if required by applicable law.

 

How long your personal information will be kept

At a minimum, I will hold your personal data for a period of 7 years, as is required by current UK tax law (6 years plus the current year). The maximum retention period is ten years from the date of your last purchase or three years from contact if you have not made a purchase.

 

Changes to this privacy notice

I reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If I make material changes to this policy, I will notify you here that it has been updated, including a summary of the key amendments so that you are aware of what information I collect, how I use it, and under what circumstances, if any, I disclose it. 

 

How to contact me

Under the General Data Protection Regulation, you have a number of important rights. If you would like to:

  • access, correct, amend or delete any personal information I have about you or

  • if you don’t want me to process your data anymore or

  • if you have any questions or concerns about this privacy notice

please send an email to phantom.art@btinternet.com.

 

For further information on your rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.

 

General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner, who may be contacted at https://ico.org.uk/concerns/ or via telephone at 0303 123 1113.