I ask that you read this privacy notice carefully as it contains important information on who I am, how and why I collect, store, use and share personal information, your rights in relation to your personal information and how to contact me and supervisory authorities in the event you have a complaint.
Phantom Art collects, uses and is responsible for certain personal information about you. I do so under the General Data Protection Regulations and am responsible as the data controller of that personal information for the purposes of those laws.
I collect, on the lawful basis of legitimate interest, the following personal information when you provide it in the course of placing an order, using the ‘contact us’ section of the website or emailing email@example.com:
Contact details that you provide, including name, telephone number, email address, postal address
Notes on our interactions and conversations
Information pertaining to any orders placed or returns requests
Your comments, feedback, product reviews and recommendations
I may also use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page.
Information collected from other sources
You have a variety of tools to control cookies, web beacons and similar technologies, including browser controls to block and delete cookies and controls from some third-party analytics service providers to opt out of data collection through web beacons and similar technologies. Your browser and other choices may impact your experiences with our products.
More information is available about cookies and similar technologies at the following site All About Cookies.
Why information is collected
I collect such information for the following purposes:
To fulfil orders, including to collect monies owed
To respond to enquiries, provide assistance and support
To be able to contact you with general or personalised order-related updates
To be able to contact you with general or personalised promotional messages or to send updates about my company
To poll your opinions through surveys or questionnaires which may be used to improve my business
To comply with any applicable laws and regulations.
For these purposes I may contact you via email, telephone, text messages, and postal mail.
Who I share your personal information with
I limit access to your personal information to those who have a genuine business need to know it. I will not share your personal information with any other third party except those required to do so in the course of fulfilling your order (such as printers, framers and delivery service providers) or running my business (such as web design support and accountancy.) Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
My website is hosted on the Wix.com platform. Wix.com provides me with the online platform that allows me to sell products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
All direct payment gateways offered by Wix.com and used by my business adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by my store and its service providers.
You may also pay by PayPal, transactions conducted are subject to your user agreement with them.
I will notify you and any applicable regulator of a suspected data security breach where I am legally required to do so. I will share personal information with law enforcement or other authorities if required by applicable law.
How long your personal information will be kept
At a minimum, I will hold your personal data for a period of 7 years, as is required by current UK tax law (6 years plus the current year). The maximum retention period is ten years from the date of your last purchase or three years from contact if you have not made a purchase.
Changes to this privacy notice
How to contact me
Under the General Data Protection Regulation, you have a number of important rights. If you would like to:
access, correct, amend or delete any personal information I have about you or
if you don’t want me to process your data anymore or
if you have any questions or concerns about this privacy notice
please send an email to firstname.lastname@example.org.
For further information on your rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.
General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner, who may be contacted at https://ico.org.uk/concerns/ or via telephone at 0303 123 1113.