This privacy notice provides you with details of how we collect and process your personal data.
Little Star Glitter Tattoos is the data controller and we are responsible for your personal data. Our email address is firstname.lastname@example.org and our postal address is:
14 Ferneydale Avenue, Buxton, Derbyshire, SK17 9LW.
How do we use your information?
By using the Service, you represent that you are at least 18 years of age. When you make an enquiry or place an order, we may ask you for certain information and you may submit personal data on this website or via telephone such as:
Your email address
Names for personalised items
Bank card details
This information is needed in order for us to provide our service. These details have to be kept by us for our accounts and records for a period of six years as required by HMRC. By making any payment and submitting your data you agree to this use. Please note we do not share your information with any third parties. All payment data is submitted at our payment gateways and no data is stored within the site.
We use this information to process your orders, despatch the products (your details may be passed onto a carrier company) and trace the delivery. We also use it to get in touch with you regarding any queries. If you sign up to our newsletter we may get in touch via email with special offers or details of new products etc. but will not share your information with any third parties. This information enables us to respond quickly to enquiries, provide a better service and contact you in case of emergency concerning an order.
Your financial information is stored safely via PayPal; we do not handle or store card/ bank details as they are processed in real time. Your card information gets entered directly into PayPal’s secure system.
We collect and aggregate statistical and technical information to market our services better using third party software and services to collect and manage the statistical information like Google Analytics etc. so this data will be available to them as well. We do not share statistical information with any other companies. Technical Data including data about your use of our website and online services such as your IP address, your login data, details about your browser, length of visit to pages on our website, page views and navigation paths, details about the number of times you use our website, time zone settings and other technology on the devices you use to access our website will be taken every time you visit. The source of this data is from our analytics tracking system. We process this data to analyse your use of our website and other online services, to administer and protect our business and website, to deliver relevant website content and advertisements to you and to understand the effectiveness of our advertising. Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer our website and our business and to grow our business and to decide our marketing strategy. This is statistical data about our users' browsing actions and patterns, and does not identify any individual.
We also collect communication Data that includes any communication that you send to us whether that be through the contact form on our website, through email, text, social media messaging, social media posting or any other communication that you send us. We process this data for the purposes of communicating with you, for record keeping and for the establishment, pursuance or defence of legal claims. Our lawful ground for this processing is our legitimate interests which in this case are to reply to communications sent to us, to keep records and to establish, pursue or defend legal claims.
We are committed to protecting the privacy needs of children, we do not intentionally collect information from minors, and we do not target our web site to children.
In the few instances where we collect personal information about children, it is always from the parent and we will only ever collect such information for the purposes specified when we collect it. We may collect names and ages for stencil personalisation, or for wall stickers or other personalised items.
Generally, we do not rely on consent as a legal ground for processing your personal data, other than in relation to sending marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by emailing us at email@example.com
We will give you the chance to refuse any marketing email / communication from us (such as discounts and special offers) in accordance with the Data Protection Act and will not share your details with any third parties for marketing purposes. You will only receive marketing communications from us if you have signed up for the newsletter. We will store your name and email address and use it to send you news and offers related to Little Star. If you would prefer not to receive marketing promotions, please email with the subject line ‘no promotions’.
Where you opt out of receiving our marketing communications, this will not apply to personal data provided to us as a result of a product/service purchase, warranty registration, product/service experience or other transactions.
We DO NOT collect sensitive information from you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not collect any information about criminal convictions and offences.
The information we hold will be accurate and up to date (please inform us of any changes). You can check the information that we hold about you by emailing us. If you find any inaccuracies we will delete or correct it promptly.
The personal information which we hold will be held securely in accordance with our data security policy and the law. Information you provide to us is shared on our secure server and we have implemented procedures to prevent accidental loss and unauthorised access. The website has a valid SSL Certificate. We also have a firewall and other internet security to prevent unauthorised access.
We limit access to your personal data to employees who need to know such data in order to process our sales and services. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your information transmitted to our Site; any transmission is at your own risk. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
If any of this information changes, please ensure that you let us know in order for us to provide you with the best possible service. We will endeavour to take all reasonable care, in so far as it is possible to do so, to keep all details of your booking and payment secure, but, in the absence of negligence on our part we cannot be held liable for any loss you may suffer if a third party procures unauthorised access to any data you provide when accessing or ordering.
Our website may contain links to other sites. We are not responsible for the privacy practices or the content of such Web sites.
Your Legal Rights
Under certain circumstances, you have rights under data protection laws in relation to your personal data. These include the right to:
• Request access to your personal data.
• Request correction of your personal data.
• Request erasure of your personal data.
• Object to processing of your personal data.
• Request restriction of processing your personal data.
• Request transfer of your personal data.
• Right to withdraw consent.
You may request details of personal information which we hold about you under the Data Protection Act 1998. If you would like a copy of the information held on you please write to us. You do not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we will charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
If you believe that any information we are holding on you is incorrect or incomplete, please email us at firstname.lastname@example.org. We will promptly correct any information found to be incorrect once your identity has been verified.
Links to Other Websites
If you are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We should be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.