Privacy Policy

 

Jo Davies Ceramics takes data protection and data security extremely seriously. This Privacy Notice explains the types of personal data we may collect about you. It also explains how we’ll store and handle that data and keep it safe. We know that there’s a lot of information here, but we want you to be fully informed about your rights, and how Jo Davies Ceramics uses your data. We hope the following sections will answer any questions you have but if not, please do get in touch with us.

Conditions for Processing Data

We are only entitled to hold and process your data where the law allows us to. The current law on data protection sets out a number of different reasons for which a business like ours may collect and process your personal data. These include:

  • Contractual obligations

    The main purpose for our holding your data is to provide you with ceramic objects and/or classes or workshops in ceramics (the ‘professional services’) via our website, studio and external stockists and events. A purchase is a contract between us and the law allows us to process your data for the purposes of performing a contract (or for the steps necessary to enter in to a contract).

  • Legitimate Interests

    In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running Jo Davies Ceramics and which does not materially impact your rights, freedom or interests. This may include to satisfy our external quality auditors, our insurers or our Regulators.

  • Legal Compliance

    If the law requires us to, we may need to collect and process your data. For example, we can pass on details of people involved in fraud or other criminal activity.

  • Consent

    In some situations, we can collect and process your data with your consent. When collecting your personal data, we’ll always make clear to you which data is necessary in connection with a particular service.

When do we collect your data?

We normally collect your data when you provide it to us or when it is provided to us by others. You may give us your data by email; through an online web form; via a survey or questionnaire, over the telephone; face to face; at an event, or by post.

What sort of data do we collect?

See below for more information about what data we collect about you if you are using our website. If you are a customer or making an enquiry for our services, we collect your name, contact details, billing and payment details. We also collect and hold information about your purchase or enquiry.

How do we use your data?

We only use your data for the purposes of providing you with our products or services (such as workshops and classes) or for reasons directly associated with those services. We may use your data to provide statistical information for reports, but such information will be anonymised.

How do we protect your data?

We take protecting your data very seriously. The data you give us may be personal, or sensitive and confidential. With this in mind we will treat your data with the utmost care and take all appropriate steps to protect it. We have data protection and information security policies and procedures in place (along with professional and other legal obligations to keep your data safe) and these are regularly assessed. We protect our IT system from Cyber Attack. Access to your personal data is password-protected. We regularly monitor our system for possible vulnerabilities and attacks to identify ways to further strengthen security.

How long will we keep your data?

We only keep your data for as long as is necessary for the purpose(s) for which it was provided. Normally this is for 6 years after your project or matter ends. This is because we are required to keep files for that period by our professional bodies. This also protects you should you be unhappy with our services.

Who do we share your personal data with?

We sometimes share your personal data with trusted third parties including our website provider. We only do this where it is necessary for providing you with products and services or for the effective operation of our practice. For example, if you are a customer, we may share your data with secure file storage and destruction companies; marketing professionals and email service providers; auditors; the company that securely hosts our off-site cloud storage servers.

Here’s the policy we apply to those organisations to keep your data safe and protect your privacy:

  • We provide only the information they need to perform their specific services.

  • They may only use your data for the exact purposes we specify in our contract with them.

  • We work closely with them to ensure that your privacy is respected and protected at all times.

  • If we stop using their services, any of your data held by them will either be deleted or rendered anonymous.

Data available to our website provider

Your data may also be available to our website provider to enable us and them to deliver their service to us, carry out analysis and research on demographics, interests and behaviour of our users and customers to help us gain a better understanding of them to enable us to improve our services. This may include connecting data we receive from you on the website to data available from other sources. Your personally identifiable data will only be used where it is necessary for the analysis required, and where your interests for privacy are not deemed to outweigh their legitimate interests in developing new services for us. In the case of this activity the following will apply:

1. Your data will be made available to our website provider

2. The data that may be available to them include any of the data we collect as described in this policy.

3. Our website provider will not transfer your data to any other third party, or transfer your data outside of the EEA.

4. They will store your data for a maximum of 7 years.

5. This processing does not affect your rights as detailed in this privacy policy.

Financial transactions relating to our website OR handled by our payment services providers, Go Cardless and Stripe for collection of payments

We will share transaction data with our payment services providers only to the extent necessary for the purposes of processing your payments, and dealing with complaints and queries relating to such payments. You can find information about the payment services providers' privacy policies and practices for GoCardless at https://gocardless.com/legal/privacy and for Stripe at https://stripe.com/privacy-center/legal.

We use certain third party software on our website

We use Google Analytics for the purposes of understanding how users are interacting with our website. You can understand how Google uses your data through Analytics by reading the site "How Google uses data when you use our partners' sites or apps", located at www.google.com/policies/privacy/partners/.

We use Mailchimp for the purposes of offering and managing subscriptions to email updates from our company. By subscribing to our emails and providing your name and email address, you are giving us permission to store and process your data in order to send our emails. You may unsubscribe at any time by clicking the clear 'unsubscribe' link sent in every email, or by contacting us at studio@jo-davies.com, including if you wish to be removed permanently from our database. You can understand how Mailchimp processes your data on our behalf here: https://mailchimp.com/legal/.

Where is your data processed?

Your data is stored and processed within the EEA. If we ever have to share your personal data with third parties and suppliers outside the European Economic Area (EEA) we will seek your specific consent to do so. The EEA includes all EU Member countries as well as Iceland, Liechtenstein and Norway.

About cookies

A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server. Cookies may be either "persistent" cookies or "session" cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed. Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.

Cookies that we use

We use cookies for the following purposes:

  • authentication - we use cookies to identify you when you visit our website and as you navigate our website

  • status - we use cookies to help us to determine if you are logged into our website

  • personalisation - we use cookies to store information about your preferences and to personalise the website for you

  • security - we use cookies as an element of the security measures used to protect user accounts, including preventing fraudulent use of login credentials, and to protect our website and services generally

  • analysis - we use cookies to help us to analyse the use and performance of our website and services

  • cookie consent - we use cookies to store your preferences in relation to the use of cookies more generally

Cookies used by our service providers

Our service providers use cookies and those cookies may be stored on your computer when you visit our website. We use Google Analytics to analyse the use of our website. Google Analytics gathers information about website use by means of cookies. This data may be stored outside the EU, under a EU-US Privacy Shield agreement. The information gathered relating to our website is used to create reports about the use of our website. Google's privacy policy is available at: https://www.google.com/policies/privacy

Managing cookies

  • Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links: https://support.google.com/chrome/answer/95647?hl=en (Chrome)

  • https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences (Firefox)

  • http://www.opera.com/help/tutorials/security/cookies/ (Opera)

  • https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer)

  • https://support.apple.com/kb/PH21411 (Safari)

  • https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy (Edge).

Blocking all cookies will have a negative impact upon the usability of many websites. If you block cookies, you will not be able to use all the features on our website.

What are your rights

You have the right to request:

  • Access to the personal data we hold about you, free of charge in most cases.

  • The correction of your personal data when incorrect, out of date or incomplete. For example, when you withdraw consent, or object and we have no legitimate overriding interest, or once the purpose for which we hold the data has come to an end.

  • That we stop any consent-based processing of your personal data after you withdraw that consent.

  • You have the right to request a copy of any information about you that we hold at any time, and also to have that information corrected if it is inaccurate.

To ask for your information, please contact the studio at Studio G6, The Chocolate Factory, London N16 7SX

If we choose not to action your request, we will explain to you the reasons for our refusal.

Your right to withdraw consent

Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent.

Where we rely on our legitimate interest

In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.

The Regulator

If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office. You can contact them by calling +44 (0)303 123 1113. Or go online to www.ico.org.uk/concerns (opens in a new window; please note we can't be responsible for the content of external websites).