Ever After paperie (hereby referred to as ‘the company’) is committed to complying with the latest rules and regulations regarding customer privacy and data protection. This document has been created in order to ensure the company’s compliance with the General Data Protection Regulation (GDPR) May 2018, and to provide continued transparency to customers in regards to the use and safe storage of personal data. Any use of 'us', 'our' and 'we' in this notice refers to the company directly. Use of terms such as 'individuals', 'customers' or 'clients' refers to any person/s who have provided personal information to us.
What Information We Collect
Name, email address, shipping address, billing address, payment details.
Other information relevant to a transaction.
There is no obligation from the customer to provide this personal information, however, with the exception of face-to-face sales, the company would be unable to provide its services without this information. Customers maintain the right to object to the use of their personal information by the company. An individual may contact the company at any time during or post a transaction to request the company cease using their personal information, at which point, the company will A.) immediately cease all use of the personal information and dispose of any and all sensitive materials in an appropriate manner B.) provide a full and detailed explanation as to why, at that time, the company is unable to cease use of personal information.
How your information is collected
We may collect information in the following ways:
Through our website’s online order form
Through direct messages via our social media platforms
Through online payment providers i.e. PayPal, Stripe
At face to face events.
How We use Personal Information.
Without your information the company would be unable to complete your order. The company offers a postal/courier services with all orders at an additional fee to the customer. In order for the postal/courier providers to fulfil the postage orders the company must provide them with certain details of a client’s personal information (name, address). The use delivery/courier providers to the customer prior to any order and they must consent to the personal information being passed on.
The company operates with focus on online sales. Etsy Inc., Ebay, Facebook Inc. Microsoft Corporation and Instagram are all companies that provide online platforms in which a customer may contact the company. Should a customer use one these methods, the company may request that personal information be sent via the platform in order to complete an order/quotation. The customer may choose to use one of these methods in order to provide the required information, doing so gives consent for both the company and the chosen platform, unless otherwise stated in their own terms and conditions, to view and/or use the information provided. Using one of the mentioned companies gives consent to receive private messages within use of the given platform. All conversations between the company and the customer that may involve the use of personal information are done so in private. None of the information provided in these private messages will ever be shared publicly or with a third party, excluding government intervention (e.g. at the request of the police).
The company may, on occasion, request that the customer provide pictures and/or feedback in regards to a completed order. Compliance to this request is optional on the part of the customer.
The company provides a service in which a customer can personalise an item. This may lead to a customer providing the personal information of another party e.g. for a gift. The company will only contact the individual who initiates a transaction and/or provides payment for that particular order. It is the responsibility of the customer to ensure that they have received consent before providing another's personal information.
Safe Storage of This Information.
Paper copies of the client’s information is stored in folders that is kept in a secure property. Digital copies of this information are stored on a password protected laptop used by the company solely. Typically, the company will hold personal information of the customer for one year in order to fulfil repeat orders, track prior transactions and keep record of sales. After this time, the company will permanently destroy any personal information stored.
We will never sell or lease your personal information to third parties.
You may request details of personal information which we hold about you under the General Data Protection Regulation (GDPR).
If you believe that any information we are holding on you is incorrect or incomplete, please inform us as soon as possible. We will promptly correct any information found to be incorrect.
For purposes of EU data protection law, I, Jennifer Brown, am the data controller of your personal information. If you have any questions or concerns, you may contact me at firstname.lastname@example.org.