This privacy notice will change from time to time – particularly if we change the way we collect or use your personal information, so do check back here every now and then. It was last updated on 31st January 2019.

 

Introduction

At One Little Hut, we fully understand how important privacy is to every one of our visitors and customers. We collect, use, store and retain your personal data in line with data protection legislation. This privacy notice aims to provide as much information as possible to help you understand how we look after your data, what your legal rights are in relation to that information – and how you can contact us if you have any questions or queries about how we look after your personal information.

 

 

How is your Personal Information Used – The Basics

There are a number of ways that your personal information will be collected when you make contact with One Little Hut – mostly though it is so that we can respond to queries you send, or to process orders you have made. You can contact us through:

 

• One Little Hut Etsy pages

• Our Facebook Page/Facebook Messenger

• Instagram

• Email

 

If you purchase from us, these systems are used for processing payments:

 

• You will be sent an invoice via PayPal

• You may purchase through the website.

 

You can choose to pay via BACS transfer, at which point I will send bank details for One Little Hut in order for you to do so.

You can also pay by card and choose to receive a card payment link.

 

If you purchase from us, your order will be posted to you via Royal Mail. We do not have a contract with them, how they use your information can be found on their website. Royalmail.com

 

Whenever you chose to correspond electronically information about you is collected by those sites. The following sections explain in a bit more detail about what data is collected and how. We cannot control exactly how each site processes your data but we have made checks to ensure that those sites are GDPR compliant and at the end of the policy you will find links to the privacy policy for each organisation if you want to know more.

 

One Little Hut and Marketing Materials

One Little Hut does not currently have a newsletter or send out any kind of marketing materials, but we may do that in future. If and when that happens, this policy will be updated and will only send that information to those who have specifically asked to receive it. Information sent to us via the website contact form or any of the methods mentioned above are currently used only to answer the specific query or process order as applicable.

 

How your Personal Information is Used – The more technical bits

In this section, we try to explain they type of information we will collect or process, why we do that and how it is done. We can only process your information if we have a “legal basis” for doing that. There are 6 of those listed in the General Data Protection Regulation (GDPR). In this notice, we explain which of these apply in each case. Here we go:

 

Usage Data

If you visit our website, we may process data about your use of the site (this is technically called “usage” data”). This would include information like what pages you visit, how long you spend on the site, if you got to our website through a link somewhere else– or how often you visit our website. Our website platform is WordPress. This type of information is gathered to help to continuously improve the website and services. We do not currently have any analytic software or plug-ins attached to the website.

 

Legal Basis – Legitimate Interest: administration of our website and services. Some usage information is also collected by Facebook – to allow us to see where visitors are based and how they found those pages. We do not have access to the personal information gathered by these though – only the statistics.

 

Contact and Enquiry Information

We may process information about you to answer your query or process an order. This may include your name, address, email address, postal address and telephone number – depending on what information you provide to us. We will receive this either directly from you for example in an email, FB message or through the contact form on our website. In all cases we receive only the information you choose to provide – and it will be used to correspond with you until your query is resolved. (If correspondence leads to a purchase we will require and process further information – please see the section “Ordering and Purchasing Information”.

 

Legal Basis – Consent OR the performance of a contract between you and us, and/or taking steps, at your request to enter into a contract OR legitimate interests, in particular, managing relationships with our customers.

 

Feedback and Other Information That You Send to Us

We may process information you send to us for publication on our website – for example, if you email feedback on an order you have received, we may share this on our website and/or social media platforms. We will always ask you if it is OK to use you personal information in this way.

 

Legal basis – Consent: if you have sent this information by private communication channels (such as email) then we will ask for your consent to publish this. (NOTE – if you have posted the information on any of our public sites (social media channels) we do not require consent as you have chosen to make this public – and it is therefore exempt from data protection provisions. However, we will endeavour to contact you to check if it may be shared on other social media channels)

 

Ordering and Purchasing Information

You can order from us in two ways – by contacting us directly through one of our social media channels or our email address – or by making a purchase through Etsy. If you wish to order through our social media channels you may  be asked to provide (through a private message) your email address, currently payment is arranged directly on these platforms, but that may change in the future. This policy will update in accordance. 

 

If you choose to pay via Paypal, they will ask you for further contact details – such as your address, and for payment information (credit card or account details). If you order through Etsy, you do this directly through that site – and will be asked for the same type of information.

 

One Little Hut does not receive any of your payment account details. We only receive the information we need to complete your order – the most important being your address, so that we can send your purchases to you.

 

Legal Basis – This processing is necessary for the performance of a contract between you and us, and/or taking steps, at your request to enter into a contract and our legitimate interests, in particular, managing our business appropriately.

 

Legal Requirements

We may process any of the personal information mentioned in this policy – where necessary – for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out of court procedure. We may process personal information for the purposes of obtaining or maintaining insurance coverage, or obtaining professional advice in relation to business risk – however, this is unlikely.

 

Legal Basis – Legitimate Interest: The protection and assertion of our legal rights, your legal rights and the rights of others; the protection of our business against business risk.

 

We may also process personal information where we are required to do so to comply with any legal obligations to which we are subject – or where it is necessary to protect our vital interests or the vital interests of anyone else. (As specified in relevant legislation).

 

Is your data transferred outside of the UK or EU?

One Little Hut is based in the UK, and only accesses your information on devices in the UK. The One Little Hut website is hosted here in the UK. However, my email system (Gmail for Business) and the social media platforms are not all based in the UK/EU. This means that the data you provide may be held outside of the UK/EU – but I have made checks to make sure those companies comply are safe to use, and that they also comply with all the relevant information. (This means they either have server in the UK/EU – or they are part of an agreement called the “Privacy Shield”. I’ve included links to the privacy information for each of them at the end of this document.

 

Using Cookies

Sorry – not the nice chocolate chip kind. Most website use cookies that store little bits of information on your computer when you visit. They are used to make websites work correctly. The data they use isn’t really data about you – it’s more about the device you use to access the website, and the location of the device. One Little Hut Website uses the DYNSERV cookie. This is necessary for the website to function. This cookie is issued each time you visit our website, to identify you (well your device) as a unique user, purely for access and security purposes. It is retained only for that active browser session you can set your browser to block cookies, but some websites may not work if you do that.

 

How long do we keep data?

How long we keep you data will depend on why we have it. Mostly – it’s not long – we only keep your data as long as we need to answer your query or process your order. If you are a regular customer, we may keep your address or email information longer, so we don’t need to keep asking you every time – but we will ask if that is OK – and you can ask us to remove your details at any time.

 

We are required to keep our invoices and details of sales etc – which might include your name and address, and sometimes your email address. This is a requirement – should we need to submit information to HMRC. But like everything else we do – that information is kept safe and secure and accessed only by One Little Hut.

 

Your Rights

Data Protection legislation is in place to help protect your personal information – and give you control over how it is used. It gives you rights associated with your data, the main ones are listed below. They won’t always apply in every circumstance – but we will explain it to you if you choose to exercise any of your rights.

 

• Right to access – you can request copies of any information we hold about you
   

• Right to rectification – If you believe we have any of you details wrong, you can ask us to correct them
   

• Right to Erasure – You can ask us to delete any information we hold about you. This will apply only when we do not have a legal basis to retain that information.
   

• Right to Restrict or Object to Processing – this is controlling exactly what data we hold – you can ask us to stop using certain data or stop carrying out certain processes with your data.
   

• The right to complain to a “Supervisory Authority” – an organisation that oversees Data Protection. This could be the Authority where you live, where you work – or the one for the UK, where we are based, which is the Information Commissioners Office.

 

As I have already mentioned – where we rely on consent to process your data, you can withdraw that consent at any time.

 

This website is owned by Emily Parkinson– who can be contacted at emily.parkinson.onelittlehut@gmail.com. Emily is also our data protection officer.

 

 

Links to external privacy information

We will try to keep list updated – but if the page link doesn’t work, you should be able to use a search engine – search for the platform name, followed by “Privacy Policy”.

 

• Google G Suite for Business – G-Suite
   

• Facebook – https://www.facebook.com/about/privacy/update and more on https://www.facebook.com/about/privacy/update
   

• Instagram is owned by Facebook, so you can find information on those same links
   

• Twitter – https://gdpr.twitter.com/en.html and https://gdpr.twitter.com/en/dpa.html
   

• PayPal – https://www.paypal.com/en/webapps/mpp/ua/privacy