Privacy Policy

Privacy Policy for Elizabeth Anne Norris

Who we are

We (Elizabeth Anne Norris Jewellery) are committed to protecting your privacy and promise to collect, process and share your data safely and securely when you use our website http://www.eanjewellery.com. Our Privacy Policy tells you how we do this and what your rights are. Any personal data processed in line with our Privacy Policy is controlled by us, as the data controller.

Our Privacy Promise

Transparency – We will always tell you what data we’re collecting about you and how we use it. We only share your data with trusted partners and will never sell your data.

Secure – We are committed to always follow industry best practices to ensure your data is stored safely and securely. We protect the confidentiality, accuracy and availability of the information we collect about you.

Control – We will always give you control over the marketing you receive from us. You can choose the types of messages you receive and whether you want to stop receiving marketing communications.

If you need to contact us

If you have any privacy-specific concerns please contact our Data Protection Officer, Elizabeth Anne Norris here.

What personal data we collect

1. Personal and contact information when you sign up to my mailing list, includes your first name, last name, email address, your town/city and your email preference. This data is held on Mailchimp.
2. Details (and copies) of your communications and interactions with us via our “Contact Us” form includes your name, email, telephone. These details are held on gmail (owned by Google).
3. Transaction details when you make a purchase online includes your name, billing address, shipping address, email address and telephone number.
4. Your financial information when you make an online purchase of jewellery or gift vouchers is sent to Paypal.
5. Your booking information when you make an online booking for my jewellery classes or wedding ring workshops is sent to Bookwhen.
6. Financial information when you make an online booking for my jewellery classes or wedding ring workshops is sent to Worldpay.
7. Your personal data is also generated from technical processes such as comments, cookies, analytics, and third-party embeds on this WordPress website. By default WordPress does not collect any personal data about visitors, and only collects the data shown on the User Profile screen from registered users. However some of plugins on this site may collect personal data. These include Akismet, Facebook for Woocommerce, Jetpack, Woocommerce, Wordfence and Yoast.

Why we collect your personal data

Your data may be collected for the following purposes:

• Email marketing of our products and services only
• Communicating with you via email or phone if you have expressed an interest in the products and services we offer
• Shipping products you have ordered to you
• To advertise our products and services to you on social media such as Facebook, Instagram and Twitter

Your Comments on our website

When you leave comments on our site (blog) we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

When You Contact Us

Personal data collected from you via contact form submissions are kept for customer service purposes only, but we do not use the information submitted through them for marketing purposes. This data is kept indefinitely unless you request it be deleted.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

We collect analytics data about your visits to our website using “Jetpack” and “Google Analytics”. Here is Jetpack’s privacy policy: https://jetpack.com/support/privacy/ Here is Google’s privacy policy: https://policies.google.com/privacy

To opt out of having your data used by Google Analytics you can download a browser add on here: https://support.google.com/analytics/answer/181881?hl=en

By default, this WordPress website does not collect any analytics data.

Who we share your data with

Your data, as detailed in this policy may be shared with the following third-party providers. There is also links to their privacy policy’s.

• Mailchimp https://mailchimp.com/legal/privacy/
• Jetpack https://jetpack.com/support/privacy/
• Google https://policies.google.com/privacy
• Paypal https://www.paypal.com/en/webapps/mpp/ua/privacy-full
• Worldpay https://www.worldpay.com/uk/privacy-policy
• Akismet (owned by Automattic) https://automattic.com/privacy/
• Facebook for Woocommerce https://www.facebook.com/full_data_use_policy
• Woocommerce https://woocommerce.com/privacy-policy/
• Wordfence https://www.wordfence.com/privacy-policy/
• Yoast https://yoast.com/privacy-policy/
• WordPress https://en-gb.wordpress.org/about/privacy/
• Bookwhen https://bookwhen.com/privacy
• Elegant Themes https://www.elegantthemes.com/policy/privacy/

How long we retain your data

All data collected by us, as detailed in this policy, is retained indefinitely unless you request it be deleted. Data held by third parties is detailed in their privacy policies.

What rights you have over your data

If you have contacted us, are an existing customer, or have left comments on our website, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us.

You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

In certain circumstances your data may be checked via third party services held outside the European Union. These include automated spam detection systems and web hosting services for this website. For this website these services include Wordfence and Akismet. Where your personal data is transferred outside of the EEA, we require that appropriate safeguards are in place. To find out more about the appropriate safeguards that we have in place, please contact us.

European data protection law requires data about European residents which is transferred outside the European Union to be safeguarded to the same standards as if the data was in Europe.

How we protect your data

1. Our online security controls maintain confidentiality at all times.
2. As described in this Privacy Policy, we may in some instances disclose your personal data to third parties. Where we do, we require that third party to have appropriate technical and organisational measures in place to protect your personal data; however in some instances we may be compelled by law to disclose your personal data to a third party, and have limited control over how it is protected by that party.

What data breach procedures we have in place

We take security seriously and have technologies, processes and security protocols in place to protect against the loss or theft of your personal data. We will report any breach of Personal Data, and do so as fast as we can. We aim to let people know within 72 hours.

What automated decision making and/or profiling we do with user data

Data collected from you may be used by trusted third parties, as detailed earlier in this policy for web traffic analysis and customised advertising. This data is made without human intervention and is not stored by us.