Privacy & Security
At Juniper & Blue Craft Emporium we take your privacy seriously and will only use your personal information to administer your account, provide you with the products and services you request from us and keep you informed of changes or additions to our ranges and any special offers or discounts available.
Information we collect
Personally identifiable information. Any information that can be used to identify, locate or contact an individual, on its own or when combined with other personal or identifying information. Examples include: name, address, email address, telephone number and IP address. This may include information collected when registering an account on our website, even if you do not make a purchase, as well as any participation by you in surveys or competitions or interactions via live chat or similar web services. This information may be collected through forms on our website which are completed by you.
Please note that, if you make a purchase via our website, your card payment details are not held by us. Payments are processed by our third party payment processors, who specialise in the secure online capture and processing of credit and debit card payments (see our Security Policy).
How we use the information we collect
We may use the information to:
· process an order that you make on our website or by phone;
· carry out our obligations arising from contracts entered into between you and us;
· deal with entries into a competition;
· seek your views or comments on the products or services we provide;
· notify you of changes to our service (e.g. temporary closure for server maintenance, or seasonal/holiday opening hours);
· send you communications which you have requested and that may be of interest to you, including promotions of our products and services.
We need your consent for some aspects of our activities that are not covered by our legitimate interests, as defined by the ‘General Data Protection Regulation’ - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (referred to in this Policy as the GDPR) - in particular, the collection of data via cookies and the delivery of direct marketing to you through digital channels. Depending on the situation, we will ask for this either via an express opt-in or via ‘soft opt-in’. (‘Soft opt-in’ consent is a specific type of consent which applies where you have previously engaged with us, in which case we will take your consent as given unless and until you expressly opt out.)
How long we hold your data
We are legally required to hold some types of information to fulfil statutory obligations. We will hold your personal information on our systems for as long as is necessary for the relevant activity, or for so long as is set out in any relevant contract you hold with us, or to comply with our legal obligations.
Who has access to your information
We may pass some information to third party service providers or other organisations for the express purpose of completing tasks (such as processing your order) or providing a service to you (such as a mailshot) on our behalf. Any such providers would only be given the information necessary to provide that service and they would be required to keep your information secure and retain it only for as long as necessary to process that task.
We may transfer your personal information to a third party in the following circumstances, namely: as part of a sale of some or all of our business and assets; as part of any business restructuring or reorganisation; if we are under a duty to disclose or share your personal data in order to comply with any legal obligation; or to enforce or apply our Terms and Conditions.
Accessing, correcting or deleting your information
You may request details of personal information we hold about you by writing to: The Administrator, Juniper & Blue Craft Emporium, 18 Bathford Hill, Bathford, Bath, BA1 7SL.
You can also contact us with any queries by email (firstname.lastname@example.org) or telephone (0845 608 8890).
If you believe any information we hold is incorrect or incomplete, please let us know as soon as possible so that we can amend it as appropriate.
If you wish, we will delete or block all personal information we hold about you within thirty days of receiving your written request so to do. We may retain information already held in back-up systems or archives for prevention of fraud or other crime or abuse, for satisfaction of legal obligations, for analytic purposes or where we reasonably believe that we have a legitimate reason to do so (in accordance with the GDPR).
At any time, you may object to the processing of your personal data on legitimate grounds unless it is otherwise permitted by applicable law.
Right to object
If we are using your data because we deem it necessary for our legitimate interests to do so, but you do not agree, you have the right to object. We will respond to your written request to cease processing your data within 30 days (although in certain cases we may be allowed to extend this period). We would only disagree with you if certain limited conditions apply.
Right to withdraw consent
Where we have obtained your consent to process your personal data for certain activities, or consent to market products or services to you, you may withdraw your consent at any time.
Data subject access requests (DSAR)
You have the right to ask us to confirm what information we hold about you at any time and you may ask us to modify, update or delete such information. In addition you have the following rights:
Right to erasure. In certain situations (for instance, where we have processed your information unlawfully) you have the right to request us to ‘erase’ your personal data. We will respond to your written request within 30 days (although we may be allowed to extend this period in certain cases) and will only disagree with you if certain limited conditions apply. If we agree to your request, we will delete your data but will assume that you would wish us to keep a note of your name on our register of individuals who prefer not to be contacted. This would minimise the chances of your being contacted accidentally in future where your data are collected in unconnected circumstances. If you would prefer us not to do this please let us know.
Right of data portability. If you wish, you can request to transfer your data from us to another data controller. We will help with this, either by directly transferring your data for you or by providing you with a copy in a commonly used machine-readable format.
Right to lodge a complaint with a supervisory authority. You also have the right to lodge a complaint with your local supervisory authority, details of which can be found at: www.gov.uk/data-protection/make-a-complaint.
It is possible to switch off cookies by setting your browser preferences. But turning off cookies may result in a loss of functionality when using our website.
For further information regarding the GDPR go to: www.ico.org.uk