Search

Your Cart

Your cart is empty 😔
Total: £0.00
Due to technical difficulties, we are unable to process orders for a short time.

PRIVACY STATEMENT

Date updated: 10th September 2018

SECTION 1 - WHAT DO WE DO WITH YOUR INFORMATION?

When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address.

When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.

Orders and Invoices

When you place an order through our website, the invoice is stored on EKM’s platform. Invoices are stored indefinitely on this platform by default to enable us to locate information relating to your order at a later date if needed. For example, if a refund or replacement is necessary, we would then be able to locate the order in question to confirm any details. If you wish, we can delete invoices that are stored in EKM. For more information about the service that EKM provide us, please see Section 4.

Email Marketing

With your consent, we may send you emails about our store, new products and other updates. We use the MailChimp platform to create and send our email marketing emails with a double opt-in system. The double opt-in means that after you have signed up, you will then receive an email asking you to click a link to verify your subscription.

If you sign up to our mailing list, you will be asked for your first name, last name, an email address, your birthday and what type of email communication you give consent for us to send to you. You are not required to provide your date of birth in order to sign up, this is simply so we can send you a birthday special offer if you wish us to do so. MailChimp stores the date, time and the IP address that you subscribed from to help us log your consent. Details of orders that you have placed (value and contents) may be shared with MailChimp for analytics, and, if applicable, remarketing purposes.

You will receive an email shortly after subscribing asking you to confirm your consent for us to send you email newsletters. All of our email newsletters will have a link at the bottom to allow you to unsubscribe from the list or manage your information at any time.

As MailChimp are a third party service, you may wish to read through their Privacy Policy and Legal Terms.

MailChimp is based in the United States and therefore information you supply us for the purposes of email marketing is sent to and stored in the USA. MailChimp adhere to the Privacy Shield Principles. Privacy Shield was set up by the US Department of Commerce, European Commission and Swiss Administration to provide companies on both sides of the Atlantic with a mechanism to ensure compliance with data protection laws when transfering data from the European Union and Switzerland to the United States. You can find out more about Privacy Shield and what it means for your data here.

Couriers

Under the definition of legitimate interest, your address, name and if required, contact information are entered into Royal Mail’s Click & Drop platform to enable us to complete your orders. This platform enables us to create postage labels for our orders with the delivery information that you provide. The information is stored within the platform indefinitely as it allows us to refer back to tracking information and dispatch dates if the need should arise, for example, in the case of an undelivered order. You can request that we delete the personal information associated with your specific order(s) within the platform. As this is a third party system, you may wish to view Royal Mail’s Privacy Policy.

With parcels that weigh more than 2kg, we may send these via DPD as opposed to Royal Mail. In these cases, your address, name and contact information will be provided to DPD for the processes involved in delivering your order. As DPD is a third party provider, you may wish to view their Privacy Policy.

SECTION 2 - LAWFUL BASIS FOR DATA PROCESSING

Under the definitions outlined in the General Data Protection Regulation (GDPR), we process information under the lawful bases of Consent, Contract and Legitimate Interest.

Contract

When you place an order on our website, or, begin to and abandon the basket, arrange a delivery or request to return a purchase, we process your information under the definition of “Contract” (the sale or request for a quote, services or information relating to a sale). This means that the information you give us, such as billing information, delivery information and contact information is necessary for us to provide you with a service, and this is how it is used by ourselves and it shall only be shared when necessary to fulfill our end of the contract, for example, with Royal Mail for the purposes of delivering your order. Your delivery information is required for us to complete delivery of your order, and your contact information will only be used in relation to order or delivery updates. If we wish to use your information for other purposes, we will ask for your consent.

Legitimate Interests

After you have placed your order and we have fulfilled it, invoices containing the details of what you have ordered, your address(es) and contact information are stored on the EKM system. This allows us to refer back to the information at a later date if necessary for a return, refund or other query you may make relating to your previous orders. In this sense, we store this information because we have a Legitimate Interest in doing so.

Consent

When it comes to secondary purposes, such as marketing, we will always ask for your consent with a positive opt-in action. Our email marketing activities (using MailChimp’s platform, see Section 1 for more information) will always ask for consent and then reaffirm this with the use of a confirmation opt-in email.

Our site also features a Cookie Banner to make you aware that we use cookies when you first click onto our website. If you agree to our use of cookies, you can click “Accept” on the banner, and carry on shopping or browsing as usual. To find out more on our use of Cookies and how you could decline their use, please view our full Cookie Policy.

How do I withdraw my consent?

If after you opt-in, you change your mind, you may withdraw your consent at any time. If the withdrawal is specific to our email marketing activities, you can do so by clicking through here, and entering the subscribed email address.

If the withdrawal request relates to information that is stored about you as a customer outside of email marketing purposes, please send us a request to info@fotografixx.co.uk or by post to:

Fotografix
[Re: Privacy]
46 Richard Hillary Close
Ashford
Kent
TN24 0SF

SECTION 3 - DISCLOSURE

We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.

SECTION 4 - EKM

Our store is hosted by EKM. They provide us with the online e-commerce platform that allows us to sell our products and services to you.

Your data is stored through EKM’s data storage, databases and the general EKM application. They store your data on a secure server behind a firewall.

SECTION 5 - THIRD-PARTY SERVICES

In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.

However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions. For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.

In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, such as PayPal, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located. Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.

Links

When you click on links on our store, they may direct you away from our site. Where necessary, we encourage you to read their privacy statements.

Google

We use a variety of Google’s services to help us run our website and to find ways that we can improve our service. The services we use include Google Tag Manager (used to inject code and cookies into our website), Google’s AdWords (advertising services) and Google Analytics. During some shopping activities on our site, you may encounter forms that are provided by Google Forms. We use these forms to collect information from you that we need to provide you with the requested service, for example, a wedding stationery package quotation. If you do not want to submit your information through these forms, you are more than welcome to send us an email instead to info@fotografixx.co.uk.

Our website uses Google’s Analytics service to track our visitors behaviour whilst they are shopping or browsing on our site. From the 25th May 2018, our Google Analytics account will only retain any user data for 14 months. Any data that reaches this 14 month point will be automatically deleted by Google, from the Google servers, once a month. To find out more about how Google store and safeguard data, including data stored in Analytics, you can view the information here.

You can find out more about Google’s Ad services here and you can manage your preferences relating to Google’s Ads online at https://adssettings.google.com/.

HotJar

We use HotJar’s service to allow us to understand how our website is used. Hotjar is a technology service that helps us better understand our users experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices (in particular device's IP address (captured and stored only in anonymized form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), preferred language used to display our website. Hotjar stores this information in a pseudonymized user profile. Neither Hotjar nor we will ever use this information to identify individual users or to match it with further data on an individual user.

As HotJar is a third party service, you may wish to find out more about them and what they mean for your data. We would recommend that you read their Privacy Policy, Cookie Information and GDPR Commitment to find out more. If you wish to opt out of being tracked through HotJar’s service across every website you visit, you can do so on their website here.

TypeForm

We use TypeForm to create forms within our website including the proofing forms for our wedding stationery ranges. The information that you provide within a Type Form will only be used for the purposes we describe in the form and will not be used for a secondary purpose.

TypeForm are based in Barcelona, Spain. TypeForm guarantee that they will only transfer data to sub-processors that have signed their Data Privacy Agreement and are Privacy Shield accredited to ensure compliance with GDPR. As TypeForm are a third party, you may wish to read their Privacy Policy and Terms of Use for more information on how they handle their data.

HubSpot

We use HubSpot’s service to create forms within our website that are used by our visitors to get in touch with us, request quotes for custom work and to request more information. The information submitted through these forms is stored in HubSpot. Our HubSpot service allows us to manage contact we have with our clients and contacts. Any information you give us that is stored within HubSpot will only be used for the purposes we describe at point of collection. If we want to use any of your information for an additional purpose, we will always get consent for this separately.
Sometimes it may be necessary for HubSpot to send information outside of the EU. When this is necessary, HubSpot are certified under the EU-US and Swiss-US Privacy Shield Framework. You can view their information on the Privacy Shield site here. As HubSpot are a third party service, you may wish to read their Privacy Policy. This can be found online here.

SECTION 6 - PAYMENT GATEWAYS

PayPal

If you pay through PayPal Express, you will be taken to a PayPal hosted system to complete the payment. For more insight into PayPal’s service, you may wish to read their User Agreement, Privacy Policy or their Legal Terms.

Klarna

If you choose to pay through Klarna, your information will be processed through their gateway in accordance with their own policies. To find out more about Klarna’s service, you may wish to view their privacy policy and terms of use.

SECTION 7 - SECURITY

To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.

When you browse or place an order on our website, your data is protected through a secure socket layer (SSL). Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.

Your data is stored in EKM’s (our e-commerce provider) datacentre.The EKM platform and its content and databases are located on our own servers, housed within a secure datacentre in Manchester which is ISO27001 and PCI-compliant, and has BS5979 security on-site.

SECTION 8 - SOCIAL MEDIA

Fotografix has and uses profiles on a variety of social media platforms, including but not limited to Facebook, Twitter and Instagram. When you follow us or interact with us on these platforms, you are agreeing to the privacy policy and terms of use of the individual social media platform.

Any information that you provide us with, for example about your order or a query you have through these platforms will be processed according to the policy laid out here. We strongly recommend that if you do contact us through a social media platform about an order or a query that involves giving us personal information, that you do so through the private messaging facility (where possible) to prevent your data being open to the public.

When you leave our social media accounts to visit either our website or a marketplace that we list products on, you agree to be bound by our respective Privacy Policy and any applicable to the platform in question, for example, Amazon’s terms of service.

SECTION 9 - COOKIES

Our site uses cookies to improve the performance and functionality of our website as well as to provide us with analytics data relating to how our website is used by our customers. To read our full policy on which cookies we use and what they are for, please read our separate, full Cookie Policy.

SECTION 10 - AGE

We do not market our site or services to those under the age of 16, and therefore we request that individuals younger than 16 do not use our services or submit information through our site.

SECTION 11 - CHANGES TO THIS PRIVACY POLICY

We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it. If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.

SECTION 12 - INDIVIDUAL RIGHTS

The General Data Protection Regulation (GDPR) reaffirms the rights that individuals have relating to their data. In this section, we clarify these and how you can go about taking advantage of these Rights with relation to our website and activities.

Rights to Access, Right to Rectification and Right to Erasure

Orders and data that we have stored about our customers can be edited or deleted where necessary. Customers will also be able to manage their preferences and any information stored about them within our email marketing automation platform, MailChimp. For more information on MailChimp, please see Section 1.

Right to Restrict Processing

Under the GDPR, you have the right to request that ongoing processing of your data ceases. Under the definitions of the GDPR, the only data we process in an ongoing fashion is for our e-mail marketing activities. If you make this request, we will, to the best of our ability and under the guidelines of the GDPR, cease processing your data without actually removing it from our MailChimp database.

Right to data portability

In some circumstances, you can request that we provide you with your personal information in a structured, commonly used and machine readable format. The data that is stored in both our EKM and MailChimp databases can be exported as a CSV file. If you request this to be supplied to yourself or transferred to another provider of a similar service to us, we will comply with such a request as far as is technically feasible.

Right to object

Under the definitions outlined in the GDPR, you are entitled to object to processing of your data. As soon as an objection request is received, all processing will cease for all bar necessary processes. For example, if you have objected to processing but have placed an order that has not yet been fulfilled, all processing related to secondary purposes will cease, but processing of the order (including arranging delivery) will continue unless you request we cancel the order too.

QUESTIONS AND CONTACT INFORMATION

If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact us at info@fotografixx.co.uk or by mail at

Fotografix
[Re: Privacy]
46 Richard Hillary Close
Ashford
United Kingdom
TN24 0SF