Privacy and Security Statement

Home / Privacy and Security Statement

Kate Sheridan take your privacy seriously and will only use your personal information to administer your account and to provide the products and services you have requested from us.

Kate Sheridan owns and manages this website. We regularly review and update our policies to monitor and deliver compliance with the General Data Protection Regulation 2016 (GDPR) and electronic communication regulations.

This privacy policy sets out how Kate Sheridan uses and protects any personal information that you give when you use this website or buy our products. We respect and protect your privacy. If we ask for information that enables you to be identified when using our websites, we will only use it in accordance with this privacy statement.

If we change this policy, which we may do occasionally, this page will be updated as appropriate. So to ensure that you are happy with any changes, you should check this page from time to time. This policy is effective from 18 May 2018.

If you have any problems or questions about this policy, please contact info@katesheridan.com

The GDPR gives specific rights to people with regard to their personal data and duties to those collecting and processing it as follows:

For those collecting data:

  • the data must be collected lawfully and transparently
  • it must be used only for the reason stated for its collection
  • data collection should be limited to that necessary data for the stated purpose
  • data must be kept accurate and up to date
  • data must only be stored as long as necessary for the purpose for which it was collected
  • data security and integrity must be maintained

Individuals providing data have the following rights:

  • the right to be informed of the data held
  • the right of access to that data
  • the right to rectification of any incorrect data
  • the right to erasure
  • the right to restrict processing
  • the right to data portability
  • the right to object; and
  • the right not to be subject to automated decision-making, including profiling.

This means that we will request explicit consent to the collection and holding of personal data and for processing it for specific purposes, as described below.

We may collect the following information:

  • name
  • contact information, including email address and telephone number
  • past order history

We collect the information in order:

  • to provide you with the goods and services you have ordered from us
  • internal record keeping and accounting, including legal obligations such as VAT numbers
  • to improve our products and services

On our website, we require you to make an account,so you can place orders more quickly. This allows us to see past order history, which occasionally allows for promotions based on longstanding loyalty. This is also important for any future enquiries about maintenance of products, to ensure goods have been legally aquired.

If you sign up for our newsletters, this is processed by the Mail Chimp database so we rely on their confirmed compliance for this, and check it regularly. You can find Mailchimps terms here and their pricacy statement here.

If you follow us on third party platforms such as Facebook, Twitter, Instagram or Pinterest, you will be relying on their data protection and not ours.

Managing your information

We do not pass any information we collect to anyone else for any purpose with the following exceptions:

  • to specific third parties such as Mail Chimp in order to deliver our newsletters, and we check with them that the data is secure and used only for the stated purpose and when you have given permission for your data to be used in such a way.
  • where legally obliged to do so

If we wish to pass on any information other than as above we will contact you first for your permission which you are entitled to refuse.

All customer orders are electronically stored on a webserver hosted by Shopify. This information can be accessed by Shopify technicians only with our expressed permission. It is also occasionally accessed by the company that built our website and who provide technical assistance - Albion, who are based in London. It is also   accessed by Kate Sheridan staff using encrypted connections to the internet. This access is subject to computer systems, which have encryption, anti-virus and malware protection measures, and back-up facilities. No past order information is passed onto anyone other than the specific customer to whom it belongs, unless requested by that customer.

Wholesale Supplier information is stored in paper format and in some cases digitally on password encryped computers and may be stored for a minimum of one tax year. We may not delete these entries unless explicitly informed that this required.

Transactions using bank information:

Data relating to payments we receive for products and services via bank transfer to our Barclays Bank Account  is held by the Barclay Bank and we rely on their confirmed compliance for this, and check it regularly. We also hold transactional data relating to orders placed in the store and online shop on an accounting system called Xero. Again we rely on their confirmed compliance for this, and check it regularly.

Payments received in our online store are processed either by Paypal or by Shopify Payments, which is powered by Stripe Payments. Your data will be protected by their respective systems.

Debit and credit card payments which are taken in the shop are processed by Worldpay. We undertake regular monitoring to comply with the PCI-DSS (Payment Card Industry Data Security Standard) system run by banks and payment processors to ensure this.

Payments can not be processed via email, so be sure to never send us any sensitive information in writing. We can take a payment over the phone if this is requested. In this case your details will be taken orally, and will not be written down. We can generate and send vat receipts for any retail payments taken via phone. No card data is stored.

Security

We are committed to ensuring that the information you give us is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures that safeguard and secure any information we collect online or instore through our till systems.

As keeping your information secure is very important to us, certain sections of the site may encrypt data using SSL or a comparable standard. But no data transmission over the Internet can be guaranteed as totally secure. As a result, whilst we strive to protect your personal information, we cannot ensure or warrant the security of any information which you send to us, and you do so at your own risk.

If we become aware of a data breach we will inform the Information Commissioner’s Office (ICO) and also notify anyone we believe may have been affected.

Cookies

A cookie is a small text file stored by your browser that is used to hold information related to your visit to our website. It may include shopping basket items and data that help us analyse web traffic.

Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

Overall, cookies help us provide a better website. They enable us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can accept or decline cookies. Most web browsers automatically accept them, but if you prefer you can usually modify your browser setting to decline cookies. But this may prevent you taking full advantage of the website and will cause some features to no longer work.

We use the information collected from cookies to compile reports. This allows us to improve the functionality of our website. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited. This information is used for statistical analysis purposes only. It is then removed from the system.

Links to other websites

Our website contains links to other websites, in particularily through our blog pages. Please note that once you have used these links to leave our site, we do not have any control over the other website. We cannot, therefore, be responsible for the protection and privacy of any information which you provide while visiting other sites not governed by this privacy statement. Please exercise caution and look at the privacy statement applicable to the website in question.

Controlling personal information

You may choose to restrict the collection or use of your personal information in the following ways:

– If you are signed up to the Kate Sheridan Newsletter, you can at any time choose to unsubscribe yourself by clicking unsubscribe at the bottom of any of our previously sent newsletters or by requesting it via email on info@katesheridan.com. You can also change your marketing preferences by clicking update preferences at the bottom of any previous newsletter, or by requesting a link to a form you can update by emailing us on info@katesheridan.com

We will not sell, distribute or lease your personal information to third parties unless we  are required to do so by law.

You may request details of personal information which we hold about you under the Data Protection Act 1998 and GDPR 2016. If you would like a copy of the information held on you please write to us at Kate Sheridan Ltd, 112 Lower Clapton Road, E5 0QR, UK. We are obliged to respond within a month

If you believe that any information we are holding on you is incorrect or incomplete, please write or email us as soon as possible. We will correct any incorrect information as soon as we can.

You may ask us to remove all information about you and we can do so, but once done, we will send you confirmation of this being completed, and we will hold a record to show that we have removed your information, which will therefore include your name and contact details for legal compliance reasons.

Please note the following definitions

Browser: A software application used to locate and display web pages

Cookie: A message given to a web browser by a web server. The browser stores the message in a text file called cookie.txt. Each time the browser requests a page from the server, this message is sent back. A cookie’s main objective is to identify users and personalise their visit by customising web pages. This means visitors will be welcomed by name when they next visit the site. A site using cookies will usually invite you to provide personal information including your name, email address and interests.