As a small business, dealing with you, the customer, I am aware that under the General Data Protection Regulation (GDPR) and the Information Commissioners Office (ICO) I need to be transparent about what personal information I hold on you, where I got your information, who I share your information with, how I store your information when not in use, how long I keep your information for and how I dispose of your information once finished with it, also that you have the rights to access or request erasure of your information.
What information do I hold? In this privacy notice ‘personal information’ refers to: Full name of customer First name of customer’s child/ren, pet Age of child/ren on the date of the appointment. Email address supplied by customer Photographs/images supplied by customer Photographs taken of your customised order
Where do I get your information from? You, the customer, is the only avenue I use to retrieve personal information, after the initial contact from you, the customer, I will ask for sufficient information to fulfil your customised order, as a legitimate interest.
How do I use your information? Your full name will be added to my appointments dairy, receipt book and income data sheet. Your child/ren’s or pets name and age will be added into my receipt book and I will transfer it onto the customised order and packaging, which you will receive the only copy of when it is complete. Your email will remain in my inbox (Hotmail) and will not be transferred anywhere. Photographs sent via email, through my Facebook business page or via private messenger will be viewed on my phone or downloaded onto my laptop and may be used within my social media or on my website. I will use your email address or Facebook messenger to send photos of your customised order. I will take photographs of the customised order, using either my personal camera or my personal mobile phone and use the photographs on my social media and on my website, using first names and ages provided, as identification of the order.
Who has access to your information? As the sole owner of Handmade by Jesie: Too Precious To Forget, I am the only person to have access to the information you have supplied. I may be requested to share my income and expenses information which may include your receipts with HMRC.
How is your information stored? Your name is stored on paper in my appointment diary, in my receipt book and in my accounts book, which is kept securely either within my home or in my studio. Your name will also be stored online, via my Facebook business page or Hotmail email.
Your child’s name and age will be stored on paper in my receipt book, which is kept securely within my studio.
Your email address is only held via my online email server Hotmail.
Your photographs and my photographs of your customised order will be stored on Facebook messenger and within the email you sent to me and on my personal laptop which is kept securely in my home and is password protected. Although I will strive to protect your information the internet is not 100% secure so I cannot guarantee online security, the risk is minimal, and any breeches will be identified and dealt with according to ICO guidelines.
How long do I keep your information for? Your name, email and Facebook communication will be kept either on paper or in online form until consent is withdrawn, as this will enable me to work with your again
Your name will be kept in my receipt book and in my account book with the legal basis of ‘legal obligation’ for tax reasons for 6 years.
Your child’s name and age will be kept in my receipt book with the legal basis of ‘legal obligation’ for tax reasons for 6 years.
Your photographs that you supply me and photographs I have taken myself of your customised order will be kept on my laptop, on my social media or website until consent is withdrawn.
How do I dispose of your information? Once your information is no longer required or your consent is withdrawn, all information in paper form will be shredded and online and digital data permanently delated.
You, the customers, rights. Under GDPR you have the right to be informed about the information I hold, to access this information, to request erasure of information, restrict processing and to remove information, Handmade by Jesie: Too Precious To Forget will of course, comply according to the law.
If you have any questions or issues, please contact me via my Facebook business page or via email [email protected]