Policy key definitions:
“I”, “our”, “us”, or “we” refer to the business, Sky Siouki.
“you”, “the user” refer to the person(s) using this website.
GDPR means General Data Protection Act.
PECR means Privacy & Electronic Communications Regulation.
ICO means Information Commissioner’s Office.
Cookies mean small files stored on a users computer or device.
Processing of your personal data
Under the GDPR (General Data Protection Regulation) we control and / or process any personal information about you electronically using the following lawful bases.
I am registered with the ICO under the Data Protection Register.
I process your information in the following ways:
I rely on a number of legal bases to collect, use, and share your information, including: as needed to provide my services, such as when I use your information to fulfil your order, to settle disputes, or to provide customer support; when you have provided your affirmative consent, which you may revoke at any time, such as by signing up for my mailing list; if necessary to comply with a legal obligation or court order or in connection with a legal claim, such as retaining information about your purchases if required by tax law; and as necessary for the purpose of my legitimate interests, if those legitimate interests are not overridden by your rights or interests, such as providing and improving my services. I use your information to provide the services you requested and in my legitimate interest to improve my services.
Names and emails addresses securely stored with email marketing provider, Mailchimp.
Sharing your information
Information about my customers is important to my business. I share your personal information for very limited reasons and in limited circumstances, as follows:
- Service providers. I engage certain trusted third parties to perform functions and provide services to my shop, such as delivery companies. I will share your personal information with these third parties, but only to the extent necessary to perform these services.
- Business transfers. If I sell or merge my business, I may disclose your information as part of that transaction, only to the extent permitted by law.
- Compliance with laws. I may collect, use, retain, and share your information if I have a good faith belief that it is reasonably necessary to: (a) respond to legal process or to government requests; (b) enforce my agreements, terms and policies; (c) prevent, investigate, and address fraud and other illegal activity, security, or technical issues; or (d) protect the rights, property, and safety of my customers, or others.
Data retention period
Your individual rights
Under the GDPR your rights are as follows. You can read more about your rights in details here;
the right to be informed;
the right of access;
the right to rectification;
the right to erasure;
the right to restrict processing;
the right to data portability;
the right to object; and
the right not to be subject to automated decision-making including profiling.
You also have the right to complain to the ICO [www.ico.org.uk] if you feel there is a problem with the way we are handling your data.
I handle subject access requests in accordance with the GDPR.
Some cookies are required to enjoy and use the full functionality of this website.
Data security and protection
I ensure the security of any personal information I hold by using secure data storage technologies and precise procedures in how I store, access and manage that information. My methods meet the GDPR compliance requirement.
Transparent Privacy Explanations
I have provided some further explanations about user privacy and the way I use this website to help promote a transparent and honest user privacy methodology.
Email marketing messages & subscription
Under the GDPR I use the consent lawful basis for anyone subscribing to our newsletter or marketing mailing list. I only collect certain data about you, as detailed in the “Processing of your personal date” above. Any email marketing messages we send are done so through an EMS, email marketing service provider. An EMS is a third party service provider of software / applications that allows marketers to send out email marketing campaigns to a list of users.
Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, I.P addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations will show the activity each subscriber made for that email campaign.
Any email marketing messages I send are in accordance with the GDPR and the PECR. I provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences / the information I hold about you at any time. See any marketing messages for instructions on how to unsubscribe or manage your preferences, you can also unsubscribe from all MailChimp lists, by following this link, otherwise contact the EMS provider.
My EMS provider is Mailchimp. I hold the following information about you within our EMS system;
Subscription time & date
Although this website only looks to include quality, safe and relevant external links, users are advised adopt a policy of caution before clicking any external web links mentioned throughout this website. External links are clickable text / banner / image links to other websites.
The owners of this website cannot guarantee or verify the contents of any externally linked website despite their best efforts. Users should therefore note they click on external links at their own risk and this website and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Social media platforms
Communication, engagement and actions taken through external social media platforms that this website and its owners participate on are custom to the terms and conditions as well as the privacy policies held with each social media platform respectively.
Users are advised to use social media platforms wisely and communicate / engage upon them with due care and caution in regard to their own privacy and personal details. This website nor its owners will ever ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.
This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.
How to Contact Me
For purposes of EU data protection law, I, Sky Procter, am the data controller of your personal information. If you have any questions or concerns, you may contact me at firstname.lastname@example.org.