Receive £10 off your first order when you subscribe to the tribe

Privacy

DATA PRIVACY NOTICE


This Privacy Notice explains the types of personal data we may collect about you when you interact with us. It also explains how we store and handle that data, and keep it safe.

1. WHO WE ARE AND WHAT WE DO

We are an online company which specialises in the production and sale of bespoke and specialist maternity wear.

2. THE FIRST POINT OF CONTACT FOR DATA PROTECTION

If, at any point in your relationship with Wandering Eve you have a concern or any comment about data pro-tection please contact enquiries@wanderingeve.co.uk

3. WHY WE PROCESS DATA

Wandering Eve use personal data so that we can run our on line business - we need contact information so that we can communicate with our clients and suppliers. When you place an order or we buy for example material for our products we will also process limited financial information.

From time to time and limited to either those who have asked us to contact them with information
or customers we are undertake email marketing to.

4. LEGAL BASES FOR PROCESSING YOUR DATA INCLUDING ANY EXPLANATION OF LEGITIMATE INTERESTS

The law on data protection sets out a number of different reasons for which a business may collect and pro-cess your personal data. Some of these reasons, set out below, are the bases we have for processing your personal data:

Contractual obligations
In certain circumstances, we need your personal data to comply with our contractual obligations for example when we:
• deliver our maternity products to you, or
• to enter into contract with you to supply us with goods or services

Legal obligations
If the law requires us to, we may need to collect and process your data.
For example we are obliged to retain certain information for HMRC reporting purposes or to comply with other legislative provisions

Legitimate interest
In particular circumstances, we require your data to pursue our legitimate interests in a way which might rea-sonably be expected as part of running our business and which does not materially impact your rights, free-dom or interests.

For example, we retain customer, client and supplier information for 10 years after any interaction so that we can always maintain a good working relationship with people

We may also use customer address details to send newsletters and information telling you about products and offers that we think might interest you

Consent
Sometimes we collect and process your data with your consent.

For example, when you tick a box to receive email newsletters.

When collecting your personal data, we always make clear to you which data is necessary in connection with a particular service.

5. WHEN WE COLLECT DATA

Wandering Eve collects data from you at various points in our journey with you:

• Our website collects certain information including: your email address if you sign up for our newsletter or contact details when you place an order with us.
• When you purchase our maternity wear products we will process your contact details so that we can de-liver the item to you and telephone number so that we can keep in contact with you about the order. We also process limited financial information so that we can take payment for our products
• We also store email addresses in order to respond to any queries from our customers and suppliers or any other enquiry.

6. WHAT DATA WE COLLECT

• Contact information including: name, address, phone number, email address
• Limited financial details so that we can issue invoices, make and receive payments
• On occasion and when supplied by our customers we may process (for a very limited period of time) in-formation about the stage of your pregnancy and due date of birth of your baby (babies) so that we can be sure that you are receiving the best service from us. We only do this if a customer explicitly asks us to retain that information
• Our website uses cookies. A cookie is a small file of letters and numbers that we put on your computer if you agree. These cookies allow us to distinguish you from other users of the website which helps us to provide you with a good experience when you browse our website and also allows us to improve our site.

For example, the cookies we use are ‘analytical’ cookies. They allow us to recognise and count the num-ber of visitors and to see how visitors move around the site when they’re using it. This helps us to im-prove the way our website works, for example by making sure users are finding what they need easily and by helping you enter our site without having to re-login.

7. HOW WE USE YOUR PERSONAL DATA

We process data for a variety of reasons. Each of these relate to the running of the business and giving our customers or clients the best experience possible.

• To process orders and fulfil contracts
• To reply to any queries or questions you may have
• To communicate with you where necessary and to send newsletters to customers and those signed up to receive newsletters
• To comply with legal requirements such as HMRC reporting
• To maintain good ongoing customer/client and business relationships

8. HOW LONG WE KEEP YOUR PERSONAL DATA

Whenever we collect or process your personal data, we only keep it for as long as is necessary for the pur-pose for which it was collected.

At the end of that retention period, your data will be deleted completely

Some examples of our data retention periods:

Purchases and Services
When you place an order or buy one of our products or services we keep the personal data you give us for 10 years so we can comply with our legal, contractual obligations and retain a good relationship with you should you need any further product or services have any future queries.

Suppliers
For individuals who are supplying us with products or services we retain your personal information for a pe-riod of 10 years so that we can, if necessary, contact you again and continue our business relationship with you

We are also obliged to retain certain transactional information for 7 years to satisfy accounting rules

9. HOW WE KEEP YOUR DATA SAFE

We are aware of the need to maintain the correct and highest level security when processing your personal information. We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way.

We take the following steps to maintain the security of your personal information:
• Shopify keeps information in systems that are secure, • for on line transactional information we use shopify which gives 128-bit SSL encryption ensuring your critical data is always secure”
• We limit access to your personal information to those who have a genuine business need to know it.
• we have password protected systems
• we maintain firewalls and anti-virus software
• any data which is accessed off site or on a mobile device is kept locked when not in use and never left unattended

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

10. WHO WE SHARE YOUR DATA WITH

We sometimes share your personal data with trusted third parties which act only on our instruction (known as “data processors”).

Data processors might be, for example, our 3rd party apps such as Mailchimp, delivery drivers or those com-panies who store data for us for example Google / Apple / Microsoft:

Where we share information with these companies or individuals we make sure that they also keep your da-ta secure and that they also protect your rights. To this end we make sure that:
• We provide only the information they need to perform their specific services.
• They may only use your data for the exact purposes we specify in our contract with them or where their terms and conditions of processing contain the correct data processor clauses under GDPR
• If we stop using their services, any of your data held by them will either be deleted or rendered anony-mous.

Sharing your data with third parties for their own purposes (“joint controllers”) eg HMRC, ac-countants, legal advisors:

We will only do this in very specific circumstances, for example:
• With your consent
• Where we have a contract in place with the other party
• Where we are obliged to share the information for legal reasons

11. WHERE YOUR DATA IS PROCESSED

We do not transfer data outside of the EEA or to a country that has an adequacy decision or a company that is registered under the EU- US Privacy Shield

From time to time we may pass personal data such as your name and email address to other services that we use to send out newsletters and other communications (both electronic and print).

However, your personal data will remain in the EU or countries considered by the EU to have equivalent pol-icies such as Jersey, Guernsey, Switzerland, New Zealand and Canada. Companies based in the USA that have certified with the EU-US Privacy Shield programme are also considered to be permitted destinations by the EU (this includes popular US products like Gmail, DropBox and MailChimp & Shopify).

12. YOUR RIGHTS AND WHO TO CONTACT

You have the following rights, which you can exercise free of charge:


Access:    The right to be provided with a copy of your personnal data
Rectification:   The right to require us to correct any mistakes in your personal data
To be forgotten:   The right to require us to delete your personal data - in certain situations
Restriction of processing:   The right to require us to restrict processing of your personal data—in certain circumstances, eg if you contest the accuracy of the data
Data portability:   The right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations
To object:   The right to object:
—at any time to your personal data being processed for direct marketing (including profiling);
—in certain other situations to our continued pro-cessing of your personal data, eg processing carried out for the purpose of our legitimate interests.
Not to be subject to automated individual decision-making:   The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you.


If you would like to exercise any of those rights, please contact us by

Victoria Cobban enquiries@wanderingeve.co.uk

OTHER RIGHTS

Your right to withdraw consent
Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent. You can do this by contacting
enquiries@wanderingeve.co.uk

Where we rely on our legitimate interest
In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation.

We will then stop processing your information unless we believe we have a legitimate overriding reason to continue processing.

Direct marketing
You have the right to stop the use of your personal data for direct marketing activity through all channels, or selected channels. We will always comply with your request. To ask us to stop direct marketing please contact: enquiries@wanderingeve.co.uk

Checking your identity
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice.

For us to check your identity please:
• let us have enough information to identify you [(eg your full name, address and client or matter refer-ence number)];
• let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill); and
• let us know what right you want to exercise and the information to which your request relates.

If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.

If we choose not to action your request we will explain to you the reasons for our refusal.

Your right to contact the ICO

If you feel that your data has not been handled correctly, or you are unhappy with our response to any re-quests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.

You can contact them by calling 0303 123 1113.

Or go online to www.ico.org.uk/concerns (opens in a new window; please note we can't be responsible for the content of external websites)

If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in your country of residence

You also have the right to take to seek a judicial remedy