General Data Protection Regulation (GDPR)
2. What information is collected
Cookies are small pieces of data stored on a site visitor's browser, usually used to keep track of their movements and actions on a site. Cookies are implemented in every site built by Wix. Take a look at the table below to view which cookies Wix implements on Wix sites:
3. Personal Information
To fulfil your order, certain information will be required, such as your name, email address, postal address, details of the product that you are ordering and method of payment. Further personal information may be required, should you wish to provide it, in the instance of enquiring about a commission / custom order.
4. Why it is being collected
Name and address is required to send your order to you, or to the designated address.
Email address (or social media platform of your choosing) is required for notification of postage, and to provide you with tracking details, to provide support if needed, and to contact you in the instance of issues arising such as delays in delivery. Courier services require an email and telephone contact details to notify you of delivery dates / times or to get in touch about your delivery only.
Payment method is required in the event that a refund is required, and also for financial obligations e.g. Record keeping for tax returns. I do not see any of your card or bank details as payment is securely taken via Paypal or Stripe.
Visitor Analytics is a simple website analytics service which measures the traffic and general information of visitors to Twysted Roots website. Collecting these statistics, a website can make their visitors' experience better (e.g. which pages they visit and when, where they are approximately located, where does a user land first or if they are coming from a specific referral).
Basically, as a website owner using Visitor Analytics, we are using cookies to collect data about visitors' device type and screen size, approximate location, browser, OS, IPs, page visits, bounce rate, conversions and popular content on the website. All this data is pseudonymized and Visitor Analytics will never use the collected data to identify individual users or to match it with additional information on an individual user. Each visitor has control over the cookies placement.
You can view this site privately by opening it up in a private window / incognito mode in your browser if you do not wish to have tracking enabled.
5. Who it will be shared with
Minimal information will be shared only as required to fulfil your order (name, address, and purchase information required for shipping), or to fulfil my own legal requirements, such as tax returns.
Third party services I use are GDPR compliant
6. Data Retention
I retain your personal information only for as long as necessary to provide you with my services, or to comply with legal and regulatory obligations. By contacting Twysted Roots, you are giving direct consent for Twysted Roots to store your information as follows;
All records of payments made to Twysted Roots shall be kept for approximately 7 years. Paper records with identifying information e.g. postal receipts with tracking information, postcode and house number / name will also be kept for 7 years.
Private messages sent via Twysted Roots website, email or social media accounts will be kept for no longer than one month after the fulfillment of your order (delivered), or one month after initial inquiry if no purchase has been made.
Twysted Roots is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
All direct payment gateways offered by Wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
All devices (PC and mobile) used by Twysted Roots to access the internet are password protected and use real time and up to date Antivirus Software. Social media accounts, not limited to but including Twitter, Instagram, Facebook and Google are password protected and use two step authentication for additional security.
All paper records (postal receipts with tracking information) held are kept in a secure location.
8. Your Rights (summary)
The GDPR provides the following rights for individuals:
The right to be informed.
The right of access.
The right to rectification.
The right to erasure.
The right to restrict processing.
The right to data portability.
The right to object.
Rights in relation to automated decision making and profiling
What this means is I have to give you clear information about what data I collect and why, and how it is used (which is hopefully explained clearly above)
You, the user, have the right to ask me for this information and I will, if requested, provide you with it no later than one month after the request is made.
You have the right to ask for any changes to be made to the information I hold (eg you’ve given me an incorrect address to send your order to and have to change it) and the right to ask for any personal information to be deleted. This does not apply to information I have to keep by law to fulfil my own business obligations.
You have the right to complain if you feel I have not complied with any of this; more information can be found on the ICO website here https://ico.org.uk/for-the-public/
My contact details
Name: Clair Stewart, owner of Twysted Roots®
Telephone: 01840 214896