Skip to main content

Privacy policy

The Maker’s Atelier values its customers and respects their privacy. Any information about you is held with the utmost care and security.

 

Who We Are

This Privacy Policy explains our privacy practices in relation to The Maker’s Atelier's operations ("the Services") which is operated by The Maker's Atelier Limited, a company incorporated in England and Wales under company number 08822142 ("we", "us", "our"). Our website is at www.themakersatelier.com ("our Website").

In order to provide our Services and Website to you and to promote our business, we will need to collect and process certain information about you. We are committed to protecting the privacy of our customers in accordance with applicable data protection laws, including the General Data Protection Regulation (together, "Data Protection Laws").

Contacting Us

If you have any questions at all about this Privacy Policy, our Services or Website, or about how we use and process your personal information, please contact us by email at info@themakersatelier.com or, alternatively in writing to: The Maker’s Atelier Ltd, PO Box 5407,
Brighton, BN50 8HA. The nominated person in charge of privacy at The Maker's Atelier is Frances Tobin.

Changes To This Privacy Policy

Changes to this Privacy Policy will be posted on this page and/or elsewhere on our Website, as appropriate, so that you will be aware of the information we collect and how we use it at all times. You are asked to read this regularly so that you are satisfied with the privacy conditions under which we provide our Services and Website to you.

Our Role

Under applicable Data Protection Laws, we will be the “data controller” of the personal information that we collect about you in connection with your use of our Services or Websites.

When We Collect Information

We will collect personal information about you in these circumstances:

  • When you create an account or fill in forms on our Website
  • When you contact us by phone, email or otherwise interact with us or provide information to us
  • When you place an order any Services or products, or make a booking
  • When you subscribe to notifications, emails, newsletters or other communications
  • When you redeem a benefit, enter a promotion, competition or survey
  • When you submit payment information to us
  • When you visit our Website

What Information We Collect

We may collect the following types of personal information about you:

  • Your name
  • Telephone number
  • Email address
  • Delivery address
  • Other information relevant to your order or booking or use of our Services
  • Some limited demographic information relevant to our Services
  • Payment card details - All payment details are collected by Global Payments (see Third Parties We Work With).
  • We may also derive some information about you when you visit our Website or open emails that we send to you, including general user information about your computer and your visits (including your IP address, location, browser, operating system, referral source, length of visit and the pages you visit). This information can be facilitated by cookies (see our Cookies policy below)

If you have registered with us online, you can at any time change and update the information you have provided to us by logging into 'My Account'.

How We Use Your Information

We may use your information in a number of ways, including:

  • Identifying you and managing your account and relationship with us
  • Processing your orders and bookings and notifying you of the status of any orders or bookings
  • Sending you newsletters and notifications you have subscribed to
  • Discussing and advising you in relation to your use of our Services and Website
  • Notifying you of changes to our Services and applicable legal terms, including this Privacy Policy
  • Enhancing and improving our Services and Websites
  • Promoting our similar goods and services to you and inviting you to events, unless you opt out at any time
  • Managing our business, including for accounting and auditing purposes
  • Maintaining our Website and IT systems
  • Dealing with any complaints or legal disputes involving you or our suppliers
  • Preventing fraud

Lawful Basis On Which We Use Your Information

We will only ever use your personal information as permitted under Data Protection Law, which means one or more of the following will always apply:

  • To perform our contractual obligations
  • To comply with our legal and regulatory obligations
  • In pursuing our legitimate interests or those of a third party (for example, conducting our business in an efficient and compliant manner) and where your interests and fundamental rights do not override these interests
  • Where you have given clear and valid consent to such use.

We do not sell or share your personal information with third parties for their own marketing purposes.

Cookies

Our online ordering system uses cookies to record a unique reference on your computer. This means that we can recognise your computer when you access our Website and log into your account with your username and password. We will not use cookies without your prior consent. The use of cookies allows us to remember the goods that you placed in your shopping bag and saves you having to enter the basic contact information that you provided us with on the setting up of your account. Our cookies do not remember your credit card details. You may experience technical difficulties in using our Website if you have disabled cookies. If you have disabled JavaScript, you will not be able to use our Website. You can alter your cookie and JavaScript settings in your browser’s preferences, which is usually found in the Edit menu.

Third Parties We Work With

From time to time we may retain the services of other carefully selected partners and suppliers to perform functions on our behalf, which may involve sharing your information with them. Examples of these functions would include third parties involved in:

  • assisting us to process your orders
  • authorising and validating credit or debit card transactions (we use Global Payments Inc for this - www.globalpaymentsinc.com)
  • providing other payment gateways (we use www.Paypal.com)
  • delivery services
  • website hosting and support
  • newsletter distribution (we use Mailchimp for this - www.mailchimp.com)
  • invoicing (we use www.xero.com), accountancy and legal services
  • These third parties may be provided with access to your personal details in order to fulfil their main function but we will contractually restrict them from using such information for any other purpose.

 

In addition, we may disclose your personal information to third parties in the following situations:

  • To our regulators and law enforcement agencies
  • In the context of a possible sale or restructuring of our business;
  • If we or substantially all of our assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets on the same terms and conditions as herein;
  • If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms and conditions or other agreements; or to protect the rights, property, or safety of us, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

All third parties are required to respect the confidentiality of your personal information. They are required to take appropriate security measures to protect your personal information. We do not allow them to use it for their own purposes, but only as we specify and in accordance with our instructions.

Third Party Sites And Services

Our Website may contain links to third party websites. Please be notified that we cannot be held responsible for the privacy practices of other websites. We encourage all visitors to be aware and read the privacy statements of each and every website that collects personally identifiable information.

Where Your Information Is Stored

Your information will be held at our offices in Brighton and our Website is hosted in Dublin, Ireland.

Transfers To Third Countries And Safeguards

In the unlikely event that we need to transfer any of your information to other countries or international organisations, we would only do so if they are deemed by Data Protection Laws to have adequate privacy protection or recognised legal mechanisms are in place to ensure adequate protection of your information (e.g. EU Model Contract Clauses or EU-US Privacy Shield or Swiss-US Privacy Shield frameworks). Any international transfers of your personal information will also be subject to binding privacy and confidentiality terms enabling us to ensure compliance with this Privacy Policy. You may request further information on any such international transfers from our Data Protection Officer at any time.

How We Keep Your Personal Information Safe

We will safeguard your information in our custody. We have developed and will maintain adequate security procedures to safeguard personal information against loss, theft, copying, and unauthorised disclosure, use or modification. Access to personal information is restricted to employees and authorised individuals and companies who need it to perform their work. We also regularly review our information collection, storage and processing practices, including physical security measures, to guard against unauthorised access to systems.

Retention Of Records

We will do our best not to keep your personal information for longer than necessary to facilitate your use of the Services and Website, other than as required by law. We will regularly review the information that we hold and delete unnecessary information from our systems.

Unless you request otherwise, we may retain information that will make providing our Services and Website to you more convenient and safer, such as your previous orders, but you have the right to ask us to delete any information that we hold about you – see the Your Rights section below.

When your personal information is no longer required, it will be destroyed either by shredding or other approved destruction methods to prevent unauthorised parties from gaining access to the information during and after the process.

Your Rights

You have several rights as a data subject as summarised below:

  • Access: You have the right to obtain confirmation as to whether your personal information is being processed by us and, if it is, to access your information and details of how we process it, as long as this does not adversely affect the rights and freedoms of others.
  • Rectification: We will rectify any errors in the personal information we hold on request.
  • Erasure: You may ask us to erase your personal information from our systems in the following situations:
    • The information is no longer necessary in relation to the purpose for which it was collected;
    • You withdraw your consent on which the processing is based and where there is no other legal ground for the processing;
    • You object to the processing and there are no overriding legitimate grounds for the processing;
    • The information has been unlawfully processed;
    • The information has to be erased for compliance with a legal obligation to which we are subject.
  • Right to restrict processing: You have the right to restrict our processing on specified grounds.
  • Notification: Where you have asked us to rectify, erase or restrict processing of your information, we shall communicate the same to each recipient to whom your information has been disclosed, unless this proves impossible or involves disproportionate effort, in which case we shall let you know.
  • Data portability: You have the right in specific circumstances where processing is based on consent to receive your information in a structured, commonly used and machine-readable format and have the right to transmit the information to another controller without hindrance, provided that our processing is carried out by automated means.
  • Right to object: In certain circumstances you have the right to object to our processing of your information, including in relation to profiling, direct marketing or scientific or historical research purposes.
  • Right to complain to a supervisory authority: You are entitled to lodge a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk in relation to our use of your personal data.

You also have the right to object to automated decision-making, including profiling, but we do not use your information for these purposes.

How To Exercise Your Rights

To exercise any of your other data subject rights, please contact us (see Contacting Us above):

  • You may request a copy of information undergoing processing, subject to evidence of your identity (normally a certified copy of your passport plus an original copy of a utility bill showing your current address). The first copy shall be provided without charge, but reasonable administration fees shall be charged for additional or subsequent copies.
  • We shall respond to your requests without undue delay and in any event within one month unless we need to extend such period by up to two further months in specific circumstances.
  • Please note that if you delete or restrict your account or required information, this may prevent you from making full use of our Services or Website.

What Happens If A Data Breach Occurs

Whilst we endeavour to keep your personal information safe, we have an internal investigation procedure in case of data protection security breaches.

In the event of data theft, we may suspend access to our servers, emails and online systems and take other urgent steps to prevent further unauthorised access to information.

If we believe that our data has been compromised, we will report the issue to the Information Commissioner's Office (ICO) at www.ico.org.uk.

We will notify you without delay if we believe a data breach is likely to result in a significant risk to your rights and freedoms. Any notification will describe in clear and plain language the nature of the personal data breach and contain all required information.

DO NOT REMOVE