Privacy Policy – Online gallery

OUR PRIVACY POLICY

X

The points below are in place to help protect customers data, meaning we comply with the new data protection laws that came into place on the 25th of May 2018. These are based around several key pillars which are referenced below but covered in significant detail on the ICO (Information Commissioners Office) website: www.ico.org.uk timduke-uk.com GDPR Policy.

1. Fair and lawful – We will retain the below listed information and no other data, only if agreed with customers on an individual basis with regard to our Newsletter mailing list: a. Name b. Address c. Telephone number d. E-mail address.

2. Why is data collected and what is it used for – The above data is obtained for the following reasons : a. To allow us to contact you by email (with unsubscribe) regarding news and offers b. We will never share this information with anyone else, it is kept private for our business use only.

3. Data Adequacy and Data minimisation – We will not contact customers to ensure data is accurate, as this is considered an intrusion.

4. Data Accuracy – Our Data retention periods are listed below, based on types of data a. All customers’ data as listed at point 1 will be retained indefinitely unless removal is requested b. Card details are encrypted if paying online – we do not have access to this information. If paying over the phone, your card details are destroyed as soon as the transaction is authorised.

5. Data Retention – All customers data is stored in either of 2 ways : a. Electronically by means of email correspondence or securely stored in a non-networked storage system.

6. Right of Individuals – Tim Duke ensures that our GDPR policy is complied with and in turn that GDPR is followed to protect customer’s data. He will annually audit these processes.

7 Appropriate Technical and Organisation measures to be taken to ensure there is no unlawful processing of data – Customers can request in writing to review the personal data held about them. Requests will be complied with within 60 days of receipt of such a request. Such a request can only be supported with regards information directly relating to the individual making a request. Requests must be put into writing to Tim Duke@TIM DUKE ORIGINALS.

8. We have the right to amend these terms and conditions in line with audit findings and any GDPR changes made by the ICO.

• • • • •