Effective from: 17th June 2019
We want our community to be confident that we are looking out for them so, when it comes to your personal data, we take our duty to respect and balance your rights with our obligations very seriously. That’s why we’ve taken time piecing together our Privacy Notice to make it as accessible as possible. It outlines how Piece it Together Design (‘we’): collect, use, disclose, transfer, store, retain or otherwise process your information when you interact with us.
You’re welcome to read the whole notice but if there’s a specific area you want information on we’ve provided the following links as an aid to help you navigate around:
Why do we have this notice?
As a business based in the European Union the main piece of law that concerns our use of data is the General Data Protection Regulation, which most of us in the UK know better by its acronym — GDPR. In a nutshell, the legislation requires that we must be careful, open and honest about how we handle your personal information, either provided to us yourself, or that we obtain from a third party in the normal course of our business.
Obviously it is a big job to check that all this data is being handled properly and the UK has an independent authority to oversee the process — the Information Commissioner’s Office. Their website explains what they do and provides further information about your rights and what we are required to do as a business.
No matter where you are in the world there will be rules relating to the use of data and the general principles will usually be the same. Of course, there will be some differences and every business has to consider its specific needs regarding privacy so we have provided some links below to our partner service providers who keep all our pieces in order at PiT Design.
What information do we collect about you?
If you want to order from us (and we hope you do!) then there is certain information you must provide so we can make sure the correct authentic PiT products get safely delivered to you. Some of this information is essential, such as: name, postal address, what you want to purchase and payment information. Other information, like an email address, telephone number or any specific requests you want to make, is optional but will often be requested as it helps us to ensure your transaction experience goes as smoothly as possible.
You probably noticed our ‘Cookie’ pop up when you landed on our site. Cookies are small pieces of data that websites store on your browsing device. Because other companies provide us with the services that means we can bring our website and social media accounts to you, they manage the cookies and the information helps them help us so we can help you, if that makes sense?
We’d love you to become a regular piece keeper, so if you create a customer account on our website we collect personal information to improve our checkout experience and customer service. This information may include your: billing and shipping address(es), order details, email address, name and phone number.
Over time, we hope you’ll want to stay involved with our community and there are different ways we might make this possible, for example by creating a newsletter or issuing specific product updates and notifications about promotions or competitions. If you’d like to be kept informed in this way then we will ask for suitable contact details so we can honour your expression of interest.
Now and again you might have questions, suggestions or want to take part in a competition or promotion we are running. We hope it isn’t a common occurrence but we also recognise that sometimes our customers might feel they need to make a complaint because, let’s face it, life just isn’t perfect and we’re only human (apart from Mags!).
That’s why, no matter what, we want you to feel confident that you can approach us and be listened to. The best way for us to be able to listen and respond effectively is by collecting some basic personal information about you such as your email address.
If you contact us via social media then, as part of that communication, you will have provided us with your profile name and photo – so only do that if you are comfortable with it.
Of course, if you’d prefer to remain anonymous then we respect your decision and you are still more than welcome to share your thoughts with us in whatever way you find comfortable.
How do we use your information?
The way we collect and use your information falls into one of four areas as defined by the GDPR:
Contract. This is information we need so that we can complete transactions with our customers, for example sufficient details to fulfil orders or issue refunds. The information we collect must be necessary for the purpose to which it is being used. For example, we may email you with messages about your order or account activity such as creation of a customer account, password changes, and order updates. This information is necessary for us to deliver our service to you so it’s not possible to unsubscribe from these messages.
Consent. If we offer you the opportunity to sign up to a mailing list, for example, then the information required for this can only be obtained and used with your express permission after being given accurate information regarding what you are agreeing to. You retain the right to withdraw your consent at any time by letting us know.
Legal Obligation. Sometimes there is a lawful obligation that requires the collection and use of personal information. This isn’t something Piece it Together Design should have to do very often but it is important that we let you know it is one of the ways we could use your information.
Legitimate Interests. As a business we are allowed to collect and use personal information where there is a legitimate interest for which it is proportionate to do so. We are always seeking to develop our products in a way that offers our community the chance to contribute and collaborate with us. Where individuals approach us with information, questions or concerns of relevance to our business and/or product development then we will collect and use their personal information to enable us to deliver effective customer service and satisfaction with what our business seeks to offer.
How do we share your information?
We already mentioned our partner service providers above. Without their expertise on all the technical things, Mags’ wool would straighten so we’re really grateful they’re around to help us maintain our meaningful relationship with you. Obviously they wouldn’t be able to support us unless we share limited pieces of personal information about our website visitors with them; the kind of information we’re talking about has been mentioned already.
In this section we want to give you a little bit more detail so you can be a clearer about this sharing. It isn’t realistic to list out every single occasion that sharing might take place so we are allowed to give you a general indication and if you have further questions then get in touch. Just so you know our main online service provider is Squarespace, our website hosting provider, and they also have their own very accessible privacy information. Without further ado, let’s get on and let you know how we share only the most necessary pieces of your information:
We share your cookie-related information with Squarespace so they can provide website services to us, not so we can get baking (although we do like a nice piece of rocky road)
We share your contact information with Squarespace so they can send transaction and account-related emails to you on our behalf.
Our website uses font files from Google Fonts and Adobe Fonts. To properly display the site to you, servers where the font files are stored may receive personal information about you, including: information about your browser, network, or device, and your IP address.
We share your contact and payment details with our secure payment providers, Stripe and Paypal so they can process payment and make sure we get your orders out promptly.
We share information about your browser, network, or device, and your IP address with our social media platforms when you engage with them through our site or social media accounts.
In the event of a dispute we may need to share some of your contact and transaction information with our cloud-based document storage providers, Google and Dropbox as this is where we store our correspondence.
Due to the international nature of our serivce providers, your personal information may be transferred to countries that do not have the same data protection laws as the country in which you initially provided the information.
How long do we retain your information?
The precise periods for which we keep your personal information vary depending on the nature of the information and why we need it. Factors we consider in determining these periods include the minimum required retention period prescribed by law or recommended as best practice, the period during which a claim can be made with respect to an agreement or other matter, whether the personal information has been aggregated or pseudonymized, and other relevant criteria.
You may delete your account by contacting us at email@example.com and we will arrange for deletion of the personal information it holds about you (unless we need to retain it for the purposes set out in this Notice).
Where applicable law requires (and subject to any relevant exceptions under law), you may have the right to access, update, change or delete personal information.
You can access, update, change or delete personal information (or that of your End Users) either directly in your account or by contacting us at firstname.lastname@example.org to request the required changes. You can exercise your other rights (including deleting your Account) by contacting us at the same email address.
You can also elect not to receive marketing communications by changing your preferences in your Account or by following the unsubscribe instruction in such communications.
Please note that there is likely to be a delay in deleting your personal Information from our systems when you ask us to delete it. We also will retain personal Information in order to comply with the law, protect our and others’ rights, resolve disputes or enforce our legal terms or policies, to the extent permitted under applicable law.
You may have the right to restrict or object to the processing of your personal information or to exercise a right to data portability under applicable law. You also may have the right to lodge a complaint with a competent supervisory authority, subject to applicable law. If you are subject to EU data protection laws, we suggest you lodge any such complaints with the Information Commissioner’s Office.
If we rely on consent for the processing of your personal information, you have the right to withdraw it at any time and free of charge. When you do so, this will not affect the lawfulness of the processing before your consent withdrawal.
Changes to this privacy notice
Because we want to make sure we are keeping up-to-date, we’ll update this Privacy Notice from time to time to reflect changes in technology, law, our business operations or any other reason we determine is necessary or appropriate. When we make changes, we’ll update the “Effective From” date at the top of this Notice. If we make material changes to it or the ways we process personal information, we’ll notify those whose information we hold.
Data Security and Our partner service providers’ privacy notices
While we accept that no service is completely secure, we trust that our service providers have dedicated data security teams in place and will act robustly in dealing with any identified data breach. Check out the specific privacy notices of a principal service providers via the links below:
If you need to contact us with any questions or concerns about data and privacy issues our address is: The Elsie Whiteley Innovation Centre, Hopwood Lane, Halifax, West Yorkshire, HX1 5ER, England.