Fragrant Alchemy Ltd / Karen Gilbert / Online Perfume School
Last updated: April 2018
YOUR PRIVACY IS IMPORTANT TO US
We take your privacy very seriously and are committed to protecting the privacy and security of our customers and visitors. We fully appreciate and respect the importance of data protection and security on the Internet.
- What information we collect when you use the Karen Gilbert and or Online Perfume School websites (the “Site”), when you communicate with us, or when you sign up for our newsletter.
- How we use your information.
- How we share your information.
- How long we keep your information and how it is stored.
- Our approach to sensitive personal information.
- What options you have to control your information.
- The rights you may have in relation to your personal information.
- How we communicate changes to this Policy
Please contact firstname.lastname@example.org if you would like to discuss this with us or have any questions, comments or suggestions relating to this Policy.
This Site is run by Fragrant Alchemy Ltd, trading as Karen Gilbert and also as Online Perfume School. For the purposes of applicable data protection laws, including the EU General Data Protection Regulation (“GDPR”) (as amended or superseded) Fragrant Alchemy Ltd is the “controller” of the personal information collected through the Site, by phone or in any correspondence.
Our address for all correspondence is: Fragrant Alchemy Ltd, The Old Fire Station, Salt Lane, Salisbury, Wiltshire SP1 1DU United Kingdom.
HOW DO WE COLLECT INFORMATION FROM YOU?
1. Information we collect when you visit our Site
We will collect personal information that you provide to us when you:
- place an order through our Site;
- fill in forms on our Site, for example to leave a comment or register on a waiting list
- subscribe to our mailing list.
We will also collect certain information automatically when you visit our Site, in particular:
- we record details of the resources that you access to visit our Site (for example, URL addresses, traffic data etc.);
- we record information about the type of device you have used to visit our Site, your device settings, and the cause of any system errors. Your device manufacturer or operating system provider will have further details on what information your device makes available.
2. Information we collect when you contact us
We will collect personal information about you when you contact us by telephone, e-mail, or via social media. If we email you individually using our own email system, or respond to an email sent to us at any of our business email addresses, a copy of that email will also be stored.
If you make an enquiry via our website, we will keep details of that enquiry and response for our data retention period.
HOW WE USE YOUR INFORMATION
1. For the performance of a contract between you and us:
- to answer questions that you might have about courses or other products
- to fulfil any order that you place with us, both online and also for live courses;
- to collect payment from you;
- to provide you with a receipt;
- to protect and defend our legal rights and interests.
2. Where we have a legitimate interest in using your personal information:
- to analyse any feedback that you provide on our services, and to improve our services;
- to collect payment from you;
- to administer and deliver any courses, webinars or products that you have signed up for whether online or live;
- to review and assess any application for training, coaching or consultancy that you submit to us.
4. If you have signed up to our mailing list, we may use your information in the following ways:
- We will send you a weekly newsletter with thoughts and updates from Karen largely around fragrance, business and wellbeing. These newsletters will occasionally contain information about special offers and upcoming courses.
- We will occasionally email you separately about courses or products that you might be interested in. For example if there is an enrolment deadline or if a particular course is almost sold out we will let you know outside of the newsletter.
5. If you have opted in to a webinar or free online class:
- we will send you a short sequence of reminder emails in the run up to the event and afterwards with replay links and other information relevant to the class.
6. If you have opted in to a waiting list for a particular course:
- we will email you when registration is open or places become available.
You have the option to unsubscribe from our e-mails through a link at the bottom of every e-mail we send to you.
If you want to change the details that you have registered with us, or would like to amend your subscription preferences or unsubscribe altogether, please email email@example.com
HOW WE SHARE YOUR INFORMATION
- We share your information with our core service providers and third party platforms as required for our business to function. We have an outsourced support team for our own business which may include Virtual Assistants, Web Designers, IT support, Sales and Marketing, Accounting and more. They have limited access to your data, where the service they provide to us means they need it.
- Your information may be processed by a third party in order to maintain the functionality of our Site and database.
- We do not sell or exchange your personal data with organisations who may want to sell you something or use your data for research or other purposes.
- Your information is held in the strictest confidence. We use only mainstream software options available to us.
We also use services offered by Google, Facebook, Instagram and other similar social media platforms to better tailor our marketing communications and for targeted advertising. As part of this process, some personal information, such as your e-mail address, is provided to the relevant third party, however for security purposes this data is “hashed” prior to being shared. Hashing is a process of identity masking or “pseudonymisation” which means we do not disclose your e-mail but still enables linking between your social media presence and our Site. Your personal information will be transmitted to countries outside of the EEA, including the United States. If you would like more information about how your personal information may be transmitted, and the safeguards applied, please contact firstname.lastname@example.org. You may have the right to object to your personal information being used in this way (see “Rights you may have” below).
We receive insights from Facebook about the effectiveness of our advertising campaigns which you experience on our Site and social channels, helps to better target our advertising.
HOW LONG WE KEEP YOUR INFORMATION
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means.
By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.
In some circumstances you can ask us to delete your data: see Rights You May Have below for further information.
HOW WE STORE YOUR INFORMATION
Your information may be processed by our staff or by the staff of our suppliers to the extent necessary to fulfil your order. By submitting your personal information to us, you agree to the transfer of your personal information, its storage and processing.
We will keep the data which we collect from you on a secure server. Any information you give us relating to credit card details is handled by a PCI DSS compliant third party and encrypted using secure server technology. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access and require our suppliers to do the same.
Where we have given you a password (or where you have chosen one) to access certain parts of this Site, you are responsible for keeping this password confidential. We ask that you do not share a password with anyone.
SENSITIVE PERSONAL INFORMATION
We do not seek to collect sensitive personal information (i.e. information relating to race or ethnic origin, political opinions, religious or other beliefs, trade union membership, physical or mental health, sexual orientation or criminal records). We ask that you do not provide such information to us.
RIGHTS YOU MAY HAVE
You may have certain rights in relation to personal information that we hold about you. These include the right to request access to your personal information, to request that it is erased, that its processing is restricted, or that any inaccurate personal information is rectified. You may also have the right to object to the processing of your personal information, or in some circumstances to obtain a copy of the personal information in a machine readable format. You also have the right to complain about the use of your personal information to the Information Commissioner’s Office.
You can make any such requests here.
CHANGES TO THIS POLICY
We may change this Policy from time to time. If we make changes, we will notify you by revising the date at the top of this Policy, and if the changes are significant, we may provide you with additional notice such as adding a statement to the homepage of the Site or sending you an e-mail with the update.