This Privacy Notice is written by Lisa Taylor, Founder of Tailored with Love.
As a small business, I am required to use and keep personal data for processing orders, running courses, and doing my accounts etc, and I am required to inform you of how I both process and store personal data for Tailored with Love.
Data collected and how I use this data
I collect the following data;
Tailored with Love Shop Orders
What data is processed? – Names, addresses, emails, payments, personal data such as dates and names for customised orders.
* Customised design using personal data such as dates and names, it is your responsibility to ensure that you have permission to share this information with Tailored with Love,
which will be stored securely and will only be used for the customer’s order only
Lawful / legal basis for recording the data – To process orders made by customers.
Tailored with Love Social Media Accounts – (Facebook, Instagram, Twitter)
What data is processed? – Names, addresses, emails.
Tailored with Love uses social media accounts, to allow people who find us to send us messages to find out more about us,
to place orders and all information is collected through the message boxes on these sites.
Lawful / legal basis for recording the data – To process orders made by customers, or to share information at the customers request.
Any payments that are made for orders are processed by a third parties websites i.e. Etsy, Swipe or Paypal.
Third Party Websites: (Etsy, Paypal, Swipe, Facebook etc.) These sites are governed by their own privacy statements,
and Tailored with Love are not responsible for their operations, including, but not limited to their information practices.
Users submitting information to or through these third-party websites should review the privacy statements of these sites before providing them with personally identifiable information.
All data I used as part of Tailored with Love is viewed and processed either using my laptop which has a password system to be accessed.
Or my mobile phone which is fingerprint protected. All my passwords are regularly changed and updated to and I am covered by ICO.
Data Sharing – No data is shared with any other person.
Any data required or held by me is secure and held only by myself, and it will not be distributed to any third parties unless I have your permission
or is required for for lawful / legal basis; for example, I am required to share my accounts with HMRC if they request it (please read retention of data).
You may request details of personal information which I hold about you and you may ask for them to be deleted, unless required for lawful / legal basis.
Retention of Data
I do not retain customers information any longer then required, but I will retain the following information for accounts / HMRC
* What data is processed? – Documentation required for preparing accounts for HMRC.
* Data refers to – invoices, receipts, payments from customers.
* Lawful / legal basis for recording the data – the legal basis for processing this data is ‘legal obligation’ because it is required by HMRC.
* Data sharing – the document may be shared on request with HMRC.
* Data storage – the documents will be stored securely in paper / online format.
* Data retention – HMRC state: I must keep records for at least 5 years after the 31st January submission deadline of the relevant tax year.
HM Revenue and Customs (HMRC) may check my records to make sure you’re paying the right amount of tax.
* Data destruction – after the required length of time, the documents will be shredded / securely deleted.
All other data collected if not needed for lawful / legal basis is deleted ASAP after obtaining it if no longer required.
I will be obligated to notify the ICO of a data breach within 72 hours of becoming aware of the breach.
We understand the huge fines in place for failing to follow correct procedures for a breach in data.
Tailored with Love