- Sets out the types of personal data that we collect
- Explains how we use your data
- Explains how we ensure your privacy is maintained
- Explains the rights and choices you have when it comes to your personal data
This policy also applies to information we collect about people who use our services and our website.
The types of data Bespoke Tattoos collects
When you use our design services or inquire about our Services, you may provide us with the following pieces of personal data:
- Company name and address
- Contact information including email address or telephone number
- Financial details for invoicing and payment processing purposes
Whilst delivering our services we may also collect the phone number the call originated from through.
In instances where we, Bespoke Tattoos, collect personal data we are known as the data ‘controller’ in instances where our clients supply the personal data we are known as the data ‘processor’. When acting as a data processor we will manage on your behalf the personal information you require from your clients.
What we do with the information we gather
Bespoke Tattoos wants to provide the best service experience; we, therefore, gather this data to understand your needs and personalise our service, thus providing you with a better service experience. In particular, the information will be used for:
- Providing a tailored and personalised service to clients and customers with products and services most likely to interest you
- Internal audit purposes
- Improving our services
- Processing payments
- Periodically send promotional or market research communications which we think you may find interesting using the contact details which you have provided. Bespoke Tattoos may contact you by email, phone, SMS or mail. The lawful basis on which we process data for this purpose includes:
- If you’re a customer – a customer/contractual consent
Under GDPR regulations that came into effect on the 25th of May 2018, all users of this website and its services have the following rights:
- The right to be informed:
Under this right, users of this website and clients of Bespoke Tattoos have the right to be informed of how Bespoke Tattoos, third-party private contractors and software providers or cookies collect and process data.
2. The right of access
Under this right, users of this website and clients of Bespoke Tattoos have the right to access any data that will or is been processed, collected or used by Bespoke Tattoos or third-party contractors, software or cookies it may use to carry out its services.
3. The right to rectification
Under this right, users of this website and customers of Bespoke Tattoos have the right to rectify any data processing or collect that will as or will take place.
One of the ways Bespoke Tattoos does this to allow website users to stop software scripts or cookies to commence is to give the website user the question “do you accept cookies” or scripts that may run while you use this website.
The website user is given the option to accept or not by a pop-up box that arrives when they first use the website. Once the option has been selected, any scripts or cookies that usually run will be disabled for the remainder of the website usage by the website visitor.
4. The right to erasure
Under this right, users of this website and customers of Bespoke Tattoos have the right to ask Bespoke Tattoos or its software providers or third-party contractors to erase any data that has been collected.
5. The right to restrict processing
Under this right, users of this website and customers of Bespoke Tattoos have the right to restrict any data that would usually be processed for research or service based usage,
6. The right to data portability
Under this right, users of this website and customers of Bespoke Tattoos have the right to obtain and reuse their personal data for their own purposes across different servers and services.
It allows customers of Bespoke Tattoos and website visitors that have submitted any personal data to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without affecting its usability.
7. The right to object
Under this right, users of this website and customers of Bespoke Tattoos have the to stop personal data you have submitted to Bespoke Tattoos to be used for direct marketing or other promotional activities.
This objection can be made verbally or in writing to Bespoke Tattoos and Bespoke Tattoos is given one month under GDPR rules to respond and rectify the personal data activity.
8. Rights in relation to automated decision making and profiling.
Under this right, users of this website and customers of Bespoke Tattoos have the right to know about individual information that is processed automatically by Chat Connects software providers.
At this time of the updated document, Bespoke Tattoos does not currently use any such method or software to do this.
Methods of processing
The Data Controller processes the Data of Users in a proper manner and shall take appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.
Data processing is carried out using computers and/or IT-enabled tools, following organizational procedures and modes strictly related to the purposes indicated.
In addition to the Data Controller, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of the site (administration, sales, marketing, legal, system administration) or external parties (such as third party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Owner. The updated list of these parties may be requested from the Data Controller at any time.
The Data is processed at the Data Controller’s operating offices and in any other places where the parties involved with the processing are located. For further information, please contact the Data Controller Bespoke Tattoos on 0113 322 9608 or by email at firstname.lastname@example.org.
The Data is kept for the time necessary to provide the service requested by the User, or stated by the purposes outlined in this document, and the User can always request that the Data Controller suspend or remove the data.
Additional information about Data collection and processing
The User’s Personal Data may be used for legal purposes by the Data Controller, in Court or in the stages leading to possible legal action arising from improper use of this Application or the related services.
The User declares to be aware that the Data Controller may be required to reveal personal data upon request of public authorities.
Additional information about User’s Personal Data
System Logs and Maintenance
For operation and maintenance purposes, this Application and any third party services may collect files that record interaction with this Application (System Logs) or use for this purpose other Personal Data (such as IP Address).
Information not contained in this policy
More details concerning the collection or processing of Personal Data may be requested from the Data Controller at any time. Please see the contact information at the beginning of this document.
How we protect personal data
We know how important it is to protect and manage your personal data. This section sets out some of the measures we have in place.
- We use computer safeguards such as anti-virus and firewall software. We only authorise access to employees or trusted third-party contractors who need it to carry out their job responsibilities. Only data that is relevant will be shared with contractors and their accounts are limited to the data they need to carry out the said work.
- We protect the security of your information while it is being transmitted by encrypting it using Secure Sockets Layer (SSL) on our website.
- We ask for proof of identity before we share your personal data with you.
However, whilst we take appropriate technical measures to safeguard your personal data, please note that we cannot guarantee the security of any personal data that you transfer over the internet to us.
All data, when no longer required will be treated in accordance with our Data Retention Policy
Sharing your personal data
Bespoke Tattoos works with carefully selected Service Providers that carry out certain functions on our behalf to support the services provided to you. These include, for example, companies that help us with technology services, storing and combining data, processing payments. We only share personal data that enable our Service Providers to provide their services and it will always be shared in a secure and appropriate manner.
We may share personal data with other organisations in the following circumstances:
- If the law or a public authority says we must share the personal data;
- If we need to share personal data in order to establish, exercise or defend our legal rights (this includes providing personal data to others for the purposes of preventing fraud and reducing credit risk);
- To an organisation, we sell or transfer (or enter into negotiations to sell or transfer) any of our businesses or any of our rights or obligations under any agreement we may have with you. If the transfer or sale goes ahead, the organisation receiving your personal data can use your personal data in the same way as us.
How long we keep your data
Bespoke Tattoos will keep your information for as long as we are providing you with a service or are likely to provide a service due to an inquiry we have received.
We will retain records after our business relationship has ended in accordance with our Data Retention Policy which can be accessed on our website. After this time your data will be securely deleted.
Where data is processed solely for marketing purposes, any information we use for this purpose will be kept until you notify us that you no longer wish to receive this information, or until the data is deleted in accordance with our Data Retention Policy, whichever is earliest. As part of ensuring we are providing the right services to you, we may use your data to pursue our legitimate interests in a way which would reasonably be expected as part of running our business and supplying services, this will be done in a way that does not materially impact your rights, freedom or interests.
For example, we may use the services and products supplied historically to you to support or make available personalised offers.
We may also use your address details to post out direct marketing materials telling you about products and services that we think may be of interest to you.
The rights of Users
Users have the right, at any time, to know whether their Personal Data has been stored and can consult the Data Controller to learn about their contents and origin, to verify their accuracy or to ask for them to be supplemented, canceled, updated or corrected, or for their transformation into anonymous format or to block any data held in violation of the law, as well as to oppose their treatment for any and all legitimate reasons. Requests should be sent to the Data Controller at the contact information set out above.
This Application does not support “Do Not Track” requests.
To determine whether any of the third party services it uses honor the “Do Not Track” requests, please read their privacy policies.
How to exercise your Rights
If you wish to contact us in respect of any of the Rights described above, please get in touch with us on 0113 322 9608 or via email at email@example.com. We will respond to your request within one month.
Modification date: 25th of May 2019