2. DATA CONTROLLER
The data controller responsible for the collection of data is:
Impressive Designs Ltd is fully committed to the security and protection of your data whether personally identifiable or otherwise. This policy sets out why and how we process different types of data that we may collect, store and use while you:
4. DATA WE COLLECT
We collect, process, store and use data for the purposes of fulfilling our services to you. In some cases data can be "personally identifiable" meaning data could in some instances be used to identify a person as stated within GDPR (European Union - General Data Protection Regulation).
Data you pass to us:
Some data is an essential requirement if we are to provide typical services to you whether in-store or online. This data could include information which is "personally identifiable" such as your name, home / delivery address and email address etc.
Typical services may include but not limited to:
a. Accepting and fulfilling an order you have made to us b. Instances where a delivery forms part of your order c. Customer account d. Customer enquiry e. Comments (website) f. Newsletter signup
Data we collect automatically:
This website collects some data automatically whenever you visit. This is standard practice. One of the most relevant pieces of data is the IP address you access our website with. An IP address is a unique code issued to you by your internet service provider (ISP) and acts as a digital passport. In some cases an IP address can fall under the "personally identifiable" category. We encrypt your IP address whenever we store it within our database which renders it unreadable to anyone outside our own system.
Other data we may collect automatically which is not "personally identifiable" may include but not limited to:
a. Logging data and device information (Could include type of device you use when visiting our website and the time of that visit) b. Location of visitor (Help us provide localised services) c. Record of previous visit to website and browser habits etc
This type of data is more technical than personal and helps us conduct troubleshooting, data analysis, testing and research of our own systems to improve delivery of services to you which may include but not limited to: d. Greater security (Build up visitor presence with us) e. User experience (Could provide more relevant products to customers quicker) f. Analytics (Allow us to measure visitor metrics)
5. SHARING DATA
To perform some essential functions, we may share "personally identifiable" data with third parties who provide us with essential services.
All third party service providers process data securely and adhere to Data Protection Act 2018 (DPA). Third party providers to us are typically providing services such as but not limited to:
In-store POS (Point of service) provider (ONLY if you have a registered account with us) Payment service providers (Taking card payments in-store or on our website) Website host (Where orders are placed and or card payments are taken) Email service providers
Card payment data:
All card payments taken by us are accepted, processed and stored by our PCI compliant webhost and FCA regulated payment providers. Our providers process card payments under "Payment Card Industry Data Security Standard (PCI DSS)" while your personal data is processed under Data Protection Act 2018 (DPA).
We strive to provide a continually improving first class service to customers. Knowing our customers is key to this. These services allow us to measure, analyze and understand how our customers use the site. By utilising these services, we can identify ways to improve our services to you and enhance your visit(s) to our website.
Typical data collected by our analytics providers may include but not limited to your:
a. IP address b. Location (Accuracy determined by device and location settings) c. Mobile carrier (EE, Vodafone, Three etc) d. ISP (Internet service provider) e. Device operating system
5. MOVEMENT & STORAGE OF DATA
Some data we collect from you may be transferred and stored in locations outside of the EAA, (European Economic Area). This is typically a service provider such as our website hosting. By submitting your data, you agree to transfer the data, as well as the processing and storing of your data.
We use industry standard secure pages to provide our website to customers. The transmission of information via the internet is not always perfectly secure. Although we do our utmost to protect your data, any transmission of your data is ultimately at your own risk.
Once we have received your information, we use strict procedures and security features to try to prevent unauthorised access. Data held on our secure servers is encrypted to the highest possible standard.
While we take every step possible aimed at the highest level of your data security, we accept no liability for any data breach caused by any of our third party service providers.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
7. YOUR RIGHT OF ACCESS:
You have a right to ask us whether we are using or storing personal information relating to you.
a. What personal information we have about you b. How we are using it c. Who we are sharing it with d. Where we derived your data from
To request this information please contact us at any of the following contact points: