(Version November 2020)
The website www.l-atelierartetobjet.co.uk (“Website”) is exploited by L’ Atelier art et objet Ltd. (“We, Us or L’ Atelier”) with its registered address at Endeavour House, 78 Stafford Road, Wallington, Surrey, SM6 9AY (United Kingdom). We are registered at the British Chamber of commerce under number 09899499.
Through our Website We will receive, collect and process personal data of our users (“You”).
This privacy statement (“Statement”) provides You with details of how We collect and process your personal data through your use of our Website including any information You may provide through our Website when You purchase a product.
By providing us with your data, You warrant to us that You are over 13 years of age.
L’ Atelier is the data controller and We are responsible for the collection, processing and use of your personal data described in this Statement. Please read this Statement carefully so You will be aware of how We obtain and process your personal details.
Which personal information do we collect and process?
We collect, store and process your personal data that is provided to us.
– Identity Data may include your first name, maiden name, last name, username, marital status, title, date of birth and gender.
– Contact Data may include your billing address, delivery address, email address and telephone numbers.
– Financial Data may include your bank account and payment card details.
– Transaction Data may include details about payments between us and other details of purchases made by You.
– Technical Data may include your login data, internet protocol addresses, browser type and version, browser plug-in types and versions, time zone setting and location, operating system and platform and other technology on the devices You use to access this site.
– Profile Data may include your username and password, purchases or orders, your interests, preferences, feedback and survey responses.
– Usage Data may include information about how You use our Website, products and services.
– Marketing and Communications Data may include your preferences in receiving marketing communications from us and your communication preferences.
We do not collect and process any sensitive personal data, such as details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data.
Through our Website we automatically collect and process certain types data from You. Like many websites, We use “cookies” and other unique identifiers. Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.
Cookies used on Our Website:
– Google Analytics cookies
We use Google Analytics, a web analytics service provided by Google, Inc. (Google). Google Analytics cookies are used to analyze how visitors use the Website and to create reports on website visitors’ activity.
– Social Media Cookies
If You are using social media share buttons, our Website will also place a cookie. Among others it will let You see which articles you’ve already shared.
What is the lawful basis for processing your personal data?
We will only use your personal data for the purposes specified in this Statement. The most common uses of your personal data are:
– Where We need to perform the contract between us.
– Where it is necessary for our legitimate interests (or those of third-parties) and your interests and fundamental rights do not override those interests.
– Where We need to comply with a legal or regulatory obligation.
What will we do with your personal data?
We will only retain your personal data for as long as necessary to fulfil the purposes We collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. When deciding what the correct time is to keep the data for We look at its amount, nature and sensitivity, potential risk of harm from unauthorized use or disclosure, the processing purposes, if these can be achieved by other means and legal requirements. For tax purposes the law requires us to keep basic information about our customers (including Identity, Contact, Financial and Transaction Data) up to ten years after they stop being customers.
Disclosures of your personal data
We may have to disclose or share your personal data with third-parties set out below to fulfill certain purposes with third-parties:
– Service providers who provide IT and system administration services.
– Third-parties who perform services on our behave or to assist us to deliver the services to You.
– Professional advisers including lawyers, bankers, auditors and insurers.
– Government bodies that require us to report processing activities.
We require all third-parties to whom We transfer your data to respect the security of your personal data and to treat it in accordance with the law. We only allow such third-parties to process your personal data for specified purposes and in accordance with our instructions.
We have put in place security measures to prevent your personal data from being accidentally lost, used, altered, disclosed, or accessed without authorization. We also allow access to your personal data only to those employees and partners who have a business need to know such data. They will only process your personal data on our instructions and they must keep it confidential. We have procedures in place to deal with any suspected personal data breach and will notify You and any applicable regulator of a breach if we are legally required to.
International transfer of personal data
We sometimes share your personal data within our group of companies which involves transferring your data to other countries within or outside the European Union (“EU”). Countries outside of the EU do not always offer the same levels of protection to your personal data, so European law has prohibited transfers of personal data outside of the EU unless the transfer meets certain criteria. Whenever We transfer your personal data out of the EU, We do our best to ensure a similar degree of security of data by ensuring, where necessary, that adequate safeguards are in place to comply with the requirements for the international transfer of personal data under applicable privacy laws.
How and when can you exercise your legal rights?
Under data protection laws You have the rights in relation to your personal data that include the right to request access, correction, erasure, restriction, transfer, data portability or to object to data processing. If You wish to exercise any of the rights set out above, please send us an email to email@example.com. You may object to the processing of your personal data or request the restriction of the processing of your personal data. We may need to request specific information from You to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also ask You for further information in relation to your request to speed up our response. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or You have made a number of requests. In this case, We will notify You.
If You are not happy with any aspect of how We collect and use your data, you have the right to complain to a supervisory authority. We should be grateful if you would contact us first if You do have a complaint so that We can try to resolve it for You.