Cookies and Privacy Policy

HOUSE OF SPARKLEZ U.K LTD

COOKIES & PRIVACY POLICY STATEMENT

Updated: 23/05/18 in accordance with the new GDPR (General Data Protection) Law.

Here at House of Sparklez U.K, our website uses cookies.  Cookies are information that a website transfers to the cookie file on your computer or device (phone, tablet etc). 

When you visit a site that uses cookies for the first time, a cookie is downloaded onto your PC. The next time you visit that site, your PC checks to see if it has a cookie that is relevant (that is, one containing the site name) and sends the information contained in that cookie back to the site.

The site then ’knows’ that you have been there before, and in some cases, tailors what pops up on screen to take account of that fact. For instance, it can be helpful to vary content according to whether this is your first ever visit to a site – or your 51st.

Without cookies enabled we cannot guarantee that your user experience whilst visiting our site is as intended as it should be.  None of the cookies used on our website collect any personal data about you.

We use cookies in the following way:
- To track how visitors find our site and the path they take through it help us improve our service for you.  
- Our shopping basket uses a session cookie, without a cookie you will not be able to use our shopping cart.
- To monitor and manage our website traffic.

We do not use cookies to collect personally identifiable information about you. If  you would like to restrict or block the cookies , you can do this through your browser settings. The help tool on your browser should provide relevant information on how to do this.
You may find www.aboutcookies.org helpful which contains more detailed information on how to do this, it also provides more information about cookies.

 

This privacy policy sets out how House of Sparklez U.K Ltd uses and protects any information that you give House of Sparklez U.K Ltd when you use this website. House of Sparklez U.K Ltd is committed to ensuring that your privacy is completely protected. Should we ever ask you to provide information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement. House of Sparklez U.K Ltd may change this policy in the future and would do so by updating this page. You should check this page every so often to ensure that you are happy with any changes.

This statement describes what types of information we collect from you, how it is used by us, how we share it with others, how you can manage the information we hold and how you can contact us.

House of Sparklez U.K LTD will not contact or send any marketing messages to any person other than those who have subscribed to receive it.  House of Sparklez U.K LTD will never send you unsolicited ‘junk’ email or communications, or share your data with anyone else who might. We do not sell your information to third parties, but we do share data with Mail Chimp in order to send you communications and newsletters via email.

House of Sparklez U.K take the protection of your data protection very seriously, we always have. We want you to know you can trust us to respect your privacy and keep your personal information safe. The new legislation is aimed at giving you more control over, this is the General Data Protection Regulation (GDPR).

 

The data we collect from you

We collect information about you when you engage with our website. We only collect information which is necessary, relevant and adequate for the purpose you are providing it for.

We may collect the following information:

  1. Name (including title);
  2. Address;
  3. Phone number;
  4. Date of birth;
  5. Email address;
  6. The date and time you used our services;
  7. The pages you visited on our website and how long you visited us for;
  8. Your IP address;
  9. The internet browser and devices you are using;
  10. The website address from which you accessed our website;
  11. Details of any transactions between you and us
  12. Any information within correspondence you send to us.

Consent

Where you have provided your consent, we may use and process your information to:

  • Internal record keeping.
  • We may use the information to improve our products and services.
  • We may periodically send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided.
  • From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, phone, fax or mail. We may use the information to customise the website according to your interests

    You can withdraw your consent at any time by contacting us or, in relation to any marketing messages you receive, by using the unsubscribe option included in those messages.

Contractual performance

We may use and process your personal information where this is necessary to perform a contract with you and to fulfil and complete your orders, purchases and other transactions entered into with us.

 

To administer competitions and promotions that you enter with us from time to time and to distribute prizes;

Processing necessary for us to operate the administrative and technical aspects of our business efficiently and effectively

To verify the accuracy of information that we hold about you and create a better understanding of you as a customer;

For network and information security purposes i.e. in order for us to take steps to protect your information against loss, damage, theft or unauthorised access;

To comply with a request from you in connection with the exercise of your rights (for example where you have asked us not to contact you for marketing purposes, we will keep a record of this on our suppression lists in order to be able to comply with your request);

To inform you of updates to our terms and conditions and policies.

How do we share this information?

We do not sell your information to third parties, but we do share information for marketing purposes with Mail Chimp so we can send you email commincations through their platform.

Security

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

How long do we keep your information for?

We do not retain personal information in an identifiable format for longer than is necessary.

If we have a relationship with you (e.g. you are a customer who has purchased goods from us), we hold your personal information for 6 years from the date our relationship ends. We hold your personal information for this period to establish, bring or defend legal claims. Our relationship is deemed as having ended if you do not interact with us in any way for over a year.

The only exceptions to the periods mentioned above are where:

  • The law requires us to hold your personal information for a longer period, or delete it sooner;
  • Where you have raised a complaint or concern regarding a product or service offered by us, in which case we will retain your information for a period of 6 years following the date of that complaint or query; or
  • You exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under the law.

How can you manage the information we hold about you? 

You have the right as an individual to access your personal information we hold about you and make corrections if necessary. You also have the right to withdraw any consent you have previously given us and ask us to erase information we hold about you. You can also object to us using your personal information (where we rely on our business interests to process and use your personal information).

You have a number of rights in relation to your personal information under data protection law. In relation to most rights, we will ask you for information to confirm your identity and, where applicable, to help us search for your personal information. Except in rare cases, we will respond to you within 30 days after we have received any request (including any identification documents requested).

You have the right to:

  1. Ask for a copy of the information that we hold about you;
  2. Correct and update your information;
  3. Withdraw your consent (where we rely on it).
  4. Object to our use of your information (where we rely on our legitimate interests to use your personal information) provided we do not have any continuing lawful reason to continue to use and process the information.  When we do rely on our legitimate interests to use your personal information for direct marketing, we will always comply with your right to object;
  5. Erase your information (or restrict the use of it), provided we do not have any continuing lawful reason to continue to use and process that information;
  6. Transfer your information in a structured data file (in a commonly used and machine readable format), where we rely on your consent to use and process your personal information or need to process it in connection with your contract.

You can exercise the above rights and/or manage your information by contacting us  at info@houseofsparklezuk.com



Transaction Security

To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.

If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.

Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.

Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.


Credit Card/ Debit Card Payments: SagePay

As a payment service provider (PSP), thousands of businesses outsource their transaction security to us. It is our top priority to ensure that your customers’ transaction data is kept secure at all times.

Transaction security

All transaction information passed between merchant sites and Sage Pay’s systems is encrypted using 128-bit SSL certificates. No cardholder information is ever passed unencrypted and any messages sent to your servers from Sage Pay are signed using MD5 hashing to prevent tampering. You can be completely assured that nothing you pass to Sage Pay’s servers can be examined, used or modified by any third parties attempting to gain access to sensitive information.

Encryption and Data Storage

Once on our systems, all sensitive data is secured using the same internationally recognised 256-bit encryption standards used by, among others, the US Government. The encryption keys are held on state-of-the-art, tamper proof systems in the same family as those used to secure VeriSign's Global Root certificate, making them all but impossible to extract. The data we hold is extremely secure and we are regularly audited by the banks and banking authorities to ensure it remains so.

System security

Sage Pay’s systems are scanned quarterly by Trustwave which are an independent Qualified Security Assessor (QSA) and an Approved Scanning Vendor (ASV) for the payment card brands.

Sage pay is also audited annually under the Payment Card Industry Data Security Standards (PCI DSS) and is a fully approved Level 1 payment services provider, which is the highest level of compliance. We are also active members of the PCI Security Standards Council (SSC) that defines card industry global regulation.

Links to banks

Sage Pay has multiple private links into the banking network that are completely separate from the Internet and which do not cross any publicly accessible networks. Any cardholder information sent to the banks and any authorisation message coming back is secure and cannot be tampered with.

Internal security

Sage Pay is controlled by Iris Scanners, which are the latest and most precise biometric security devices available for identification. As used by; chemical plants, airports, police stations, prisons and other facilities where security is paramount. No one can enter or leave the building without a valid security pass.

Staff validation

All employees at Sage Pay are Criminal Records Bureau (CRB) checked prior to employment and no unauthorized individual has access to or is able to decrypt transaction information or cardholder data. Our systems only allow access to our most senior staff and only in extenuating circumstances (such as investigations of Card Fraud by the Police). All transaction information and customer card information is secure even from our own employees.

Disaster recovery

Sage Pay operates on twin data centres to ensure optimal system security and up-time and has a full disaster recovery and business continuation policy.


Payments: PayPal

We also use Paypal as a payment method on our website, since users sign up for a PayPal account outside our website, we suggest looking up PayPals privacy policy if you have any concerns or questions. For user help, we have included this short snippet below:

PayPal’s Privacy Policy describes PayPal’s information collection practices, and how we use, store, disclose and protect that information. The Privacy Policy applies to the PayPal website and all related sites, applications, services and tools regardless of the device or method you use to access those platforms.

You accept the Privacy Policy when you sign up for, access, or use our products, services, content, features, technologies or functions. If you have a specific question about PayPal’s collection, use, storage, disclosure and protection of information, please review the PayPal Privacy Policy or contact us via our 'Privacy Questions?' form found at the bottom of any PayPal page.

 

MailChimp

We use MailChimp to manage our newsletter and other email lists. There’s no third-party tracking in messages we send through MailChimp besides MailChimp’s own analytics, which may aggregate how many subscribers open a message or click the links inside. MailChimp’s privacy policy is available at http://mailchimp.com/legal/privacy.

You can unsubscribe from our newsletter by clicking on the unsubscribe link provided at the end of every newsletter/email from us. You can also email info@houseofsparklezuk.com to update your email address, or to request that we delete your email.

Liquid error: Argument error in tag 'include' - Illegal template name