Privacy & Cookies
The Enamel Pin Factory the brand is owned by Compilation Ltd. (registered company number 06764906) a company committed to respecting and safeguarding all customer and web visitor data collected when browsing or making purchases through our website, www.enamelpinfactory.com
In compliance with GDPR – the General Data Protection Regulation (EU) 2016/679 2018), the data controller is Compilation Ltd. of 2 Reed Street, Gladstone Industrial Estate, Thornaby on Tees TS17 7AF UK. Our Director, Claire Whaite is the nominated representative, for the purposes of GDPR related matters. Claire can be contacted at email@example.com.
All information gathered by The Enamel Pin Factory in the process of fulfilling our orders and communicating with those interested in our products and services will be collected lawfully and in accordance with the General Data Protection Regulation (GDPR) effective from 25th May 2018.
We collect information about you for a few specific reasons:
- To process your enquiry and look after your order to ensure you receive the highest possible levels of service.
- To complete an order, which means processing payment, undertaken through a secure, third-party payment system, (provided by Shopify Inc.), and post/ship the order to your address.
- Process a return or refund, as per our Refunds Policy.
- To deliver to you timely and current updates on promotions and events that you have expressed an interest in.
- Those responsible for collecting the data are the business owners and authorised staff employed by Compilation Ltd, the trading company and owner of The Enamel Pin Factory brand. Those responsible for collecting such data work in customer service, accounts, compliance and marketing.
- You can be assured that your information will not be shared with 3rd parties.
- We will not email you unless you have provided your consent. We do not send random marketing emails to personal email addresses (We really don’t like Spam).
What personal information do we collect?
When you subscribe to our updates the type of personal information we will collect about you includes:
- Phone number
- Email address
- Geographic location (i.e. Region/State/Province)
When browsing, creating an account or making a purchase, we may collect and process the following personal data:
- Postal address
- Email address
- Telephone number
- Payment details
- Internet protocol (IP) address
- Operating system and platform (e.g. Apple iOS, Android, Windows, etc)
When we are handling an order on your behalf we will need to know a little more about you to ensure that we are able to deliver the service to the correct location and be able to contact you via phone, e-mail and possibly social channels.
Your order details will be retained for a maximum of seven years on a secure encrypted server and after this period securely deleted. Your contact information will be retained for as long as you subscribe to The Enamel Pin Factory services.
We will not collect sensitive information about you as there is no need to do so in the process of managing orders or maintaining our relationship with you.
The Enamel Pin factory fully subscribe to the Payment Card Industry (PCI) Data Security Standard as card not present merchants. What this means in reality is that we have PCI DSS Level 1 Compliance which is the highest level of data & payment protection available with all information on the website protected by 2048 bit SSL encryption.
Age – We will however need to be assured of our customers age so as to ensure that minors without parental consent are not attempting to order goods and services. This is a measure we have implemented to protect our customers and their parents/ guardians and in full compliance with GDPR regulation.
By creating an account or making a purchase from our website you are confirming that you are either 16 years of age or older or have the permission of a parent or legal guardian.
If you wish The Enamel Pin Factory to provide you with a copy of the data we hold we can provide you with this information without charge if it is a reasonable request. If the request is excessive or repeated we reserve the right to charge a fee to cover the administrative costs. You can check any information that we me hold by emailing a request to firstname.lastname@example.org
If you wish this data to be removed from our records or simply deleted you have the right to make such a request and we will comply with any and all such communications.
If you are unhappy about the handling of your personal information and wish to raise a complaint you can do so by contacting us via email@example.com setting out the reasons for your concern in your message. Alternatively, you can raise the matter with the UK’s data protection regular the Information Commissioner’s Office (ICO) https://ico.org.uk
What is a Personal Data Breach?
- Unauthorised access by a third party;
- Error, inaction or accident by a data controller or processor;
- Sending personal data to an incorrect recipient;
- A device containing personal data being lost or stolen;
- Deliberate alteration of personal data without permission;
- Any loss of access to personal data.
How we will Respond in the Event of a Personal Data Breach
- We take the management of our customer and contact information very seriously indeed. To protect your data, we have ensured that we can detect malicious attacks and have in place a process to assess the likely risk to individuals as a result of such a breach.
- If a breach has occurred we will, in accord with GDPR regulation, notify the Information Commissioner’s Office (ICO) within 72 hours of becoming aware of it.
- We will provide the ICO with full details of the breach at this time and continue to update whilst the matter is investigated.
- In the unlikely event a breach impacting individuals or organisations associated with our business occurs, we will notify those affected at the earliest possible opportunity.
- As all the personal data within our systems and third-party platforms we utilise is encrypted we are confident that any such breach will have negligible impact on our customers and contacts however if necessary we will provide the appropriate advice to those affected to help protect them from its effects.
- As a matter of procedure and best practice with cyber security we document all breaches, even if they don’t all need to be reported.
Cookies are small text files held on your computer, which allow us to give you the best browsing experience possible.
You are free to disable these cookies, but these may stop our website from functioning properly.
Our Website Will:
- Remember the items stored in your shopping basket
- Remember what stage of the order process you are at
- Check whether you are logged in or purchasing as a guest
Our Website Will:
- Track the pages you visit via Google Analytics
Our Website Will:
- Allow you to share pages with social media such as Facebook and Twitter
This website will not
- Share any personal information with third parties.
It is likely that the default setting for your browser is set to automatically accept cookies. You can however choose not to accept cookies through your browser controls, by going to the “Tools” or “Preferences” menu. If you would like to learn a little more about changing your browser settings and specifically what cookies are and how they are used look at your browser’s help section, FAQ’s or click on the following link: www.allaboutcookies.org.
If you would prefer not to receive customised adverts online you can opt out by clicking this link > Ads Preference Manager