Privacy Policy for Made in the Cellar Ltd

This Privacy Policy sets out how we, Made in the Cellar Ltd, obtain, store, use, and share your personal information when you use or interact with our website, www.madeinthecellar.co.uk, (this policy also applies to our Etsy Shop and direct orders through our Sheffield Store) or where we otherwise obtain or collect your personal information. This Privacy Policy is effective from 25th May 2018.

Please read this Privacy Policy carefully.

This Privacy Policy does not apply to the practices of third parties that we do not own or control, including Etsy or any third party services you access via our website.

1. Personal information Made in the Cellar collects:

How we collect or obtain your information:

  • When you provide it to us by contacting us.
  • Placing an order with us via our website, Etsy Shop or Direct through the shop
  • Expressing your consent to sign up to our newsletter
  • From your use of our website, using cookies
  • From third parties

Personal Information We Collect:

Name, address, email address, contact number, IP address and information about your computer.

How we use your personal information:

For administrative and business purposes, particularly to contact you and to fulfil your orders placed on our website. To improve our business and website, for advertising and analytical purposes, in connection with our legal rights and obligations and for certain additional purposes only with your explicit consent. You may also choose to provide us with additional personal information (for a custom order of furniture, for example), if you contact us directly.

2. Why We Need Your Information and How We Use It:

We rely on a number of legal bases to collect, use, and share your information, including:

  • as needed to provide our services, such as when we use your information to fulfil your order, to settle disputes, or to provide customer support;
  • when you have provided your affirmative consent, which you may revoke at any time, such as by signing up for our mailing list;
  • if necessary to comply with a legal obligation or court order or in connection with a legal claim, such as retaining information about your purchases if required by tax law; and
  • as necessary for the purpose of our legitimate interests, if those legitimate interests are not overridden by your rights or interests, such as 1) providing and improving our services. We use your information to provide the services you requested and in our legitimate interest to improve our services; and 2) Compliance with the Etsy Seller Policy and Terms of Use. We use your information as necessary to comply with our obligations under the Etsy Seller Policy and Terms of Use.

3. The third parties with whom Made in the Cellar shares personal information

Do we sell personal information to third parties: No

Information about our customers is important to our business. We only share your personal information for very limited reasons and in limited circumstances, as follows:

  • Etsy- If ordering through our Etsy Shop – we share information with Etsy as necessary to provide you our services and comply with our obligations under both the Etsy Seller Policy and Etsy Terms of Use.
  • Service providers- We engage certain trusted third parties to perform functions and provide services to our shop, such as delivery companies. We will share your personal information with these third parties, but only to the extent necessary to perform these services.
  • Business transfers- If we sell or merge our business, we may disclose your information as part of that transaction, only to the extent permitted by law.
  • Compliance with laws- We may collect, use, retain, and share your information if we have a good faith belief that it is reasonably necessary to: (a) respond to legal process or to government requests; (b) enforce our agreements, terms and policies; (c) prevent, investigate, and address fraud and other illegal activity, security, or technical issues; or (d) protect the rights, property, and safety of our customers, or others.

4. Data Retention

We retain your personal information only for as long as necessary to provide you with our services and as described in our Privacy Policy. However, we may also be required to retain this information to comply with our legal and regulatory obligations, to resolve disputes, maintain records for tax purposes, and to enforce our agreements. We keep your data for the following time period: 12 months from order shipment date unless your consent is given to be contacted via our newsletter meaning we will keep your data until you unsubscribe from this service.

5. Transfers of Personal Information Outside the EU – (This is only applicable when ordering a bespoke piece of furniture from Made in the Cellar Ltd.)

We may store and process your information through third-party hosting services in the US and other jurisdictions. As a result, we may transfer your personal information to a jurisdiction with different data protection and government surveillance laws than your jurisdiction. If we are deemed to transfer information about you outside of the EU, we rely on Privacy Shield as the legal basis for the transfer, as Google Cloud is Privacy Shield certified.

6. How we secure your personal information:

Made in the Cellar use appropriate technical and organisational measures such as encrypting transfers of data to or from our servers, encrypting payments on our site via Secure Sockets Layer (SSL) and only granting access to your personal information where necessary. Although no method of transmission over the internet or electronic storage is 100% secure, we follow all PCI-DSS requirements.

7. WooCommerce:

Our web store is hosted on WooCommerce. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through WooCommerce data storage, databases and the general WooCommerce application. They store your data on a secure server behind a firewall.

8. Payment:

When making a purchase on the Website the transaction is processed by a third party called Stripe. Please follow this link to view their Privacy Policy.

9. Your Rights

If you reside in certain territories, including the EU, you have a number of rights in relation to your personal information. While some of these rights apply generally, certain rights apply only in certain limited cases. We describe these rights below:

  • Access- You may have the right to access and receive a copy of the personal information we hold about you by contacting us using the contact information below.
  • Change, restrict, delete; you may also have rights to change, restrict our use of, or delete your personal information. Absent exceptional circumstances (like where we are required to store data for legal reasons) we will delete your personal information upon request.
  • Object- You can object to (i) our processing of some of your information based on our legitimate interests and (ii) receiving marketing messages from us after providing your express consent to receive them. In such cases, we will delete your personal information unless we have compelling and legitimate grounds to continue using that information or if it is needed for legal reasons.
  • Complain- If you reside in the EU and wish to raise a concern about our use of your information (and without prejudice to any other rights you may have), you have the right to do so with your local data protection authority.

How to Contact Us

For purposes of EU data protection law, we, Made in the Cellar Ltd, are the data controller of your personal information. If you have any questions or concerns, you may contact the data controller at [email protected]

10. Cookies

Use of cookies: we use cookies and similar information-gathering technologies such as web beacons on our website including analytical and targeting cookies.

Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.

  • _session_id, unique token, sessional, Allows WooCommerce to store information about your session (referrer, landing page, etc).
  • _WooCommerce_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
  • _WooCommerce_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
  • cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
  • _secure_session_id, unique token, sessional
  • storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.

11. Changes to this Privacy Policy

We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting onto the Etsy shop page. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.