Privacy Policy

Who we are

Our website address is: https://www.heartintheirhand.co.uk.

What personal data we collect and why we collect it

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

Cookies set via Google Analytics help this helps us analyse data about webpage traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer.

Order Details: Personal and Payment details

We collect personal and payment details to allow purchases to be fulfilled, this includes personal / delivery details such as name, email, address and postcode. Payment card details are also taken during the checkout process via our 3rd party payments gateways (PayPal or Stripe). We do not store any sensitive data such as card details ourselves, all order payments and refunds are process via the payments gateways.

Who we share your data with

Payment Gateways

Your personal data is shared with the payment gateways for transactions to be made and for orders to be fulfilled.

How long we retain your data

Order and profile details are retained within the site indefinitely, to allow your order history to be checked during fulfilment and in the future. This also means you may use the address and other personal details again which may speed up the order process.

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Additional information

How we protect your data

PayPal provide monitoring, encryption and protection for all transactions ensuring these are securely handled. Full details on PayPal’s security measures and processes can be found here: https://www.paypal.com/uk/webapps/mpp/paypal-safety-and-security

Stripe (used for card payments on the website outside of PayPal) is PCI certified and used HTTPS to encrypt all transactions. Stripe manage the payments and handling of sensitive data, full details of Stripe’s security measures and processes can be found here: https://stripe.com/docs/security/stripe

The website and database is hosted with Siteground, please see their security measures to help protect the website here: https://www.siteground.com/kb/how_does_siteground_protect_my_website/