Privacy policy
Last updated: 09 August 2021
This Privacy Policy (‘the Policy’) sets out the basis on which any personal data we collect from you, or that you provide, will be processed by us. Please read this Policy carefully to understand our views and practices regarding your personal data and how we will treat it.
We will only use your personal data in the manner set out in this Policy and in a way that is fair to you. We will only collect personal data where it is necessary for us to do so and where it is relevant to our dealings with you. We will only keep your personal data for as long as it is relevant to the purpose for which it was collected or for as long as we are required to keep it by law.
Who we are
For the purpose of the UK Data Protection Act 2018 (the “Regulations”), the data controller is Windows of the Soul (Directors: Caroline Kilduff, Siegfried Wagner, Jane Clipston, contactable at info@windowsofthesoul.art).
We will refer to Windows of the Soul as (“us”, “we”, or “our”) which operates https://windowsofthesoul.art, the “Site”.
The users of our Site are referred to as “you” or “your”.
This Policy explains what happens to any personal data that you provide, or that is collected from you when accessing our Site.
The majority of the data that we collect and store will be anonymised analytics data relating to the users that visit our site. However, we will also be collecting and using limited personal data including users’ names and email addresses (where applicable).
We use such personal information only for provision of our services and responding to queries via e-mail. We are aware that customers and suppliers will also be accessing our Site and by accessing the Site, you agree to the collection and use of information in accordance with this Policy.
What information do we collect about you?
We collect information from you when you:
use our Site (in the form of “traffic data”),
complete our online contact form,
While using our Site and undertaking business with us with the view to using our services, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to, your name and email address (“Personal Information”).
We collect information about you when you voluntarily submit a form asking us to contact you. Site usage information is collected using cookies. You can find further information on the cookies we use under the “Cookies” heading below.
How will we use the information about you?
We collect information about you to respond to queries. We also use your information collected from the Site to personalise your repeat visits to our Site.
We will also use your information in the following ways:
To ensure that content from the Site is presented in the most effective manner for you and for your computer.
To manage the Site, detect fraud or Site abuses.
To respond to your queries submitted via our contact form, and any correspondence between us thereafter.
What are your data protection rights?
Every user is entitled to the following:
The right to access – You have the right to request Our Company for copies of your personal data.
The right to rectification – You have the right to request that Our Company correct any information you believe is inaccurate. You also have the right to request Our Company to complete the information you believe is incomplete. We want to make sure that your personal information is accurate and up to date. From time to time we may ask you to confirm your details with us to ensure the records we have are up to date.
The right to erasure – You have the right to request that Our Company erase your personal data, under certain conditions. Note, where there is a statutory reason for holding that data, we will not be able to erase it.
The right to restrict processing – You have the right to request that Our Company restrict the processing of your personal data, under certain conditions.
The right to object to processing – You have the right to object to Our Company’s processing of your personal data, under certain conditions.
The right to data portability – You have the right to request that Our Company transfer the data that we have collected to another organisation, or directly to you, under certain conditions.
To invoke any of the above rights, please use the contact links below.
Cookies
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the Site, to compile statistical reports on Site activity and for functional operation of the Site.
Functional Cookies
| Cookie Name | Expiration | Description |
|---|---|---|
| Crumb | Session | Prevents cross-site request forgery (CSRF) |
| RecentRedirect | 30 minutes | Prevents redirect loops if a site has custom URL redirects. Redirect loops are bad for SEO |
| ss_cookieAllowed | 30 days | Remembers if a visitor agreed to placing Analytics cookies on their browser if a site is restricting the placement of cookies |
| Test | Session | Investigates if the browser supports cookies and prevents errors |
Analytics Cookies
| Cookie Name | Expiration | Description |
|---|---|---|
| ss_cid | 2 years | Identifies unique visitors and tracks a visitor’s sessions on a site |
| ss_cpvisit | 2 years | Identifies unique visitors and tracks a visitor’s sessions on a site |
| ss_cvisit | 30 minutes | Identifies unique visitors and tracks a visitor’s sessions on a site |
| ss_cvr | 2 years | Identifies unique visitors and tracks a visitor’s sessions on a site |
| ss_cvt | 30 minutes | Identifies unique visitors and tracks a visitor’s sessions on a site |
For further information about cookies in general, visit www.aboutcookies.org.uk.
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However, in a few cases, some of our Site features may not function as a result.
Other websites
Our Site contains links to other websites. This privacy policy only applies to this Site, so when you link to other websites you should read their own privacy policies.
When we share your information
We may disclose your information to relevant third parties in certain circumstances, but we will not sell, rent or trade your Personal Information.
We may share your information with any group companies of ours so that they can provide you with information about our products and services available from them.
Other than reasons as set out in this Policy, we will not sell or disclose your personal data to third parties without obtaining your prior consent unless this is necessary for the purposes set out in this Privacy Policy or unless we are required to do so by law.
Where we store your personal data
All information you provide to us is stored on our secure servers. We use industry-standard security and firewalls on our servers.
We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of your information. Our security procedures mean that we may occasionally request proof of identity before we disclose personal information to you.
Unfortunately, the transmission of information via the Internet is not completely secure.
Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted from your device to the Site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Only authorised personnel have access to your information.
We keep all of your information secure by taking appropriate and proportionate technical and organisational measures against unlawful disclosure, damage or destruction of your data. These measures have been identified through conducting a risk assessment and management processes.
Transfers of Data in Europe
Data protection legislation is harmonised throughout the European Economic Area (‘EEA’) which comprises the EU member states, Norway, Iceland and Liechtenstein. Countries outside the EEA do not generally have the same level of protection for personal information as those within the EEA. We may need to transfer your data in Europe when dealing with you and our agents.
We may in very limited circumstances need to transfer data out of the EEA if you are resident out of this area and we will ensure we do all we can to ensure your personal data is kept secure. In such circumstances, we will treat all data as though it originated in the EEA.
Changes to our privacy notice
We keep our privacy notice under regular review and we will place any updates on this web page. The date this privacy notice was last updated is given at the top of this page.
How to contact us
Please contact us if you have any questions about our privacy notice or information we hold about you via info@windowsofthesoul.art or write to us at: Data Protection Manager, XYZ