Privacy Policy

Oops a Daisy Privacy Policy

This Privacy Policy describes how and when I collect, use, and share information when you purchase an item from me, contact me, or otherwise use my services through oopsadaisyuk.com, Etsy.com or related sites and services.

This Privacy Policy does not apply to the practices of third parties that I do not own or control, including Etsy, WordPress, Woo Commerce or any third party services you access through any of the above. You can reference their Privacy Policy to learn more about its privacy practices.

Information I Collect:

To fulfil your order, you must provide me with certain information (which you authorised Etsy/WooCommerce to provide to me), such as your name, email address, postal address, payment information, and the details of the product that you’re ordering. You may also choose to provide me with additional personal information (for a custom order, for example), if you contact me directly.

Cookies:

Consent to the use of cookies:

For our website to function properly we use cookies. To obtain your valid consent for the use and storage of cookies in the browser you use to access our website and to properly document this we use a consent management platform: CookieFirst. This technology is provided by Digital Data Solutions BV, Plantage Middenlaan 42a, 1018 DH, Amsterdam, The Netherlands. Website: https://cookiefirst.com referred to as CookieFirst.

When you access our website, a connection is established with CookieFirst’s server to give us the possibility to obtain valid consent from you to the use of certain cookies. CookieFirst then stores a cookie in your browser in order to be able to activate only those cookies to which you have consented and to properly document this. The data processed is stored until the predefined storage period expires or you request to delete the data. Certain mandatory legal storage periods may apply notwithstanding the aforementioned. CookieFirst is used to obtain the legally required consent for the use of cookies. The legal basis for this is article 6(1)(c) of the General Data Protection Regulation (GDPR). Data processing agreement We have concluded a data processing agreement with CookieFirst. This is a contract required by data protection law, which ensures that data of our website visitors is only processed in accordance with our instructions and in compliance with the GDPR.

Server log files:

Our website and CookieFirst automatically collect and store information in so-called server log files, which your browser automatically transmits to us. The following data is collected: -Your consent status or the withdrawal of consent -Your anonymised IP address -Information about your Browser -Information about your Device -The date and time you have visited our website -The webpage url where you saved or updated your consent preferences -The approximate location of the user that saved their consent preference -A universally unique identifier (UUID) of the website visitor that clicked the cookie banner

Why I Need Your Information and How I Use It:

I rely on a number of legal bases to collect, use, and share your information, including:

• as needed to provide my services, such as when I use your information to fulfil your order, to settle disputes, or to provide customer support;
• when you have provided your affirmative consent, which you may revoke at any time, such as by signing up for my mailing list (see info below);
• if necessary to comply with a legal obligation or court order or in connection with a legal claim, such as retaining information about your purchases if required by tax law; and
• as necessary for the purpose of my legitimate interests, if those legitimate interests are not overridden by your rights or interests, such as 1) providing and improving my services. I use your information to provide the services you requested and in my legitimate interest to improve my services; and 2) Compliance with the Etsy Seller/Woo Commerce Policy and Terms of Use. I use your information as necessary to comply with my obligations under the Etsy Seller/Woo Commerce Policy and Terms of Use.

Mailing List:

When signing up to my mailing list via a link on my website Etsy, Facebook or Instagram pages, the personal data you enter will be transferred to my mailing list provider, MailChimp. Further information can be found in Klaviyo’s data processing agreement.

SMS

By checking the SMS consent box and entering your phone number at checkout you consent to receive marketing text messages (such as order updates) from Oops a Daisy at the number provided, including messages sent by autodialer. Consent is not a condition of any purchase. Message and data rates may apply. Message frequency varies. You can unsubscribe at any time by replying STOP or clicking the unsubscribe link (where available) in one of our messages. View our Privacy Policy and Terms of Service.

Information Sharing and Disclosure:

Information about my customers is important to my business. I share your personal information for very limited reasons and in limited circumstances, as follows:

• Etsy. I share information with Etsy as necessary to provide you my services and comply with my obligations under both the Etsy Seller Policy and Etsy Terms of Use.
• Service providers. I engage certain trusted third parties to perform functions and provide services to my shop, such as in rare occasions delivery companies. I will share your personal information with these third parties, but only to the extent necessary to perform these services.
• Business transfers. If I sell or merge my business, I may disclose your information as part of that transaction, only to the extent permitted by law.
• Compliance with laws. I may collect, use, retain, and share your information if I have a good faith belief that it is reasonably necessary to: (a) respond to legal process or to government requests; (b) enforce my agreements, terms and policies; (c) prevent, investigate, and address fraud and other illegal activity, security, or technical issues; or (d) protect the rights, property, and safety of my customers, or others.

Data Retention:

I retain your personal information only for as long as necessary to provide you with my services and as described in my Privacy Policy.

However, I may also be required to retain this information to comply with my legal and regulatory obligations, to resolve disputes, and to enforce my agreements. I generally keep your data for the following time period: 4 years.

Transfers of Personal Information Outside the EU:

I may store and process your information through third-party hosting services in the US and other jurisdictions. As a result, I may transfer your personal information to a jurisdiction with different data protection and government surveillance laws than your jurisdiction. If I am deemed to transfer information about you outside of the EU, I rely on Privacy Shield as the legal basis for the transfer, as Google Cloud is Privacy Shield certified.

Your Rights:>

If you reside in certain territories, including the EU, you have a number of rights in relation to your personal information. While some of these rights apply generally, certain rights apply only in certain limited cases. I describe these rights below:

• Access. You may have the right to access and receive a copy of the personal information I hold about you by contacting me using the contact information below.
• Change, restrict, delete. You may also have rights to change, restrict my use of, or delete your personal information. Absent exceptional circumstances (like where I am required to store data for legal reasons) I will generally delete your personal information upon request.
• Object. You can object to (i) my processing of some of your information based on my legitimate interests and (ii) receiving marketing messages from me after providing your express consent to receive them. In such cases, I will delete your personal information unless I have compelling and legitimate grounds to continue using that information or if it is needed for legal reasons.
• Complain. If you reside in the EU and wish to raise a concern about my use of your information (and without prejudice to any other rights you may have), you have the right to do so with your local data protection authority.

How to Contact Us

For purposes of EU data protection law, I, Joanne Mellor, am the data controller of your personal information.

If you have any questions or concerns, you may contact me at orders@oopsadaisyuk.com.

Alternately, you may mail me at:

Oops a Daisy UK,

Unit D2, Harlow Business Centre,

Lovet Road, Harlow, CM19 5AF