Privacy & Security Policy
Our commitment To YOUR Privacy
We at ·ONE·JAM·TART· believe that privacy is not just something that everyone is merely entitled to, but is one of the most fundamental rights you have, and thus we are totally committed to protecting your privacy and we take it as seriously as our love of Star Wars, food & coffee, travel and basketball.
The General Data Protection Regulation 2016/679
The processing of personal data is governed by [the Data Protection Bill/Act 2017 the General Data Protection Regulation 2016/679 (the “GDPR” and other legislation relating to personal data and rights such as the Human Rights Act 1998).
The GDPR, amongst other things, ensures that the data we hold about you should be processed lawfully and fairly. It should be accurate, relevant and not excessive. The information should, where necessary, be kept up to date and not retained for longer than is necessary. It should be kept securely to prevent unauthorized access.
Who are we?
This Privacy Notice is provided to you by One Jam Tart Ltd, which is the data controller for your data.
What personal information do we collect from the awesome people that visit our blog, website or app?
When ordering/registering on our site, as appropriate, you may be asked to enter your name, email address, mailing address, phone number, credit card information or other details to help you with your experience.
The information we hold will be accurate and up to date. You can check the information that we hold about you by emailing us. If you find any inaccuracies we will delete or correct it immediately.
We DON’T Collect/Store Your Credit/Debit Card Details
When do we collect information?
We collect information from you when you place an order, subscribe to a newsletter or enter information on our site.
How long do we keep your personal data?
We will keep some records permanently if we are legally required to do so. We may keep some other records for an extended period of time. For example, it is current best practice to keep financial records for a minimum period of 7 years to support HMRC audits or 6 years for VAT records. In general, we will endeavour to keep data only for as long as we need it. This means that we may delete it when it is no longer needed.
How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
- To complete your order/transactions when placing an order.
- To personalize user's experience and to allow us to deliver the type of content and product offerings in which you are most interested.
- To improve our website in order to better serve you.
- To allow us to better service you in responding to your customer service requests/queries you may raise with us.
- To administer a contest, promotion, survey or other site feature. Please note that this only applies to contests, promotions, surveys or other features that are being run by us – We will not use your information to enter events run by third parties.
- To send periodic emails regarding your order or other products and services.
If we ever sold ·ONE·JAM·TART· (not likely, but just in case)
The data you provide to us may be transferred to any person, firm or company to whom we sell the whole or a substantial part of our business or to whom we transfer any of our rights or obligations under a contract with you.
Please kindly note that disclosures we may make may take place via electronic means and may involve the transfer of personal data relating to you to countries outside the European Economic Area and thus we are unable to guarantee that those countries have in place adequate enough rules relating to data protection and privacy of personal data.
How do we protect visitor information?
Our online store is hosted on Squarespace and we are governed by their security measures. Such security measures include, but are not limited to, storing all user information in secure databases protected via a variety of industry-standard access controls. Secure passwords, disk-based encryption, firewalls, and other measures are in place to protect your data. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
Do we use 'cookies'?
- Help remember and process the items in the shopping cart.
- Understand and save user's preferences for future visits.
- Compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. We may also use trusted third party services that track this information on our behalf.
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Each browser is a little different, so look at your browser's Help menu to learn the correct way to modify your cookies.
If you disable cookies, some features will be disabled, your site experience will be less efficient and some of our services will not function properly. However, you can still place orders.
Third Party Disclosure
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information unless we ask your permission first or provide you with advance notice, otherwise that would just be too creepy. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. For example, we use Mailchimp as our marketing automation platform and Royal Mail as our courier service.
We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property, or safety.
However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
Third party links
We do not include or offer third party products or services on our website.
Google's advertising requirements can be summed up by Google's Advertising Principles. They are put in place to provide a positive experience for users. For more information on Google's Advertising Principles please go here.
Please kindly note that we have not enabled Google AdSense on our site but we may do so in the future.
How does our site handle do not track signals?
We honor do not track signals and do not track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
Does our site allow third party behavioral tracking?
It's also important to note that we allow third party behavioral tracking
Our Commitment To Children’s Privacy
Protecting the privacy of the very young is paramount and for that reason, children are treated differently from adults. Therefore we do not market our products in any way to exploit children, nor do we collect or maintain information at our website from those we actually know are under 12, and no part of our website is structured to specifically market to children under 12.
Should a Data Breach Occur
We will notify the users via email and also via in-site notification within 7 business days.
Privacy and Electronic Communications (EC Directive) Regulations 2003
The piece of legislation sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
- Send information, respond to inquiries, and/or other requests or questions.
- Process orders and to send information and updates pertaining to orders.
- We may also send you additional information related to your product and/or service.
- Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.
To be in accordance with the Privacy and Electronic Communications (EC Directive) Regulations 2003, and more important, not to be annoying, we agree to the following:
- NOT use false, or misleading subjects or email addresses.
- Identify the message as an advertisement in some reasonable way.
- Include the physical address of our business or site headquarters.
- Monitor third party email marketing services for compliance, if one is used.
- Honor opt-out/unsubscribe requests quickly.
- Allow users to unsubscribe by using the link at the bottom of each email.
To unsubscribe from receiving future emails
Please follow the instructions at the bottom of each email and we will promptly remove you from ALL correspondence.