We are committed to respecting the privacy and data rights of visitors to this website. We will only use the information that we collect about you lawfully (in accordance with New GDPR). The lawful process for collecting data is to fulfil our contractual obligations to you. We cannot supply the goods you purchase in any other way, but we will delete your information after the goods have been processed.
The GDPR provides the following rights for individuals:
The right to be informed
The right of access
The right to rectification
The right to erasure
The right to restrict processing
The right to data portability
The right to object
Rights in relation to automated decision making and profiling.
We provide individuals with all the following privacy information:
☐ The name and contact details of our organisation.
☐ The purposes of the processing.
☐ The lawful basis for the processing.
☐ The recipients or categories of recipients of the personal data.
☐ The retention periods for the personal data.
☐ The rights available to individuals in respect of the processing.
☐ The right to withdraw consent (if applicable).
☐ The right to lodge a complaint with a supervisory authority.
☐ The source of the personal data (if the personal data is not obtained from the individual it relates to).
☐ The details of whether individuals are under a statutory or contractual obligation to provide the personal data (if applicable, and if the personal data is collected from the individual it relates to).
Karen Platt is a sole trader, operating the website Karen Platt (referred to as us, we, the website). We take GDPR seriously and our data protection officer is Karen Platt. Data protection measures are in place throughout the processing. We ensure we have a good level of understanding of GDPR and have taken all necessary measures and will review our policy regularly. We have implemented proportionate policies for small businesses in accordance with GDPR.
We respect your right to privacy and will only process personal data you provide to us in accordance with GDPR, the Privacy and Electronic Communications (EC Directive) Regulations 2003 and other applicable privacy laws to specifically fulfil your order. We collect minimum data because payments are made through Paypal, so we only receive your email or address, not your credit card or any other details.
We never share, sell nor buy personal data, nor do we use AI. We do not copy nor transfer data. You are never added to a mailing list. We do not use your data for direct marketing. We do not employ automated individual decision-making nor automated profiling.
If you have any questions about how we collect, store and use personal data, or if you have any other privacy-related questions, please contact us by email, using the contact form. We have one month to respond to your request.
When contacting us, please remember to quote your name and contact details.
The personal data we collect about you
When you visit Karen Platt, we may collect the following personal data about you to fulfil orders:
•your email address and name (if you subscribe to our newsletter);
•your communication preferences
How we may store and use your information securely
By using this website, you give consent that Karen Platt may collect, store and process your personal data:
• with your agreement, to contact you (by e-mail) about your order re fulfilment and dispatch date;
• to provide our goods and services to you;
• for any related purposes, or where we have a legal right or duty to use or disclose your information (including for crime and fraud prevention and related purposes)
We adhere to GDPR to keep secure records up to date and to remove outdated records. We delete records once orders are fulfilled. If we are notified of any breach, we would contact you immediately.
All records are secure and password protected.
Emails and data may be stored on our WooCommerce website and data associated with payment stored by Paypal. This is encrypted and secure. Please read their privacy policies. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
E-mail newsletter preferences and text alerts
We provide you with the ability to control whether or not to receive e-mail newsletters, or to change the types of e-mail newsletters you receive, through our newsletter preference centre.
What are cookies?
Who sets the cookies?
The cookies stored on your computer or other device when you access this website are set by Karen Platt, our suppliers who partner with us to help deliver a high quality website, and other third parties. Some cookies are set by or on behalf of Karen Platt and are necessary to enable customers to use the website fully.
We will never ask you to confirm any account or credit card details via email. Paypal handles all our payments. If you receive an email claiming to be from Karen Platt asking you to do so, please delete it and do not respond.
You have the following rights:
•the right to ask what personal data that we hold about you at any time;
•the right to ask us to update and correct any out-of-date or incorrect personal data that we hold about you free of charge
If you wish to exercise any of the above rights, please contact us using the contact details specified above.
Third party sites
Some third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
For example, if you are located in the U.K. and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
Updates to this policy